I posted before in the general forum (http://www.geekstogo...ow-t275401.html) and by guide of Rorschach I went through the guide and did the first 3 steps into malware removal. (MWB, avast, and rebooting) All of this helped to no avail.
OS: Windows XP Pro SP3
RAM: 3GB
Hey all,
When I recently started my computer this afternoon it booted fine until I reached my desktop, where the computer's processor light was fully bright and I could hear the drive cranking. I saw no processes being started (I only have 4 when the computer is booted) and a virus and malware scan in Safe Mode came up with a few things, but even after scanning and rebooting to normal mode, nothing was changed. The computer is unresponsive after a few minutes of being on the Desktop and I have to hard-shutdown.
Here is my OTL log(s):
OTL.txt
OTL logfile created on: 4/27/2010 8:31:06 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.57 Gb Total Space | 92.19 Gb Free Space | 62.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANONYMOUS
Current User Name: Zach
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/04/27 20:29:33 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/10/20 01:11:52 | 000,616,712 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/07/19 12:00:44 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/04/27 20:29:33 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2009/07/19 11:59:05 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/11/09 20:05:47 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/15 06:56:43 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/09/15 06:56:28 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/09/15 06:54:13 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/09/15 06:49:40 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/04/14 16:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
========== Driver Services (SafeList) ==========
DRV - [2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/11/09 13:12:42 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2009/09/15 06:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/09/15 06:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/09/15 06:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/15 06:54:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/09/15 06:54:21 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/09/15 06:53:24 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/07/26 22:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/19 12:48:36 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iastor86.sys -- (iastor86)
DRV - [2009/06/04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009/03/27 14:23:12 | 000,023,064 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/02/13 18:00:02 | 001,503,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/01/30 17:13:20 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008/10/30 21:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/05/21 12:48:46 | 006,018,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 06:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\pciide.sys -- (PCIIde)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/09 18:01:16 | 004,703,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/12/06 17:41:42 | 000,220,032 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/04/04 08:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {210249CE-F888-11DD-B868-4CB456D89593}:2.1.2
FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.1
FF - prefs.js..network.proxy.backup.ftp: "128.151.65.101"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "128.151.65.101"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "128.151.65.101"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "128.151.65.101"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "66.76.90.0"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "66.76.90.0"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "66.76.90.0"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "66.76.90.0"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "66.76.90.0"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/21 16:24:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/09 09:33:25 | 000,000,000 | ---D | M]
[2009/10/29 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/02/09 18:38:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/10/29 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\songbird@songbirdnest.com
[2010/04/27 20:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\eqlxto9l.default\extensions
[2009/10/28 22:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\eqlxto9l.default\extensions\{210249CE-F888-11DD-B868-4CB456D89593}
[2010/03/16 22:32:54 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\eqlxto9l.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2010/04/27 20:25:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2010/01/07 23:41:53 | 000,000,796 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.2 vb
O1 - Hosts: 127.0.0.3 pma
O1 - Hosts: 127.0.0.4 vb4
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PC Health.lnk = C:\Program Files\TOSHIBA\TOSHIBA Management Console\TOSHealthLocalS.vbs ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.148 24.25.5.147
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/29 00:04:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/11/10 23:07:40 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.
========== Files/Folders - Created Within 90 Days ==========
[2010/04/27 20:29:32 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/04/27 19:52:30 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/04/27 19:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/27 18:13:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/04/25 22:37:45 | 000,000,000 | ---D | C] -- C:\ade
[2010/04/22 18:27:12 | 000,000,000 | ---D | C] -- C:\maps
[2010/04/08 19:40:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data\SecuROM
[2010/04/08 19:28:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2010/04/08 19:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010/04/07 17:27:29 | 000,000,000 | ---D | C] -- C:\sb
[2010/03/25 16:49:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/03/16 18:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/03/16 18:13:33 | 003,341,149 | ---- | C] (Web Solution Mart ) -- C:\setup.exe
[2010/02/28 16:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.sshterm
[2010/02/28 16:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.ssh
[2010/02/28 15:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IDMComp
[2010/02/28 15:58:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\UltraEdit
[2010/02/28 15:57:44 | 000,000,000 | ---D | C] -- C:\ue_english
[2010/02/18 20:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/02/18 20:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2010/02/09 18:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Thunderbird
[2010/02/09 18:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Thunderbird
[2010/02/08 19:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010/02/08 19:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010/02/07 15:27:02 | 000,000,000 | ---D | C] -- C:\Program Files\nMP3amp
[2010/02/01 17:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/10/30 19:14:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
========== Files - Modified Within 90 Days ==========
[2010/04/27 20:29:33 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/04/27 20:14:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/27 20:10:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7A906E8E-E9E6-4F3D-BE23-CC6847C173F5}.job
[2010/04/27 20:09:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/27 20:07:07 | 003,712,656 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/04/27 19:57:23 | 000,699,904 | ---- | M] () -- C:\WINDOWS\is-DP2L3.exe
[2010/04/27 19:57:23 | 000,010,498 | ---- | M] () -- C:\WINDOWS\is-DP2L3.msg
[2010/04/27 19:57:23 | 000,000,399 | ---- | M] () -- C:\WINDOWS\is-DP2L3.lst
[2010/04/27 19:53:29 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/04/27 19:52:31 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/04/27 19:49:27 | 000,000,550 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/27 19:49:27 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/27 19:49:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/04/27 19:28:33 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/04/27 19:28:33 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/04/27 16:34:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/26 22:41:57 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\PUTTY.RND
[2010/04/25 18:09:24 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/04/17 17:47:38 | 000,030,916 | ---- | M] () -- C:\gs.png
[2010/04/17 14:40:26 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/14 16:29:42 | 000,030,792 | ---- | M] () -- C:\apr-14-vps.pdf
[2010/04/13 22:13:05 | 000,045,229 | ---- | M] () -- C:\book.jpg
[2010/04/11 22:53:28 | 000,232,699 | ---- | M] () -- C:\seatbelt.png
[2010/04/11 22:52:56 | 000,028,686 | ---- | M] () -- C:\car.jpg
[2010/04/08 19:56:47 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/08 18:00:42 | 000,095,669 | ---- | M] () -- C:\nicks.png
[2010/04/06 15:29:52 | 001,296,041 | ---- | M] () -- C:\IMG_2702.JPG
[2010/04/06 15:06:50 | 001,372,314 | ---- | M] () -- C:\IMG_2700.JPG
[2010/04/06 10:51:13 | 001,503,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/05 20:19:58 | 000,040,920 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/04 15:47:13 | 000,087,442 | ---- | M] () -- C:\colors.png
[2010/04/02 21:32:54 | 000,113,122 | ---- | M] () -- C:\desirawr.png
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/28 18:04:06 | 000,000,525 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\mIRC.lnk
[2010/03/24 21:24:59 | 000,001,759 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HALF-LIFE 2 SMOD.lnk
[2010/03/24 21:24:35 | 000,002,207 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2010/03/23 17:58:28 | 000,125,567 | ---- | M] () -- C:\screen.png
[2010/03/20 10:54:38 | 000,036,241 | ---- | M] () -- C:\camels.jpg
[2010/03/19 17:37:01 | 000,001,879 | ---- | M] () -- C:\ud.ini
[2010/03/16 18:14:14 | 003,341,149 | ---- | M] (Web Solution Mart ) -- C:\setup.exe
[2010/03/14 12:07:17 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/14 12:07:17 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/14 12:07:17 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/12 17:33:51 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\ban.bat
[2010/03/09 21:38:08 | 001,208,546 | ---- | M] () -- C:\sugar2.jpg
[2010/03/09 21:33:20 | 001,257,041 | ---- | M] () -- C:\sugar.jpg
[2010/03/07 23:10:15 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Portal Prelude.lnk
[2010/03/05 23:15:07 | 000,137,145 | ---- | M] () -- C:\utorrent.png
[2010/03/03 19:06:38 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Hitman 2 Silent Assassin.lnk
[2010/03/02 20:25:56 | 000,707,637 | ---- | M] () -- C:\bamboo.jpg
[2010/03/01 18:25:54 | 000,180,979 | ---- | M] () -- C:\duck.jpg
[2010/02/27 18:46:18 | 000,004,425 | ---- | M] () -- C:\vizio.png
[2010/02/27 18:33:21 | 000,761,161 | ---- | M] () -- C:\explosion.png
[2010/02/27 16:12:29 | 000,044,155 | ---- | M] () -- C:\ircd.png
[2010/02/24 21:26:05 | 000,163,902 | ---- | M] () -- C:\mockup.jpg
[2010/02/21 18:15:58 | 000,055,825 | ---- | M] () -- C:\comic.jpg
[2010/02/21 18:14:00 | 000,028,346 | ---- | M] () -- C:\WINDOWS\comic.png
[2010/02/21 18:13:08 | 000,028,346 | ---- | M] () -- C:\WINDOWS\comic.jpg
[2010/02/21 12:18:14 | 000,109,175 | ---- | M] () -- C:\WINDOWS\1241099397.jpg
[2010/02/18 23:55:08 | 000,042,508 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\NCIS Season 1 Episodes (1-23) Complete.torrent
[2010/02/18 20:57:49 | 000,310,895 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\House MD Season 1.torrent
[2010/02/07 19:12:13 | 000,086,809 | ---- | M] () -- C:\woah.png
[2010/02/01 21:28:25 | 000,000,039 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences.dat
[2010/01/30 01:40:32 | 000,544,264 | ---- | M] () -- C:\AMIP-2.67.exe
========== Files Created - No Company Name ==========
[2010/04/27 19:57:23 | 000,699,904 | ---- | C] () -- C:\WINDOWS\is-DP2L3.exe
[2010/04/27 19:57:23 | 000,010,498 | ---- | C] () -- C:\WINDOWS\is-DP2L3.msg
[2010/04/27 19:57:23 | 000,000,399 | ---- | C] () -- C:\WINDOWS\is-DP2L3.lst
[2010/04/27 19:54:40 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2010/04/27 19:53:28 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/04/17 17:47:38 | 000,030,916 | ---- | C] () -- C:\gs.png
[2010/04/14 16:29:42 | 000,030,792 | ---- | C] () -- C:\apr-14-vps.pdf
[2010/04/13 22:13:05 | 000,045,229 | ---- | C] () -- C:\book.jpg
[2010/04/11 22:53:28 | 000,232,699 | ---- | C] () -- C:\seatbelt.png
[2010/04/11 22:52:56 | 000,028,686 | ---- | C] () -- C:\car.jpg
[2010/04/08 18:00:42 | 000,095,669 | ---- | C] () -- C:\nicks.png
[2010/04/06 15:19:40 | 001,296,041 | ---- | C] () -- C:\IMG_2702.JPG
[2010/04/06 14:57:11 | 001,372,314 | ---- | C] () -- C:\IMG_2700.JPG
[2010/04/04 15:46:49 | 000,087,442 | ---- | C] () -- C:\colors.png
[2010/04/02 21:31:43 | 000,113,122 | ---- | C] () -- C:\desirawr.png
[2010/03/28 18:01:13 | 000,000,525 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\mIRC.lnk
[2010/03/28 17:58:26 | 000,001,879 | ---- | C] () -- C:\ud.ini
[2010/03/24 21:24:59 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HALF-LIFE 2 SMOD.lnk
[2010/03/23 17:58:28 | 000,125,567 | ---- | C] () -- C:\screen.png
[2010/03/20 10:54:37 | 000,036,241 | ---- | C] () -- C:\camels.jpg
[2010/03/12 17:33:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\ban.bat
[2010/03/09 21:38:07 | 001,208,546 | ---- | C] () -- C:\sugar2.jpg
[2010/03/09 21:33:19 | 001,257,041 | ---- | C] () -- C:\sugar.jpg
[2010/03/07 23:10:15 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Portal Prelude.lnk
[2010/03/05 23:15:07 | 000,137,145 | ---- | C] () -- C:\utorrent.png
[2010/03/03 18:23:52 | 000,001,623 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Hitman 2 Silent Assassin.lnk
[2010/03/02 20:24:19 | 000,707,637 | ---- | C] () -- C:\bamboo.jpg
[2010/03/01 18:25:54 | 000,180,979 | ---- | C] () -- C:\duck.jpg
[2010/02/27 18:34:18 | 000,004,425 | ---- | C] () -- C:\vizio.png
[2010/02/27 18:33:21 | 000,761,161 | ---- | C] () -- C:\explosion.png
[2010/02/27 16:12:29 | 000,044,155 | ---- | C] () -- C:\ircd.png
[2010/02/24 21:24:58 | 000,163,902 | ---- | C] () -- C:\mockup.jpg
[2010/02/21 18:14:22 | 000,055,825 | ---- | C] () -- C:\comic.jpg
[2010/02/21 18:14:00 | 000,028,346 | ---- | C] () -- C:\WINDOWS\comic.png
[2010/02/21 18:13:08 | 000,028,346 | ---- | C] () -- C:\WINDOWS\comic.jpg
[2010/02/21 12:18:14 | 000,109,175 | ---- | C] () -- C:\WINDOWS\1241099397.jpg
[2010/02/20 00:16:09 | 000,042,508 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\NCIS Season 1 Episodes (1-23) Complete.torrent
[2010/02/19 23:31:13 | 000,544,264 | ---- | C] () -- C:\AMIP-2.67.exe
[2010/02/18 20:58:16 | 000,310,895 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\House MD Season 1.torrent
[2010/02/07 19:12:13 | 000,086,809 | ---- | C] () -- C:\woah.png
[2009/12/01 22:10:41 | 002,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009/11/26 09:55:55 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/11/11 19:04:57 | 000,000,275 | ---- | C] () -- C:\WINDOWS\pwc61su.INI
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/10/31 11:57:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TOSMgmt.dll
[2009/10/30 19:14:52 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2009/10/29 18:39:39 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2009/10/29 18:12:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/29 00:12:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/29 00:12:32 | 002,402,304 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/10/29 00:12:32 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/10/29 00:12:32 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/10/29 00:12:31 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/10/29 00:12:30 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/29 00:12:30 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/07/19 12:11:41 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2009/11/20 22:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2010/02/08 19:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/11/15 22:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/11/22 17:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/12/01 00:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010/01/24 21:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2010/01/12 19:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 09:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/04/05 17:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dev-Cpp
[2010/04/26 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FileZilla
[2009/10/29 00:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Foxit
[2009/11/20 20:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\My Games
[2009/11/15 22:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
[2009/11/10 20:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nexon
[2009/10/29 17:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Publish Providers
[2009/11/22 17:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sandlot Games
[2009/12/01 00:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Screaming Bee
[2009/10/29 16:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Songbird2
[2009/10/30 20:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sony
[2009/11/04 09:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Subversion
[2010/01/05 21:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2009/12/05 19:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2010/02/09 18:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird
[2010/04/26 17:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2009/10/29 17:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinBatch
[2010/04/27 20:10:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7A906E8E-E9E6-4F3D-BE23-CC6847C173F5}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/12/09 08:24:01 | 000,000,960 | ---- | M] () -- C:\aaw7boot.log
[2009/12/08 17:29:19 | 077,086,488 | ---- | M] (Lavasoft ) -- C:\Ad-AwareInstallation.exe
[2010/01/30 01:40:32 | 000,544,264 | ---- | M] () -- C:\AMIP-2.67.exe
[2010/04/14 16:29:42 | 000,030,792 | ---- | M] () -- C:\apr-14-vps.pdf
[2009/10/29 00:04:59 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/02 20:25:56 | 000,707,637 | ---- | M] () -- C:\bamboo.jpg
[2010/01/15 01:09:51 | 000,000,324 | ---- | M] () -- C:\bar1.png
[2010/01/15 01:10:23 | 000,000,393 | ---- | M] () -- C:\bar2.png
[2009/12/25 10:22:24 | 000,608,256 | ---- | M] () -- C:\blackra1n.exe
[2010/01/22 20:02:01 | 000,003,324 | ---- | M] () -- C:\blackra1n.log
[2010/04/13 22:13:05 | 000,045,229 | ---- | M] () -- C:\book.jpg
[2010/04/27 19:49:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/20 10:54:38 | 000,036,241 | ---- | M] () -- C:\camels.jpg
[2010/04/11 22:52:56 | 000,028,686 | ---- | M] () -- C:\car.jpg
[2010/01/14 23:27:35 | 000,301,238 | ---- | M] () -- C:\classic.png
[2010/01/03 02:22:16 | 000,025,952 | ---- | M] () -- C:\clouds.png
[2010/04/04 15:47:13 | 000,087,442 | ---- | M] () -- C:\colors.png
[2010/02/21 18:15:58 | 000,055,825 | ---- | M] () -- C:\comic.jpg
[2009/10/29 00:04:59 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/02 01:28:37 | 000,040,832 | ---- | M] () -- C:\debug.png
[2010/04/02 21:32:54 | 000,113,122 | ---- | M] () -- C:\desirawr.png
[2009/12/29 17:22:36 | 000,420,019 | ---- | M] () -- C:\desktop.png
[2010/01/09 23:46:17 | 001,204,767 | ---- | M] () -- C:\Difuse.mp3
[2010/03/01 18:25:54 | 000,180,979 | ---- | M] () -- C:\duck.jpg
[2010/01/02 02:43:33 | 000,248,591 | ---- | M] () -- C:\dxdiag.png
[2010/02/27 18:33:21 | 000,761,161 | ---- | M] () -- C:\explosion.png
[2010/04/17 17:47:38 | 000,030,916 | ---- | M] () -- C:\gs.png
[2010/04/27 19:37:40 | 000,006,361 | ---- | M] () -- C:\hijackthis.log
[2010/04/06 15:06:50 | 001,372,314 | ---- | M] () -- C:\IMG_2700.JPG
[2010/04/06 15:29:52 | 001,296,041 | ---- | M] () -- C:\IMG_2702.JPG
[2010/01/03 11:46:02 | 000,000,238 | ---- | M] () -- C:\index.html
[2009/10/29 00:04:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/13 19:09:27 | 000,000,754 | -H-- | M] () -- C:\IPH.PH
[2010/02/27 16:12:29 | 000,044,155 | ---- | M] () -- C:\ircd.png
[2010/02/24 21:26:05 | 000,163,902 | ---- | M] () -- C:\mockup.jpg
[2009/10/29 00:04:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/08 18:00:42 | 000,095,669 | ---- | M] () -- C:\nicks.png
[2009/12/29 17:18:22 | 000,124,477 | ---- | M] () -- C:\nplus.png
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/27 20:14:06 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/11/25 13:54:46 | 000,454,656 | ---- | M] (Simon Tatham) -- C:\putty.exe
[2010/03/23 17:58:28 | 000,125,567 | ---- | M] () -- C:\screen.png
[2010/04/11 22:53:28 | 000,232,699 | ---- | M] () -- C:\seatbelt.png
[2010/03/16 18:14:14 | 003,341,149 | ---- | M] (Web Solution Mart ) -- C:\setup.exe
[2009/12/29 17:37:59 | 000,013,869 | ---- | M] () -- C:\side.png
[2009/12/29 17:20:30 | 000,407,929 | ---- | M] () -- C:\ss.png
[2010/01/13 20:45:39 | 000,176,184 | ---- | M] () -- C:\stars.jpg
[2010/03/09 21:33:20 | 001,257,041 | ---- | M] () -- C:\sugar.jpg
[2010/03/09 21:38:08 | 001,208,546 | ---- | M] () -- C:\sugar2.jpg
[2010/01/03 02:30:10 | 000,046,037 | ---- | M] () -- C:\think.png
[2010/03/19 17:37:01 | 000,001,879 | ---- | M] () -- C:\ud.ini
[2010/03/05 23:15:07 | 000,137,145 | ---- | M] () -- C:\utorrent.png
[2010/02/27 18:46:18 | 000,004,425 | ---- | M] () -- C:\vizio.png
[2010/02/07 19:12:13 | 000,086,809 | ---- | M] () -- C:\woah.png
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009/11/10 17:50:17 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/11/09 23:57:26 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2009/11/10 17:50:17 | 021,757,952 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/11/10 17:50:17 | 004,718,592 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
Extras.txt
OTL Extras logfile created on: 4/27/2010 8:31:06 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.57 Gb Total Space | 92.19 Gb Free Space | 62.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANONYMOUS
Current User Name: Zach
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3306:TCP" = 3306:TCP:*:Enabled:MySQL Server
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\OpinionSquare\opnsqr.exe" = C:\Program Files\OpinionSquare\opnsqr.exe:*:Enabled:opnsqr.exe -- File not found
"C:\hl2\hl2.exe" = C:\hl2\hl2.exe:*:Enabled:Half-Life_2 -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- File not found
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Valve\Garry's Mod\hl2.exe" = C:\Program Files\Valve\Garry's Mod\hl2.exe:*:Enabled:Garry's_Mod -- ()
"C:\Program Files\Valve\Garry's Mod\srcds.exe" = C:\Program Files\Valve\Garry's Mod\srcds.exe:*:Enabled:Garry's_Mod_Dedicated_Server -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\hitman2.exe" = C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\hitman2.exe:*:Enabled:Hitman 2: Silent Assassin -- (IO Interactive)
"C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\config.exe" = C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\config.exe:*:Enabled:Hitman 2: Silent Assassin -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07F58BB0-50D4-4477-B491-A97B2AD059B6}" = TOSHIBA Hotkey Utility
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19AFC1C2-B11B-3FFF-9C9F-05761BC244D9}" = Windows SDK Intellidocs
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java™ 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{32A3A4F4-B792-11D6-A78A-00B0D0160160}" = Java™ SE Development Kit 6 Update 16
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{44D9A2CB-0692-3180-B5E2-26F4E807D067}" = Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48FE73F3-4C3A-4871-BCD0-A7726A08BD64}" = Hex Workshop v6
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C518CC0-5CF1-481B-AB35-9BE5024DC106}" = Microsoft Windows SDK MDAC Headers and Libraries (6001.18000.367)
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6ED32BB5-56B6-4317-A2D1-98A8313C3BAF}" = Microsoft Windows SDK for Windows Server 2008 (6001.18000.367)
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E5B3FDE-62E1-4391-BBA0-0E4242AD9577}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (6001.18000.367)
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = TOSHIBA Power Saver
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9BAED673-5D51-481E-B1E0-FB2E5039260B}" = Microsoft Windows SDK Intellisense and Reference Assemblies (6001.18000.367)
"{9C19FFB1-25FC-43FC-AC78-919E5E2A6DD0}" = TortoiseSVN 1.6.6.17493 (32 bit)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}" = Microsoft Speech SDK 5.1
"{A431744A-553F-4FC0-AF91-BCA47C7E0949}" = Microsoft Windows SDK for Windows Server 2008 Headers and Libraries (6001.18000.367)
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B46C272F-8B7A-402A-9915-8B0463F035DC}" = Microsoft Windows SDK for Windows Server 2008 Utilities for Win32 Development (6001.18000.367)
"{B7EC89B3-2B8C-44A9-815C-135F391068B0}" = Microsoft Windows SDK for Windows Server 2008 Common Utilities (6001.18000.367)
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBCBA2A0-F0E5-4EA8-AAC0-CF1DC592221E}" = Microsoft VC Redist 2008 (6001.18000.367)
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C02A6D5F-0FE1-46DE-B483-2BD33A226BCF}" = TOSHIBA TouchPad ON/Off Utility
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CD590618-36BD-0710-AC86-F3B3C4AF201E}" = Microsoft Windows SDK .NET Framework Tools
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2CBF3FE-A24F-40DF-B25D-8C9E05F0CD63}" = UltraEdit 15.20
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AMIP" = AMIP (remove only)
"AMIPConfigurator" = AMIPConfigurator (remove only)
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FileZilla Client" = FileZilla Client 3.2.8.1
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Silverlight" = Microsoft Silverlight
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"mIRC" = mIRC
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"nMP3amp" = nMP3amp (remove only)
"Notepad++" = Notepad++
"PowerISO" = PowerISO
"QuicktimeAlt_is1" = QuickTime Alternative 2.9.0
"SDKSetup_6.0.6001.18000" = Microsoft Windows SDK for Windows Server 2008 (6001.18000.367)
"Steam App 211" = Source SDK
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 6850" = Hitman 2: Silent Assassin
"Steam App 70" = Half-Life
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"TOSHIBA Management Console" = TOSHIBA Management Console Version 3.5 (3.5.2)
"uTorrent" = µTorrent
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Half-Life 2" = Half-Life 2
"MLQTSource" = MediaLooks QuickTime Source 1.7.0.13 (DirectShow Filter)
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 11/4/2009 9:51:38 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://suggestquerie...te/...k al&cp=7
failed, 0000A413.
Error - 11/9/2009 9:31:11 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://clients1.goog...h...gener&cp=18
failed, 0000A413.
Error - 11/10/2009 5:17:39 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://gmx.com/callg...e=1257887859707
failed, 0000A413.
Error - 4/27/2010 6:52:22 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.
[ Application Events ]
Error - 4/6/2010 10:51:19 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/7/2010 10:02:33 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/8/2010 10:44:01 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/8/2010 8:00:20 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/9/2010 9:31:48 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/9/2010 1:05:30 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/10/2010 3:08:41 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/12/2010 4:13:00 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/13/2010 4:23:33 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
Error - 4/14/2010 4:18:42 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .
[ System Events ]
Error - 4/27/2010 7:37:40 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 4/27/2010 7:37:40 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 4/27/2010 7:41:00 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 4/27/2010 7:46:22 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 4/27/2010 7:46:34 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
Error - 4/27/2010 7:46:40 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
Error - 4/27/2010 7:49:12 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 4/27/2010 7:54:31 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 4/27/2010 8:14:43 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 4/27/2010 8:15:57 PM | Computer Name = ANONYMOUS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSP atapi Fips intelppm PCIIde SCDEmu
< End of report >
Edited by sheppardzwc, 27 April 2010 - 07:42 PM.