Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

virus causing internet dropping?


  • This topic is locked This topic is locked
34 replies to this topic

#1 vegasripper2004

vegasripper2004

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 18 February 2009 - 11:31 AM

ive looked at other possible reasons. ive done scans with my trendmicro, then i downloaded avg8 and scanned it then deleted it (cus it had conflict with kaspersky) i did a scan with kaspersky as well, as well as MBAM, and SAS.
ive gone through every other possible idea.
its not the internet, my neighbor uses the same and his is working fine.
ALL I KNOW IS , when im playing certain games, *im not sure but i think maybe high cpu usage???* it will suddenly drop.
all my other games are fine
when my internet drops because of the game, my modem still shows that im connected, and at the bottom right my local area connection is still connected.
i read somewhere about it probably being ip?
so i did the whole ipconfig, and it wouldnt config saying theres something attached that isnt working or something,
i did the ipconfig /all /renew /release etc. NOW. my ip is okay i can post that here upon reply if it will help.
also i got this when using HOUSECALL (that online trendmicro scanning thing) for malware, and i got this

MS08-061/MS08-063/MS08-066/MS08-067/MS08-068/MS08-078
-
an error occurred while trying to retrieve more information about this vulnerability.
there is currently no more information available.

i also heard about it possibly being a router? to be honest i dont have a clue what that is, also could be my network card they say?






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:15 AM, on 19/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GIGABYTE\C.O.M\GCSVR.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sirjasonwinters.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Documents and Settings\PC 1\Desktop\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://aandr.com.au/web
O15 - ESC Trusted IP range: 10.0.0.1
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234809893218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234809882015
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: bw+0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: offline-8876480 - {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: COM Service - Unknown owner - C:\Program Files\GIGABYTE\C.O.M\GCSVR.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 19508 bytes






in my honest opinion, tho i do not know much, i have a really strong feeling that it is malware, or something else.
i hope someone can get back to me.

BC AdBot (Login to Remove)

 


#2 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 18 February 2009 - 07:23 PM

okay i have also scanned with my trend micro (the 1 that my brother baught) and with a-squared (to be honest a-squared 4.0 free caught 18 spyware and 6 virus's that the trend micro or mbam/sas didnt catch) just sayng tho,
i did the whole smitfraudfix, in safemode etc,

if it is my router, and it cant establish an ip for the game im talkn bout would i have to buy a new 1 ? i already looked into static IP's but the company here has everytyhing on lock down, i cant even find out my DNS IP cus the 1 in my comand prompts just matchs my gateway IP.

?? get back to me ^^

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:01:19 AM

Posted 01 March 2009 - 01:55 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#4 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 01 March 2009 - 09:37 PM

the DDS and the attach is in the attached file i uploaded it

please check it out

ive also noticed that when i do ipconfig /all
if ive set it already
maybe like the next day or sumthing i dont check every day all i know is when i do check it goes back to that error - an internal error occurred. a device attached ... so on

thanks for replying

Attached Files



#5 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 02 March 2009 - 06:18 PM

any1??

#6 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:19 PM

Posted 02 March 2009 - 08:19 PM

Hello, vegasripper2004
This does not sound like a malware issue, but there is some junk in there we can get rid of :thumbup2:

We need to create an OTListIt2 Report
  • Please download OTListIt2 from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
We need to scan for Rootkits with GMER
  • Please download GMER from one of the following mirrors:
  • Close any and all open programs, as this process may crash your computer.
  • Unzip the downloaded file to your desktop.
  • Double click Posted Image on your desktop.
  • Allow the gmer.sys driver to load if asked.
  • You may see this window. If you do, click No.
    Posted Image
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.
In your next reply, please include the following:
  • OTListIt.txt
  • Extra.txt
  • GMER's Log

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#7 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 03 March 2009 - 01:09 AM

okay thanks i will when i get home

#8 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:19 PM

Posted 06 March 2009 - 05:40 PM

Hello, vegasripper2004
Are you still here?

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#9 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 07 March 2009 - 01:30 AM

yes still trying to get my problem resolved :thumbup2:

#10 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 07 March 2009 - 01:41 AM

here are those 2 logs u wanted from the OTListIt2

OTListIt logfile created on: 7/03/2009 2:33:46 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.3.4 Folder = C:\Documents and Settings\PC 1\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.99 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.43% Memory free
3.84 Gb Paging File | 3.40 Gb Available in Paging File | 88.50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 237.86 Gb Free Space | 79.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: THE-FRAGGER
Current User Name: PC 1
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/14 10:42:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/01/27 16:59:40 | 00,421,496 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2005/05/25 01:14:10 | 00,016,384 | ---- | M] () -- C:\Program Files\GIGABYTE\C.O.M\GCSVR.EXE
PRC - [2007/08/09 17:57:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005/08/07 23:24:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/04/14 10:42:36 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe
PRC - [2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2007/01/05 08:08:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2008/02/28 15:00:16 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2008/02/28 15:00:04 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2008/02/28 15:00:14 | 00,137,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2008/10/22 03:39:59 | 00,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2008/04/14 10:42:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2007/10/09 08:20:56 | 00,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aolsoftware.exe
PRC - [2007/08/28 17:11:36 | 00,036,864 | ---- | M] () -- C:\Program Files\Chikka Messenger\Chikka v.4\ChikkaLauncher.exe
PRC - [2008/06/23 19:50:52 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/07 14:33:29 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC 1\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/01/27 16:59:40 | 00,421,496 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free [Auto | Running])
SRV - [2005/09/23 22:58:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 22:58:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2005/05/25 01:14:10 | 00,016,384 | ---- | M] () -- C:\Program Files\GIGABYTE\C.O.M\GCSVR.EXE -- (COM Service [Auto | Running])
SRV - [2008/04/14 10:42:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2007/01/05 13:41:10 | 00,774,144 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2006/12/23 17:54:04 | 00,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [Disabled | Stopped])
SRV - [2007/12/05 01:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Stopped])
SRV - [2007/08/24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/08/09 17:57:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2005/08/07 23:24:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2007/06/15 16:55:00 | 00,300,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [Disabled | Stopped])
SRV - [2008/07/29 14:24:36 | 00,698,888 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [On_Demand | Stopped])
SRV - [2008/04/14 10:42:36 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe -- (SNMP [Auto | Running])
SRV - [2007/12/24 18:41:06 | 00,333,064 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer [On_Demand | Stopped])
SRV - [2008/02/16 00:58:10 | 00,488,768 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw [On_Demand | Stopped])
SRV - [2008/02/16 00:58:10 | 00,648,456 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (tmproxy [On_Demand | Stopped])
SRV - [2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2007/01/05 08:08:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2004/08/11 00:46:56 | 00,483,328 | ---- | M] (Microsoft Corporation) -- c:\program files\windows media connect\mswmccds.exe -- (WmcCds [Unknown | Stopped])
SRV - [2004/08/10 21:50:42 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/05/04 18:24:06 | 00,021,035 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2006/01/25 18:54:30 | 01,149,888 | R--- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2006/10/19 20:14:32 | 00,303,616 | R--- | M] (Belkin Corporation. ) -- C:\WINDOWS\system32\DRIVERS\BLKWGDv7.sys -- (Belkin700F [On_Demand | Running])
DRV - [2007/06/01 10:39:12 | 00,004,942 | ---- | M] (SiGma Micro) -- C:\WINDOWS\system32\DRIVERS\SG310Hub.sys -- (FilterService [On_Demand | Running])
DRV - [2009/03/06 23:22:49 | 00,014,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Running])
DRV - [2008/04/14 03:06:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/04/13 10:34:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2006/04/13 10:34:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2006/04/13 10:34:39 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2008/02/15 13:12:06 | 05,854,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])
DRV - [2007/07/18 21:56:04 | 04,547,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009/01/23 04:25:20 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2001/08/18 00:27:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
DRV - [2007/02/22 11:15:56 | 00,137,216 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2007/02/22 11:15:14 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2007/02/22 11:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj [On_Demand | Stopped])
DRV - [2007/02/22 11:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm [On_Demand | Stopped])
DRV - [2007/12/05 01:41:00 | 07,435,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2007/11/08 10:29:52 | 00,458,752 | ---- | M] (PixArt Imaging Inc.) -- C:\WINDOWS\system32\DRIVERS\PAC7302.SYS -- (PAC7302 [On_Demand | Stopped])
DRV - [2004/08/04 22:30:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005/08/19 04:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/10/30 21:14:20 | 00,117,888 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2007/11/13 20:55:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2007/11/15 15:16:22 | 00,984,928 | ---- | M] (SiGma Micro) -- C:\WINDOWS\System32\Drivers\SG310UVC.sys -- (SG310 Video Capture [On_Demand | Running])
DRV - [2002/10/02 10:57:12 | 00,013,532 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt [On_Demand | Stopped])
DRV - [2007/12/24 18:37:20 | 00,052,496 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon [Auto | Running])
DRV - [2008/02/16 00:37:50 | 00,333,328 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\TM_CFW.sys -- (tmcfw [On_Demand | Running])
DRV - [2007/12/24 18:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2007/12/24 18:37:12 | 00,052,240 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr [Auto | Running])
DRV - [2008/08/16 03:00:46 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\tmpreflt.sys -- (tmpreflt [Auto | Running])
DRV - [2008/02/16 00:37:50 | 00,065,936 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\tmtdi.sys -- (tmtdi [System | Running])
DRV - [2008/08/16 03:00:52 | 00,205,328 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\tmxpflt.sys -- (tmxpflt [Auto | Running])
DRV - [2008/04/14 05:15:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2008/08/16 02:53:50 | 01,195,448 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\vsapint.sys -- (vsapint [Auto | Running])
DRV - [2006/07/12 08:56:00 | 00,248,192 | ---- | M] (Marvell) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\Ggl, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\Ggl, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\Ggl, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\Ggl, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s

IE - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
IE - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\S-1-5-21-3813761094-4244557282-833094080-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Documents and Settings\PC 1\Desktop\Nokia PC Suite 6\PcSync2.exe /NoDialog File not found
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Documents and Settings\PC 1\Desktop\Nokia PC Suite 6\PcSync2.exe /NoDialog File not found
O4 - HKU\S-1-5-21-3813761094-4244557282-833094080-1006..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKU\S-1-5-21-3813761094-4244557282-833094080-1006..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] Narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] Narrator.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3813761094-4244557282-833094080-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 128
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1234809893218 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1234809882015 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{3CF284DC-996F-467C-84F7-5D13291D20AE}\\NameServer = 202.126.40.5,202.95.226.66
O18 - Protocol\Handler\bw+0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {47fae59a-5f6c-4634-ba88-e65dce004c68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {47FAE59A-5F6C-4634-BA88-E65DCE004C68} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/11/17 08:14:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{6a421baf-ec2e-11dd-973f-001a4df6f0a5}\Shell - "" = AutoRun
O33 - MountPoints2\{6a421baf-ec2e-11dd-973f-001a4df6f0a5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b2345adc-bae8-11dd-a3e8-000000000000}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{b2345adc-bae8-11dd-a3e8-000000000000}\Shell\Open\Command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
O33 - MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\AutoRun\command - "" = I:\bar311.exe -- File not found
O33 - MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Explore\command - "" = I:\bar311.exe -- File not found
O33 - MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Open\command - "" = I:\bar311.exe -- File not found
O33 - MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\AutoRun\command - "" = bar311.exe %1
O33 - MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Explore\command - "" = bar311.exe %1
O33 - MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Open\command - "" = bar311.exe %1

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[5 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009/03/07 14:33:24 | 00,498,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PC 1\Desktop\OTListIt2.exe
[2009/03/06 23:23:56 | 00,000,268 | -H-- | C] () -- C:\sqmdata05.sqm
[2009/03/06 23:23:56 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2009/03/06 23:22:52 | 00,024,392 | ---- | C] () -- C:\WINDOWS\System32\jcsball.dat
[2009/03/06 23:22:52 | 00,008,966 | ---- | C] () -- C:\WINDOWS\System32\jcsb.new
[2009/03/06 23:22:52 | 00,008,304 | ---- | C] () -- C:\WINDOWS\System32\jerror.dat
[2009/03/06 21:20:04 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to FSLauncher.lnk
[2009/03/06 21:18:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\FreeStyle
[2009/03/06 14:27:49 | 00,000,654 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Garena.lnk
[2009/03/06 14:27:45 | 00,000,000 | ---D | C] -- C:\Program Files\Garena
[2009/03/06 14:27:31 | 04,626,616 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Garena_setup.exe
[2009/03/06 11:08:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\lyrics
[2009/03/06 10:18:52 | 00,000,268 | -H-- | C] () -- C:\sqmdata04.sqm
[2009/03/06 10:18:52 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2009/03/05 21:14:09 | 00,000,268 | -H-- | C] () -- C:\sqmdata03.sqm
[2009/03/05 21:14:08 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2009/03/03 08:14:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Application Data\LimeWire
[2009/03/03 08:14:04 | 00,001,582 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\LimeWire 4.14.10.lnk
[2009/03/03 08:14:00 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2009/03/02 09:11:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\pics
[2009/03/02 06:32:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\GTA
[2009/03/02 00:04:54 | 00,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/02 00:04:54 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/02 00:04:54 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2009/03/02 00:04:54 | 00,000,000 | ---D | C] -- C:\Program Files\Xvid
[2009/03/02 00:03:00 | 00,000,000 | ---D | C] -- C:\Program Files\ZD Soft
[2009/03/01 18:27:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\past is past
[2009/03/01 08:51:56 | 00,153,566 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\SSS.bmp
[2009/03/01 07:09:08 | 03,039,258 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\scan0001.jpg
[2009/03/01 06:54:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\important logs
[2009/02/26 18:25:01 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\PC 1\My Documents\Leftyberto(1).jpg
[2009/02/25 21:37:47 | 01,048,587 | ---- | C] () -- C:\Documents and Settings\PC 1\My Documents\1
[2009/02/24 07:08:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\my love
[2009/02/24 06:33:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\tattoos
[2009/02/24 06:03:32 | 00,016,247 | ---- | C] () -- C:\LOVE-HEART-arms-wrist-hands-elbows-fingers-sleeve-TATTOOS-flash-designs-TATTOO-pictures-gallery22.jpg
[2009/02/22 09:37:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\music videos
[2009/02/22 09:33:03 | 00,000,797 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\YouTube Downloader.lnk
[2009/02/22 09:33:02 | 00,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2009/02/21 18:16:57 | 00,009,728 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/02/21 18:13:44 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2009/02/21 18:03:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\drivers
[2009/02/21 04:28:13 | 00,017,363 | ---- | C] () -- C:\Documents and Settings\PC 1\My Documents\0002051JiDs.jpg
[2009/02/21 04:25:54 | 00,085,688 | ---- | C] () -- C:\Documents and Settings\PC 1\My Documents\0005051JiDs.jpg
[2009/02/20 12:33:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/02/20 12:33:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\SigMaChip
[2009/02/20 12:33:16 | 00,000,000 | ---D | C] -- C:\Program Files\SigMa Chip
[2009/02/20 01:51:08 | 00,000,000 | ---D | C] -- C:\Program Files\MYGAME Launcher
[2009/02/19 20:57:59 | 00,086,161 | ---- | C] (SigmaChip) -- C:\WINDOWS\SG310Prp.Ax
[2009/02/19 20:57:57 | 00,984,928 | ---- | C] (SiGma Micro) -- C:\WINDOWS\System32\drivers\SG310UVC.sys
[2009/02/19 20:57:57 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\amcap.exe
[2009/02/19 20:57:57 | 00,086,161 | ---- | C] (SigmaChip) -- C:\WINDOWS\System32\SG310Prp.Ax
[2009/02/19 20:57:57 | 00,081,920 | ---- | C] (SiGma Chip) -- C:\WINDOWS\SGStiCam.Exe
[2009/02/19 20:57:57 | 00,049,152 | ---- | C] (SigmaChip) -- C:\WINDOWS\SGStiMon.exe
[2009/02/19 20:57:57 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\Coinstall.dll
[2009/02/19 20:57:57 | 00,004,942 | ---- | C] (SiGma Micro) -- C:\WINDOWS\System32\drivers\SG310Hub.sys
[2009/02/19 20:33:50 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2009/02/19 20:33:50 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2009/02/19 00:44:24 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2009/02/19 00:44:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\My Documents\a-squared Free
[2009/02/19 00:39:54 | 00,001,140 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2009/02/19 00:39:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\SmitfraudFix
[2009/02/18 16:50:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/02/17 13:25:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/02/17 05:43:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/02/17 05:43:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/02/17 05:43:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/02/17 05:37:42 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/02/17 05:37:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009/02/17 05:34:24 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/02/17 05:34:23 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/02/17 05:34:23 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/02/17 05:34:23 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/02/17 05:34:23 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/02/17 05:34:22 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/02/17 05:34:22 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/02/17 05:34:22 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/02/17 05:34:22 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/02/17 05:34:22 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/02/17 05:34:21 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/02/17 05:34:21 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/02/17 05:34:21 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/02/17 05:34:19 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/02/17 05:34:19 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/02/17 05:34:18 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/02/17 05:34:18 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/02/17 05:34:18 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/02/17 05:34:18 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/02/17 05:34:18 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/02/17 05:34:18 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/02/17 05:34:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/02/17 05:34:18 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/02/17 05:34:18 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/02/17 05:34:18 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/02/17 05:34:16 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/02/17 05:34:16 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/02/17 05:34:16 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/02/17 05:34:16 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/02/17 05:34:16 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/02/17 05:34:16 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/02/17 05:34:16 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/02/17 05:34:16 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/02/17 05:34:16 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/02/17 05:34:15 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/02/17 05:34:15 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/02/17 05:34:09 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/02/17 05:34:09 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/02/17 05:34:07 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/02/17 05:34:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/02/17 05:34:07 | 00,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/02/17 05:34:06 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/02/17 05:34:06 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/02/17 05:34:06 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/02/17 05:34:06 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/02/17 05:34:06 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/02/17 05:34:06 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/02/17 05:34:06 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/02/17 05:34:06 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/02/17 05:34:06 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/02/17 05:34:06 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/02/17 05:34:05 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/02/17 05:34:05 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/02/17 05:34:05 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/02/17 05:34:05 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/02/17 05:34:05 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/02/17 05:34:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/02/17 05:34:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/02/17 05:34:04 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/02/17 05:34:04 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/02/17 05:34:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/02/17 05:34:03 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/02/17 05:34:03 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/02/17 05:34:01 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/02/17 05:34:01 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/02/17 05:34:01 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/02/17 05:34:01 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/02/17 05:34:01 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/02/17 05:34:01 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/02/17 05:34:01 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/02/17 05:34:01 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/02/17 05:34:01 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/02/17 05:34:01 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/02/17 05:34:01 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/02/17 05:34:01 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/02/17 05:16:47 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/02/17 02:00:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Application Data\acccore
[2009/02/17 02:00:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Local Settings\Application Data\AOL OCP
[2009/02/17 02:00:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Local Settings\Application Data\AOL
[2009/02/17 02:00:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/02/17 02:00:09 | 00,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2009/02/17 02:00:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/02/17 02:00:08 | 00,001,674 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM 6.lnk
[2009/02/17 01:59:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009/02/17 01:59:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/02/17 01:59:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2009/02/17 01:58:40 | 00,000,000 | ---D | C] -- C:\Program Files\AIM6
[2009/02/17 01:58:36 | 00,000,367 | -H-- | C] () -- C:\IPH.PH
[2009/02/16 23:59:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/02/16 17:32:04 | 00,524,288 | ---- | C] () -- C:\Program Files\6a89hg01.0
[2009/02/16 17:31:47 | 00,080,577 | ---- | C] () -- C:\Program Files\bios.ini
[2009/02/16 17:31:27 | 00,000,029 | ---- | C] () -- C:\Program Files\new_ver.ini
[2009/02/16 13:51:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\audition
[2009/02/15 21:49:52 | 00,001,704 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Audition.lnk
[2009/02/13 16:25:08 | 00,000,691 | ---- | C] () -- C:\Documents and Settings\PC 1\My Documents\Marc11.jpg
[2009/02/11 16:58:29 | 00,000,820 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Special Force.lnk
[2009/02/11 13:24:48 | 00,000,155 | ---- | C] () -- C:\WINDOWS\option.ini
[2009/02/11 13:24:21 | 00,001,652 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\O2jam.lnk
[2009/02/11 13:23:53 | 00,000,000 | ---D | C] -- C:\Program Files\e-Games
[2009/02/10 21:30:35 | 00,000,563 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Day of Defeat Source.lnk
[2009/02/10 21:30:35 | 00,000,000 | ---D | C] -- C:\Program Files\Day of Defeat Source
[2009/02/10 20:18:35 | 00,000,365 | ---- | C] () -- C:\WINDOWS\settings.cfg
[2009/02/10 20:05:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\hax
[2009/02/10 10:21:13 | 00,001,071 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to Counter-Strike Source.lnk
[2009/02/09 13:00:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\CS Source
[2009/02/08 16:07:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/02/06 19:45:38 | 00,000,000 | ---D | C] -- C:\Program Files\Ocean Technology
[2009/02/06 19:20:06 | 00,000,895 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\LEFT 4 DEAD.lnk
[2009/02/06 19:19:58 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/02/06 19:19:58 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/02/06 19:19:56 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/02/06 19:19:52 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/02/06 19:19:52 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/02/06 19:19:52 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/02/06 19:19:52 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/02/06 19:19:50 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/02/06 19:19:50 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/02/06 19:19:50 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/02/06 19:19:47 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/02/06 19:19:46 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/02/06 19:19:46 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/02/06 19:19:46 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/02/06 19:19:46 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/02/06 19:19:43 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/02/06 19:19:42 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/02/06 19:19:39 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/02/06 19:19:39 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/02/06 19:19:34 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/02/06 19:15:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/02/06 19:15:36 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009/02/06 18:02:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Local Settings\Application Data\Conduit
[2009/02/06 17:59:39 | 00,000,000 | ---D | C] -- C:\Program Files\Conduit
[2009/02/06 17:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Desktop\Left.4.Dead.Full-Rip.Skullptura
[2009/02/06 14:34:14 | 00,000,599 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to samp.lnk
[2009/02/06 11:30:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\San Andreas Mod Installer
[2009/02/06 11:09:43 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to gta_sa.lnk
[2009/02/06 10:31:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\My Documents\GTA San Andreas User Files
[2009/02/06 08:23:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Application Data\WinRAR
[2009/02/06 08:23:11 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/02/06 08:05:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\My Documents\Downloads
[2009/02/06 08:01:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Application Data\uTorrent
[2009/02/05 20:25:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Application Data\dvdcss
[2009/02/05 16:57:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/02/05 16:57:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Local Settings\Application Data\Mozilla
[2009/02/05 16:53:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC 1\Application Data\MSNInstaller

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[5 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009/03/07 14:34:14 | 00,024,392 | ---- | M] () -- C:\WINDOWS\System32\jcsball.dat
[2009/03/07 14:34:14 | 00,008,966 | ---- | M] () -- C:\WINDOWS\System32\jcsb.new
[2009/03/07 14:34:14 | 00,008,304 | ---- | M] () -- C:\WINDOWS\System32\jerror.dat
[2009/03/07 14:33:29 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC 1\Desktop\OTListIt2.exe
[2009/03/07 03:52:47 | 00,001,175 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/07 00:29:13 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/06 23:48:04 | 00,169,472 | ---- | M] () -- C:\Documents and Settings\PC 1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/06 23:23:56 | 00,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/03/06 23:23:56 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/03/06 23:22:49 | 00,014,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys
[2009/03/06 23:22:46 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/06 23:22:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/06 23:22:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/06 23:19:09 | 01,579,378 | -H-- | M] () -- C:\Documents and Settings\PC 1\Local Settings\Application Data\IconCache.db
[2009/03/06 21:20:04 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to FSLauncher.lnk
[2009/03/06 14:27:49 | 00,000,654 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Garena.lnk
[2009/03/06 14:27:31 | 04,626,616 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Garena_setup.exe
[2009/03/06 10:18:52 | 00,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/03/06 10:18:52 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/03/05 21:14:09 | 00,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/03/05 21:14:08 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/03/03 08:14:04 | 00,001,582 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\LimeWire 4.14.10.lnk
[2009/03/02 18:47:32 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to gta_sa.lnk
[2009/03/02 18:42:29 | 00,000,599 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to samp.lnk
[2009/03/02 02:39:05 | 00,000,365 | ---- | M] () -- C:\WINDOWS\settings.cfg
[2009/03/02 02:25:52 | 00,000,155 | ---- | M] () -- C:\WINDOWS\option.ini
[2009/03/01 10:05:22 | 03,039,258 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\scan0001.jpg
[2009/03/01 08:54:26 | 00,153,566 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\SSS.bmp
[2009/02/26 18:34:23 | 00,022,222 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\Leftyberto.jpg
[2009/02/26 18:25:01 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\Leftyberto(1).jpg
[2009/02/25 21:37:49 | 01,048,587 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\1
[2009/02/24 06:02:49 | 00,016,247 | ---- | M] () -- C:\LOVE-HEART-arms-wrist-hands-elbows-fingers-sleeve-TATTOOS-flash-designs-TATTOO-pictures-gallery22.jpg
[2009/02/22 09:33:03 | 00,000,797 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\YouTube Downloader.lnk
[2009/02/21 04:28:15 | 00,017,363 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\0002051JiDs.jpg
[2009/02/21 04:25:57 | 00,085,688 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\0005051JiDs.jpg
[2009/02/20 13:42:55 | 00,001,140 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/02/20 12:39:30 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/02/20 12:39:30 | 00,000,223 | RHS- | M] () -- C:\boot.ini
[2009/02/20 05:51:25 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/02/19 15:48:54 | 00,001,071 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to Counter-Strike Source.lnk
[2009/02/19 03:40:04 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/02/19 02:17:32 | 00,033,360 | ---- | M] () -- C:\Documents and Settings\PC 1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/18 18:29:12 | 00,001,704 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Audition.lnk
[2009/02/17 18:05:44 | 00,000,865 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Shortcut to Frozen Throne.lnk
[2009/02/17 13:27:20 | 00,471,150 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/17 13:27:20 | 00,401,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/17 13:27:20 | 00,062,800 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/17 13:26:05 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/02/17 13:25:13 | 00,155,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/02/17 05:40:46 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/02/17 02:00:24 | 00,000,367 | -H-- | M] () -- C:\IPH.PH
[2009/02/17 02:00:08 | 00,001,674 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM 6.lnk
[2009/02/16 18:44:32 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/13 16:25:09 | 00,000,691 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\Marc11.jpg
[2009/02/13 16:24:44 | 00,000,691 | ---- | M] () -- C:\Documents and Settings\PC 1\My Documents\AAAAAAAAAAA 6165437.jpg
[2009/02/12 16:17:55 | 00,002,266 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Launch WarRock Philippines.lnk
[2009/02/11 16:58:29 | 00,000,820 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Special Force.lnk
[2009/02/11 13:24:21 | 00,001,652 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\O2jam.lnk
[2009/02/10 21:30:35 | 00,000,563 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Day of Defeat Source.lnk
[2009/02/06 19:20:06 | 00,000,895 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\LEFT 4 DEAD.lnk
[2009/02/05 16:57:39 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\TASKMAN.EXE:SummaryInformation
@Alternate Data Stream - 0 bytes -> C:\WINDOWS\TASKMAN.EXE:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\PC 1\Desktop\Thumbs.db:encryptable
< End of report >

OTListIt Extras logfile created on: 7/03/2009 2:33:46 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.3.4 Folder = C:\Documents and Settings\PC 1\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.99 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.43% Memory free
3.84 Gb Paging File | 3.40 Gb Available in Paging File | 88.50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 237.86 Gb Free Space | 79.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: THE-FRAGGER
Current User Name: PC 1
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 05:23:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2009/01/22 12:10:41 | 00,032,768 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2007/10/18 12:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 05:23:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 10:42:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2007/08/29 00:43:30 | 01,022,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
File not found -- C:\Documents and Settings\PC 1\Desktop\INSTAL. GAMES\dota\Warcraft III.exe:*:Enabled:Warcraft III
[2009/01/08 19:38:10 | 04,363,504 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2009/01/22 12:10:41 | 00,032,768 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger
File not found -- C:\Documents and Settings\PC 1\Desktop\MOMS PICTURES\INSTAL. GAMES\dota\Garena.exe:*:Enabled:Garena
[2009/01/19 20:56:12 | 01,795,584 | ---- | M] () -- C:\Program Files\MYGAME\Special Force\specialforce.exe:*:Enabled:specialforce
[2008/11/18 16:31:04 | 21,633,320 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
File not found -- C:\Program Files\Call of Duty\CoDMP.exe:*:Disabled:CoDMP
File not found -- C:\Program Files\sakray\Fusion 1.210\weiss.exe:*:Disabled:Fusion RO Server Emulator
[2006/02/15 11:37:26 | 00,147,511 | R--- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Disabled:hpfccopy.exe
[2006/04/21 00:42:18 | 00,063,064 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Disabled:hpoews01.exe
[2006/04/21 01:13:30 | 00,231,000 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Disabled:hpofxm08.exe
[2006/04/20 22:28:12 | 00,040,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Disabled:hposfx08.exe
[2006/04/21 00:43:46 | 00,087,640 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Disabled:hposid01.exe
[2006/04/21 01:06:26 | 00,181,848 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Disabled:hpqcopy.exe
[2006/02/09 17:41:28 | 00,573,440 | ---- | M] ( ) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Disabled:hpqdia.exe
[2006/02/16 23:49:52 | 01,085,440 | R--- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Disabled:hpqkygrp.exe
[2006/02/19 06:29:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Disabled:hpqnrs08.exe
[2006/02/09 17:43:36 | 00,110,592 | R--- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Disabled:hpqphunl.exe
[2006/02/17 01:19:34 | 00,192,512 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Disabled:hpqscnvw.exe
[2006/02/19 06:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Disabled:hpqste08.exe
[2006/02/19 05:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Disabled:hpqtra08.exe
[2006/04/21 01:13:00 | 00,456,280 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Disabled:hpzwiz01.exe
File not found -- C:\Program Files\Super 1 Karting\Kart.exe:*:Disabled:Kart
File not found -- C:\Program Files\THQ\MotoGP URT 3\motogp.exe:*:Disabled:motogp
File not found -- C:\Program Files\EA Games\Need For Speed Underground\Speed.exe:*:Disabled:Speed
[2006/10/27 03:13:28 | 00,106,496 | ---- | M] () -- C:\Program Files\Day of Defeat Source\hl2.exe:*:Enabled:hl2
File not found -- C:\Program Files\BitLord\Downloads\CS Source\Counter-Strike Source v18\Counter-Strike Source\hl2.exe:*:Enabled:hl2
[2008/11/22 13:19:10 | 00,088,606 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe:*:Enabled:left4dead
[2006/11/23 15:48:02 | 00,248,640 | ---- | M] () -- C:\Program Files\GIGABYTE\@BIOS\update.exe:*:Enabled:update
[2008/02/14 14:23:12 | 00,231,944 | ---- | M] () -- C:\Program Files\gwflash.exe:*:Enabled:gwflash
[2006/11/24 17:04:44 | 00,240,448 | ---- | M] () -- C:\Program Files\GIGABYTE\@BIOS\gwf32.exe:*:Enabled:gwflash
[2006/11/03 17:47:27 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2008/10/22 03:39:59 | 00,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
File not found -- C:\Program Files\BitLord\BitLord.exe:*:Disabled:BitLord
[2008/01/15 14:14:00 | 00,106,496 | ---- | M] () -- C:\Documents and Settings\PC 1\Desktop\CS Source\Counter-Strike Source v18\Counter-Strike Source\hl2.exe:*:Enabled:hl2
[2008/06/23 19:50:52 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer
[2007/09/18 00:49:14 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2007/10/18 12:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[2009/01/16 23:46:26 | 03,316,496 | ---- | M] (Garena Interactive PTE LTD) -- C:\Program Files\Garena\Garena.exe:*:Enabled:Garena

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{11964613-805F-432D-A12B-169554B793E7}" = Nokia Connectivity Cable Driver
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{24C89EED-3D22-464E-9B70-52E00D4C5D50}" = WarRock Philippines
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36BC49B7-516F-4111-BA4D-EDAB86341807}" = SG310
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{4462265B-3DC7-44AD-B56D-D09BA67BA422}" = 6300
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}" = PC Connectivity Solution
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}" = PC Camera
"{A621B45A-D138-4A95-BE10-7CABA05EF94E}" = Trend Micro Internet Security
"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
"{A7D02240-1B6D-46A3-B745-A0C6491C9803}" = Logitech Z-series Software 1.03
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite
"{AAB93551-3FFE-42B2-8315-96252BBC1033}" = Nero 7 Essentials
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS B06.1124.01
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BB7DEA41-298E-450B-9C3A-E7B48D9D021B}" = 6300_Help
"{BBD9FAD7-F782-4548-B00F-E612322950F6}" = MYGAME Launcher(Remove Only)
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F2AB49F2-D632-446C-9A6E-5B4A98DFF13B}" = 6300Trb
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"4077F884D1BB007055BDB83B621D87220A73F30F" = Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
"54C387968987D0308E3C2F0A5D723BC3CB8926B9" = Windows Driver Package - 2Wire (2WIREPCP) Net (09/18/2002 1.4.0.5)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"AIM_6" = AIM 6
"a-squared Free_is1" = a-squared Free 4.0
"Audition" = Audition 1.30.0.0
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"C.O.M" = C.O.M
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
"Chikka Messenger V4" = Chikka Messenger V4
"Day of Defeat Source" = Day of Defeat Source
"drmtool.inf" = Personal License Update Wizard for Windows Media Player
"EAX™ Unified (SHELL)" = EAX™ Unified (SHELL)
"Garena" = Garena
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"LimeWire" = LimeWire 4.14.10
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"mmmusic" = Movie Maker Background Music Files
"mmsounds" = Movie Maker Sound Effects
"mmtitle" = Movie Maker Title Images
"mplibwiz.inf" = Media Library Management Wizard
"mpxlswiz.inf" = Windows Media Player Playlist Import to Excel Wizard
"mpxptray.inf" = Windows Media Player Tray Control
"MSNINST" = MSN
"Nitto 1320 Legends_is1" = Nitto 1320 Legends Public Beta 0.9.10.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"O2Jam_ph" = O2jam
"SpecialForce" = Special Force(Remove only)
"SystemRequirementsLab" = System Requirements Lab
"Tomb Raider Chronicles" = Tomb Raider Chronicles
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.8a
"wa2wmp" = Windows Media Player Skin Importer
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WM9Cap" = Windows Media 9 Capture Tool
"WMBK2" = Windows Media Bonus Pack for Windows XP
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"ZD Recorder" = ZD Recorder 3.0.2.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/03/2009 9:15:31 PM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2112, faulting
module unknown, version 0.0.0.0, fault address 0x05287dd0.

Error - 4/03/2009 9:57:49 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2112, faulting
module msvcr80.dll, version 8.0.50727.762, fault address 0x0000e792.

Error - 4/03/2009 10:10:12 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2112, faulting
module msvcr80.dll, version 8.0.50727.762, fault address 0x0000e792.

Error - 4/03/2009 10:26:11 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2112, faulting
module msvcr80.dll, version 8.0.50727.762, fault address 0x0000e792.

Error - 4/03/2009 10:46:21 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2112, faulting
module msvcr80.dll, version 8.0.50727.762, fault address 0x0000e792.

Error - 6/03/2009 1:16:37 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.8.1, faulting module libavformat_plugin.dll,
version 0.0.0.0, fault address 0x0027aa2a.

Error - 6/03/2009 6:30:14 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application Garena.exe, version 3.0.0.1673, faulting module
Garena.exe, version 3.0.0.1673, fault address 0x00192421.

Error - 6/03/2009 8:57:27 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application gta_sa.exe, version 0.0.0.0, faulting module
gta_sa.exe, version 0.0.0.0, fault address 0x0032fdba.

Error - 6/03/2009 11:42:14 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application gta_sa.exe, version 0.0.0.0, faulting module
d3d9.dll, version 5.3.2600.5512, fault address 0x00046a21.

Error - 6/03/2009 11:47:04 AM | Computer Name = THE-FRAGGER | Source = Application Error | ID = 1000
Description = Faulting application gta_sa.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x0202946d.

[ System Events ]
Error - 20/02/2009 8:17:12 AM | Computer Name = THE-FRAGGER | Source = Service Control Manager | ID = 7031
Description = The a-squared Free Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 20/02/2009 8:17:15 AM | Computer Name = THE-FRAGGER | Source = Service Control Manager | ID = 7031
Description = The a-squared Free Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 21/02/2009 4:41:59 AM | Computer Name = THE-FRAGGER | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001A4DF6F0A5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 21/02/2009 6:22:32 AM | Computer Name = THE-FRAGGER | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001A4DF6F0A5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 21/02/2009 6:50:47 AM | Computer Name = THE-FRAGGER | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001A4DF6F0A5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 21/02/2009 2:19:54 PM | Computer Name = THE-FRAGGER | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001A4DF6F0A5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 25/02/2009 2:49:16 AM | Computer Name = THE-FRAGGER | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 1/03/2009 6:31:14 AM | Computer Name = THE-FRAGGER | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 1/03/2009 6:43:14 AM | Computer Name = THE-FRAGGER | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 1/03/2009 4:22:48 PM | Computer Name = THE-FRAGGER | Source = Service Control Manager | ID = 7031
Description = The a-squared Free Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.


< End of report >

Edited by Billy O'Neal, 08 March 2009 - 03:20 PM.


#11 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:19 PM

Posted 08 March 2009 - 03:26 PM

Hello, vegasripper2004
You have a Peer-To-Peer program installed.
Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case BitLord). These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

We need to run an OTListIt2 Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word "Code"
    :otli
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
    IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
    IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aandr.com.au/web
    IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
    IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
    IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
    IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
    IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
    O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
    O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{3CF284DC-996F-467C-84F7-5D13291D20AE}\\NameServer = 202.126.40.5,202.95.226.66
    O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class)
    O33 - MountPoints2\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{b2345adc-bae8-11dd-a3e8-000000000000}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{b2345adc-bae8-11dd-a3e8-000000000000}\Shell\Open\Command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\Shell\AutoRun\command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\Shell\Open\Command - "" = wscript.exe sowar.vbs
    O33 - MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\AutoRun\command - "" = I:\bar311.exe -- File not found
    O33 - MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Explore\command - "" = I:\bar311.exe -- File not found
    O33 - MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Open\command - "" = I:\bar311.exe -- File not found
    O33 - MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\AutoRun\command - "" = bar311.exe %1
    O33 - MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Explore\command - "" = bar311.exe %1
    O33 - MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\Shell\Open\command - "" = bar311.exe %1
    :files
    C:\Program Files\6a89hg01.0
    :commands
    [EmptyTemp]
  • Push Posted Image
  • OTLI2 may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Runtime Environment (JRE)" JRE 6 Update 12.
  • Click the Download button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u12-windows-i586-p.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

I would like us to use ESET (NOD32)'s Online Scanner
  • Please go to ESET OnlineScan (NOD32)
  • You will then see the Terms of Use, tick the check-box infront of YES, I accept the Terms of Use
  • Now click Start
  • Should you face a Security Warning that asks if you want to install and run a file called "OnlineScanner.cab", click Yes
  • Click Start
    • Note: (the Onlinescanner will now prepare itself for running on your pc)
  • To do a full-scan, tick: "Remove found threats" and "Scan potentially unwanted applications"
  • Press Scan
  • The Onlinescan will now start and scan your pc (this could take a while)
  • When the scan has finished, it will show a screen with two tabs "overview" and "details" and the option to get information or buy software, just close the window
  • Click Start >> Run... >> type: C:\Program Files\EsetOnlineScanner\log.txt
  • The Scanresults will now open in Notepad
  • Click into the text area, right-click and chose "select all" (or use +A)
  • Right-click again and chose "Copy" (or +C)
  • Close/Exit Notepad
  • Navigate to this thread and post your log along with anything else requested from us, by right-clicking and "paste" (or ctrl+v) in the text area of the reply post you just created.
Note: For Vista Users: Eset is compatible but Internet Explorer must be run as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.)

In your next reply, please include the following:
  • OTListIt2 Fix Log
  • ESET OnlineScan's Log
  • A new OTListIt2 log (Scan Mode Again)

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#12 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 08 March 2009 - 10:33 PM

okay ill do that in like 5 min. but i have a bigger problem now

i scaned using a2 free. (had it for a while) and i just updated it again and scanned 2 high risk trojan.H sumthing sumthing came out, and when i tried to delete it it said consult with experts, and when i tried to quarantine it my computer rebooted, and all of my tabs were still open when the comp rebooted?? now my computers acting slow, and it DELETED MY ANTI VIRUS??
as in when i came back on my anti virus was gone.
wtf am i gunna do lol that actually scared me.

#13 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 08 March 2009 - 11:26 PM

i just did what u said on the OTlist2 thing, and it made me loose connection to the internet as in completely. so i had to system restore.
ill try the other steps still tho

#14 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:19 PM

Posted 09 March 2009 - 08:03 PM

okay ill do that in like 5 min. but i have a bigger problem now

i scaned using a2 free. (had it for a while) and i just updated it again and scanned 2 high risk trojan.H sumthing sumthing came out, and when i tried to delete it it said consult with experts, and when i tried to quarantine it my computer rebooted, and all of my tabs were still open when the comp rebooted?? now my computers acting slow, and it DELETED MY ANTI VIRUS??
as in when i came back on my anti virus was gone.
wtf am i gunna do lol that actually scared me.



i just did what u said on the OTlist2 thing, and it made me loose connection to the internet as in completely. so i had to system restore.
ill try the other steps still tho

That's unfortunate. We could have worked on restoring the internet connection. No, it didn't delete your anti virus.

It should have produced a log. Do you have that?

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#15 vegasripper2004

vegasripper2004
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 09 March 2009 - 11:19 PM

no sorry i dont..
but after scanning when my comp suddenly shut down , when i tried to click the a2-squared it would go to browse. and when i searched around ofr the exe it was gone?


but yeah the main thing i wanna get fixed is the internet connection :thumbup2: any other ideas?? thanks for the help btw.

so you mean if i do that thing wht the OTlist2 and let it take out my computer we can restore it so that it doesnt drop?
cus im willing to do that. it will just take me longer times to reply cus ill have to go to my friends.. letm e know
thanks alot :)

were could i find that log?

uhm is this it??

========== OTLISTIT ==========
Unable to set value : HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\AV\\| /E!
Unable to set value : HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\AV\\| /E!
Unable to set value : HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\AV\\| /E!
Unable to set value : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\FM\\| /E!
Unable to set value : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\FM\\| /E!
Unable to set value : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\FM\\| /E!
Unable to set value : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\FM\\| /E!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msn.com\ deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3CF284DC-996F-467C-84F7-5D13291D20AE}\\NameServer| /E : value set successfully!
Starting removal of ActiveX control {5727FF4C-EF4E-4d96-A96C-03AD91910448}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5727FF4C-EF4E-4d96-A96C-03AD91910448}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5727FF4C-EF4E-4d96-A96C-03AD91910448}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5727FF4C-EF4E-4d96-A96C-03AD91910448}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12b567a6-8660-11dd-a3bd-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12b567a7-8660-11dd-a3bd-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2345adc-bae8-11dd-a3e8-000000000000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2345adc-bae8-11dd-a3e8-000000000000}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2345adc-bae8-11dd-a3e8-000000000000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2345adc-bae8-11dd-a3e8-000000000000}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b647fe1a-c9bd-11dd-9665-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7780d5a-8e9b-11dd-a3c5-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
File I:\bar311.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
File I:\bar311.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f453d348-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
File I:\bar311.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f453d34c-ad6e-11dd-a3cb-001a4df6f0a5}\ not found.
File not found.
========== FILES ==========
C:\Program Files\6a89hg01.0 moved successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\PC 1\Local Settings\Temp\Perflib_Perfdata_a54.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5b8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_95c.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_aac.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTListIt2 by OldTimer - Version 2.0.3.5 log created on 03092009_120027

Files moved on Reboot...
File C:\Documents and Settings\PC 1\Local Settings\Temp\Perflib_Perfdata_a54.dat not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_5b8.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_95c.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_aac.dat moved successfully.

Registry entries deleted on Reboot...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users