Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Freezes every 5-10 minutes

Started by Helenster , Apr 06 2009 01:00 AM

  • Please log in to reply

#1
Helenster
Posted 06 April 2009 - 01:00 AM

Helenster

    New Member

  • Member
  • Pip
  • 2 posts
Hello. I have a Windows XP 2002 with SP2. My computer has been randomly freezing every 5-10 minutes even if I'm on idle. I've tried running in safe mode, but it still freezes. The only way I can turn my computer off is by holding onto the power button. It's impossible to scan for malware because my computer can't hold up for that long. Could there be a possible virus?

Here's my OTListIt logs:
OTListIt logfile created on: 4/5/2009 11:25:14 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.11.0 Folder = C:\Documents and Settings\Helen\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 584.07 Mb Available Physical Memory | 57.07% Memory free
2.41 Gb Paging File | 2.07 Gb Available in Paging File | 85.94% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 141.01 Gb Free Space | 91.94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HELEN
Current User Name: Helen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\COMODO\SafeSurf\cssurf.exe (COMODO)
PRC - C:\Program Files\COMODO\Firewall\cfp.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\COMODO\Firewall\cmdagent.exe ()
PRC - C:\Program Files\AIM6\aim6.exe (AOL LLC)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\AIM6\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Helen\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8emc [Auto | Stopped]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Avgt_as [On_Demand | Stopped]) -- File not found
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (cmdAgent [Auto | Running]) -- C:\Program Files\COMODO\Firewall\cmdagent.exe ()
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
SRV - (wampmysqld [On_Demand | Stopped]) -- File not found

========== Driver Services (SafeList) ==========

DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Cdr4_xp [System | Running]) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (Cdralw2k [System | Running]) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (cmdGuard [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmdHlp [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hamachi [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (Inspect [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (MBAMSwissArmy [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (motccgp [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motccgp.sys (Motorola)
DRV - (motccgpfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motccgpfl.sys (Motorola)
DRV - (MotDev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motodrv.sys (Motorola Inc)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys ()

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.myspace.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/02/07 01:17:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/23 21:53:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/29 21:11:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/29 21:11:39 | 00,000,000 | ---D | M]

[2008/07/10 23:58:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Helen\Application Data\mozilla\Extensions
[2008/07/10 23:58:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Helen\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/04 13:03:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Helen\Application Data\mozilla\Firefox\Profiles\ul81o9i1.default\extensions
[2008/12/26 23:25:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Helen\Application Data\mozilla\Firefox\Profiles\ul81o9i1.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/01/10 22:21:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Helen\Application Data\mozilla\Firefox\Profiles\ul81o9i1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/04 13:03:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/29 21:11:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/23 21:53:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/30 20:59:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/29 21:11:31 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/29 21:11:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/08 20:52:09 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/02/08 20:52:09 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/02/08 20:52:09 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/02/08 20:52:09 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/02/08 20:52:09 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/08 20:52:09 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/02/08 20:52:10 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (304742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10497 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h ()
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h ()
O4 - HKLM..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s (COMODO)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll ()
O20 - AppInit_DLLs: (C:\WINDOWS\system32\cssdll32.dll) - C:\WINDOWS\system32\cssdll32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/04/05 09:36:22 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/04 14:23:15 | 00,499,200 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Helen\Desktop\OTListIt2.exe
[2009/04/04 14:23:03 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Rooter.exe
[2009/03/30 23:59:59 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/30 20:58:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/03/30 13:05:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Helen\Application Data\Malwarebytes
[2009/03/30 13:05:02 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/30 13:05:02 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/30 13:04:59 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/30 13:04:57 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/30 13:04:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/30 13:04:00 | 02,906,232 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Helen\Desktop\mbam-setup.exe
[2009/03/26 01:39:58 | 00,448,052 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Jason Mraz - Lucky.mp3
[2009/03/26 01:04:32 | 00,102,648 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\New.mp3
[2009/03/23 23:56:06 | 06,320,244 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\DAY26 - Stadium Music.mp3
[2009/03/23 22:38:21 | 05,595,890 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\The Dream - My Love (Feat. Mariah Carey).mp3
[2009/03/23 22:38:16 | 02,189,280 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Metro Station - Seventeen Forever.mp3
[2009/03/23 22:38:11 | 03,530,969 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Se7en - Them Girls (Feat. Lil Kim).mp3
[2009/03/23 22:37:52 | 02,606,613 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Stereo Skyline - Heartbeat.mp3
[2009/03/22 23:17:06 | 00,001,126 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\fafsaa.rtf
[2009/03/15 22:41:52 | 07,610,783 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Utada Hikaru - Come Back to Me.mp3
[2009/03/15 22:25:56 | 00,000,628 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\college id.rtf
[2009/03/14 01:20:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Helen\Desktop\[www.RnB4U.in]10.03.09(2)
[2009/03/11 02:00:07 | 02,260,263 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Escape the Fate - Situations.MP3
[2009/03/11 01:57:14 | 02,412,610 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\The White Tie Affair - Take It Home.MP3
[2009/03/11 01:53:03 | 02,766,516 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Framing Hanley - Alone in This Bed Capeside.MP3
[2009/03/11 01:49:46 | 02,474,676 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\PANIC! at the Disco - But It's Better If You Do.MP3
[2009/03/11 01:45:43 | 02,234,873 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\All Time Low - Poppin' Video Mix.MP3
[2009/03/11 01:43:04 | 02,177,820 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\All Time Low - Coffee Shop Soundtrack.mp3
[2009/03/11 01:40:18 | 03,553,325 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Owl City - The Saltwater Room.mp3
[2009/03/11 01:35:17 | 02,647,085 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\New Found Glory - My Friends Over You.mp3
[2009/03/11 01:32:15 | 01,700,407 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\New Found Glory - Dig My Own Grave.mp3
[2009/03/11 00:12:45 | 02,840,955 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Owl City - Hello Seattle.mp3
[2009/03/11 00:12:40 | 02,786,730 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\The Maine - The Way We Talk.mp3
[2009/03/11 00:10:51 | 08,898,551 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Fall Out Boy - America's Suitehearts.mp3
[2009/03/11 00:10:28 | 04,480,082 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\Jesse McCartney - How Do You Sleep (Feat. Ludacris).mp3
[2009/03/10 22:58:20 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/03/09 23:01:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Helen\Desktop\NDS R4
[2009/03/08 22:25:31 | 00,152,832 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\kdk_0644.jpg
[2009/03/08 22:25:19 | 00,229,912 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\kdk_0643.jpg
[2009/03/08 22:25:05 | 00,226,299 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\kdk_0571.jpg
[2009/03/08 22:24:52 | 00,193,458 | ---- | C] () -- C:\Documents and Settings\Helen\Desktop\kdk_0565.jpg
[2008/09/23 02:14:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\RingtoneMaker.INI
[2008/09/23 01:58:46 | 00,005,729 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/08/06 00:45:24 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/07/16 00:30:10 | 01,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2008/07/11 16:19:29 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/07/11 02:04:37 | 00,143,096 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2008/07/10 23:40:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/07/10 23:38:49 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/07/10 23:38:49 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/07/10 23:38:04 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/07/10 23:38:04 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/07/10 23:37:19 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/07/10 23:37:18 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/07/10 16:31:15 | 00,458,340 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/07/10 16:31:14 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 05:00:00 | 01,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2004/08/04 05:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2004/08/04 05:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004/08/04 05:00:00 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2004/08/04 05:00:00 | 00,498,205 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2004/08/04 05:00:00 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2004/08/04 05:00:00 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2004/08/04 05:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004/08/04 05:00:00 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2004/08/04 05:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2004/08/04 05:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2004/08/04 05:00:00 | 00,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004/08/04 05:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2004/08/04 05:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004/08/04 05:00:00 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2004/08/04 05:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004/08/04 05:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2004/08/04 05:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004/08/04 05:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004/08/04 05:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004/08/04 05:00:00 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2004/08/04 05:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004/08/04 05:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004/08/04 05:00:00 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004/08/04 05:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2004/08/04 05:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2004/08/04 05:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2004/08/04 05:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2004/08/04 05:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2004/08/04 05:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/04 05:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2004/08/04 05:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2004/08/04 05:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004/08/04 05:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2004/08/04 05:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2004/08/04 05:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2004/08/04 05:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2004/08/04 05:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2004/08/04 05:00:00 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2004/08/04 05:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2004/08/04 05:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2004/08/04 05:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2004/08/04 05:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2004/08/04 05:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2004/08/04 05:00:00 | 00,000,498 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 05:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2004/08/04 05:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/14 07:00:01 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2001/08/17 15:36:28 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/04/05 11:24:24 | 00,013,692 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/05 11:24:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/05 11:24:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/05 11:24:18 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/05 09:32:31 | 00,304,742 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/04/05 09:30:43 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/05 09:30:43 | 00,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/05 09:30:43 | 00,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/05 02:22:27 | 00,004,368 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\1 Up.mp3
[2009/04/05 02:10:38 | 03,233,430 | -H-- | M] () -- C:\Documents and Settings\Helen\Local Settings\Application Data\IconCache.db
[2009/04/04 14:26:05 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\CCleaner.lnk
[2009/04/04 14:23:15 | 00,499,200 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Helen\Desktop\OTListIt2.exe
[2009/04/04 14:23:04 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Rooter.exe
[2009/04/04 12:52:13 | 00,448,052 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Jason Mraz - Lucky.mp3
[2009/03/30 21:21:24 | 00,304,354 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090405-093231.backup
[2009/03/30 13:05:02 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/30 13:04:01 | 02,906,232 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Helen\Desktop\mbam-setup.exe
[2009/03/27 23:13:41 | 00,102,648 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\New.mp3
[2009/03/27 23:11:25 | 34,514,253 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/27 23:11:25 | 00,070,671 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/26 17:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 17:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/24 01:01:44 | 00,303,552 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090330-202124.backup
[2009/03/24 00:06:29 | 06,320,244 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\DAY26 - Stadium Music.mp3
[2009/03/23 23:56:45 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\fdsa.rtf
[2009/03/23 23:55:24 | 03,530,969 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Se7en - Them Girls (Feat. Lil Kim).mp3
[2009/03/23 22:50:52 | 02,189,280 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Metro Station - Seventeen Forever.mp3
[2009/03/23 22:49:48 | 05,595,890 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\The Dream - My Love (Feat. Mariah Carey).mp3
[2009/03/23 22:45:58 | 02,606,613 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Stereo Skyline - Heartbeat.mp3
[2009/03/23 22:45:12 | 07,610,783 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Utada Hikaru - Come Back to Me.mp3
[2009/03/22 23:17:06 | 00,001,126 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\fafsaa.rtf
[2009/03/20 00:16:21 | 00,000,206 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\college.rtf
[2009/03/15 23:46:57 | 00,000,628 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\college id.rtf
[2009/03/11 02:14:24 | 02,260,263 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Escape the Fate - Situations.MP3
[2009/03/11 01:58:01 | 02,412,610 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\The White Tie Affair - Take It Home.MP3
[2009/03/11 01:53:37 | 02,766,516 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Framing Hanley - Alone in This Bed Capeside.MP3
[2009/03/11 01:50:46 | 02,474,676 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\PANIC! at the Disco - But It's Better If You Do.MP3
[2009/03/11 01:46:33 | 02,234,873 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\All Time Low - Poppin' Video Mix.MP3
[2009/03/11 01:43:42 | 02,177,820 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\All Time Low - Coffee Shop Soundtrack.mp3
[2009/03/11 01:41:10 | 03,553,325 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Owl City - The Saltwater Room.mp3
[2009/03/11 01:36:05 | 02,647,085 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\New Found Glory - My Friends Over You.mp3
[2009/03/11 01:33:39 | 01,700,407 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\New Found Glory - Dig My Own Grave.mp3
[2009/03/11 00:16:45 | 08,898,551 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Fall Out Boy - America's Suitehearts.mp3
[2009/03/11 00:16:00 | 02,840,955 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Owl City - Hello Seattle.mp3
[2009/03/11 00:13:29 | 02,786,730 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\The Maine - The Way We Talk.mp3
[2009/03/11 00:12:19 | 04,480,082 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\Jesse McCartney - How Do You Sleep (Feat. Ludacris).mp3
[2009/03/10 22:47:56 | 00,303,072 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090324-000144.backup
[2009/03/10 21:53:05 | 00,002,453 | ---- | M] () -- C:\Documents and Settings\Helen\My Documents\Songs.rtf
[2009/03/08 22:25:31 | 00,152,832 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\kdk_0644.jpg
[2009/03/08 22:25:19 | 00,229,912 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\kdk_0643.jpg
[2009/03/08 22:25:05 | 00,226,299 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\kdk_0571.jpg
[2009/03/08 22:24:53 | 00,193,458 | ---- | M] () -- C:\Documents and Settings\Helen\Desktop\kdk_0565.jpg
< End of report >

OTListIt Extras logfile created on: 4/5/2009 11:25:15 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.11.0 Folder = C:\Documents and Settings\Helen\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 584.07 Mb Available Physical Memory | 57.07% Memory free
2.41 Gb Paging File | 2.07 Gb Available in Paging File | 85.94% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 141.01 Gb Free Space | 91.94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HELEN
Current User Name: Helen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM (AOL LLC)
C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Shipping Assistant 3.5
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 13
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{61DE738B-CA77-4B59-B9D3-67226BB7DCE3}" = Motorola Software Update
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{E8F728D0-C3F0-42EB-BBC2-C4A38A577CB1}" = Motorola Phone Tools
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FE4EBAAB-E02A-455E-A814-3B5881885030}_is1" = Mobile Ringtone Converter 2.3.45
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_6" = AIM 6
"AVG8Uninstall" = AVG Free 8.0
"CCleaner" = CCleaner (remove only)
"COMODO Firewall Pro" = COMODO Firewall Pro
"COMODO SafeSurf" = COMODO SafeSurf
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"LimeWire" = LimeWire 4.18.8
"MAGIX Ringtone Maker 2 silver US" = MAGIX Ringtone Maker 2 silver (US)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/31/2009 11:51:50 AM | Computer Name = HELEN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/31/2009 11:51:50 AM | Computer Name = HELEN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 3/31/2009 11:51:55 AM | Computer Name = HELEN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/31/2009 11:51:55 AM | Computer Name = HELEN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

[ System Events ]
Error - 4/5/2009 1:26:15 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The Avgt_as service failed to start due to the following error: %%3

Error - 4/5/2009 1:26:15 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 4/5/2009 1:38:01 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The Avgt_as service failed to start due to the following error: %%3

Error - 4/5/2009 1:38:01 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 4/5/2009 1:48:00 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The Avgt_as service failed to start due to the following error: %%3

Error - 4/5/2009 1:48:00 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 4/5/2009 1:59:32 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The Avgt_as service failed to start due to the following error: %%3

Error - 4/5/2009 1:59:32 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 4/5/2009 2:24:43 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The Avgt_as service failed to start due to the following error: %%3

Error - 4/5/2009 2:24:43 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3


< End of report >


Here's my Rooter log:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 2

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:157057 Mo/Free:1006 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)

Sun 04/05/2009| 9:45

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\COMODO\SafeSurf\cssurf.exe
--Locked-- cmdagent.exe
--Locked-- cfp.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\WINDOWS\SOUNDMAN.EXE
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\wdfmgr.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\AIM6\aim6.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wscntfy.exe
---------- C:\Program Files\AIM6\aolsoftware.exe
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\WINDOWS\system32\control.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sun 04/05/2009| 9:46
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP