Simple checkup

If you don't hace time for all those big nuisense viruses, help me do a simple checkup on my PC. I know I can just scan, but that dosen't work. And also, I was suggested to create a topic here by Nazzgull

Hello.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

Arr, you might want to edit your post, I din't get any pop-up. Both, the OTL and Extra.txt are in the desktop. Anyway, here is the-

OTL.txt (Part 1)
--
OTL logfile created on: 06-10-2010 17:46:43 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\ADMIN\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

1,012.00 Mb Total Physical Memory | 509.00 Mb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.23 Gb Total Space | 10.01 Gb Free Space | 14.25% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.57 Gb Free Space | 65.67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 68.74 Gb Total Space | 57.92 Gb Free Space | 84.26% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-10-06 14:13:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
PRC - [2010-09-20 19:45:06 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009-11-25 05:21:40 | 000,081,000 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 05:21:35 | 000,138,680 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 05:21:21 | 000,254,040 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 05:18:48 | 000,352,920 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 05:13:56 | 000,018,752 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-05-21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008-10-29 11:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-08-14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008-01-21 08:03:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


========== Modules (SafeList) ==========

MOD - [2010-10-06 14:13:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
MOD - [2008-01-21 08:04:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 08:03:14 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-05-05 23:12:08 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-25 05:21:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- J:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 05:21:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- J:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 05:18:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- J:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 05:13:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- J:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-10-20 22:42:20 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008-08-14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008-06-26 13:17:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008-01-21 08:03:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ADMIN\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010-02-04 19:45:25 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\SVKP.sys -- (SVKP)
DRV - [2009-12-13 21:08:54 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-09 08:51:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-09-15 16:25:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 16:25:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 16:25:09 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009-09-15 16:24:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 16:24:21 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008-04-22 11:47:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008-01-21 08:02:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 08:02:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 08:02:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 08:02:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 08:02:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 08:02:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 08:02:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 08:02:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 08:02:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 08:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 08:02:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 08:02:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 08:02:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 08:02:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 08:02:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 08:02:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 08:02:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 08:02:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 08:02:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 08:02:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 08:02:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 08:02:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 08:02:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 08:02:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 08:02:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-05-11 18:56:46 | 001,773,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-29 14:12:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007-04-26 16:11:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006-11-02 15:20:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 15:20:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 15:20:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 15:20:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 15:20:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 15:20:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 15:20:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 15:20:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 15:20:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 15:19:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 15:19:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 13:55:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 13:54:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 13:54:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 13:54:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 13:54:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 13:54:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 13:06:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 13:06:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2233703
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-in
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 B6 D1 6D 83 1A CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "4shared Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.in/"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-09-20 19:48:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-09-20 19:48:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-09-20 19:48:40 | 000,000,000 | ---D | M]

[2009-09-25 13:24:12 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Extensions
[2010-10-06 16:50:15 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions
[2010-07-20 01:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-07-10 21:39:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(17)
[2010-07-20 19:23:13 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010-07-27 18:02:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-07-10 21:39:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(18)
[2010-09-07 13:17:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010-04-05 01:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-04-05 01:57:27 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\FasterFox_Lite@BigRedBrent
[2010-04-05 01:57:28 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\firebug@software.joehewitt.com
[2009-12-09 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\personas@christopher(38).beard
[2010-03-11 11:16:53 | 000,002,267 | ---- | M] () -- C:\Users\ADMIN\AppData\Roaming\Mozilla\FireFox\Profiles\fatt5946.default\searchplugins\BearShareWebSearch.xml
[2010-05-17 16:36:01 | 000,000,897 | ---- | M] () -- C:\Users\ADMIN\AppData\Roaming\Mozilla\FireFox\Profiles\fatt5946.default\searchplugins\conduit.xml
[2010-04-29 19:59:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2005-04-28 01:40:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2010-09-17 17:33:17 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010-09-17 17:33:17 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010-09-17 17:33:17 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010-09-17 17:33:17 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009-08-10 17:40:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTogg.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] J:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\ADMIN\AppData\Local\Temp\{8205B969-61F4-4A5D-AC89-87E3129B21A7}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O4 - Startup: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winmpa.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-19 03:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{774bc7e7-9956-11df-a8be-f4c71d5e12d8}\Shell\AutoRun\command - "" = CONTROL\AutoRun.exe  
O33 - MountPoints2\{774bc7e7-9956-11df-a8be-f4c71d5e12d8}\Shell\Explore\Command - "" = CONTROL\AutoRun.exe  
O33 - MountPoints2\{774bc7e7-9956-11df-a8be-f4c71d5e12d8}\Shell\Open\Command - "" = CONTROL\AutoRun.exe  
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\MFSetup.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\AutorunCD2.exe -- File not found
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\RunGame.exe -- File not found
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\RunGame.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-10-06 14:13:22 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
[2010-10-03 12:06:18 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Roaming\vlc
[2010-10-02 16:00:44 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Users\ADMIN\Desktop\WinsockxpFix.exe
[2010-09-30 18:39:25 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Roaming\Leadertech
[2010-09-30 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Documents\RCT3
[2010-09-30 18:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2010-09-30 01:07:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-09-29 19:04:27 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Local\Unity
[2010-09-20 19:48:04 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010-09-20 19:47:48 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010-09-20 19:47:48 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010-09-20 19:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010-09-20 19:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010-09-20 19:45:10 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010-09-20 19:45:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010-09-20 19:42:29 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Roaming\Real
[2010-09-16 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Documents\Sega
[2010-09-16 17:02:08 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010-09-08 18:49:52 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Documents\My Completed Downloads
[2010-09-08 18:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2010-09-06 23:50:54 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Desktop\NDS
[2009-08-01 13:35:33 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2006-04-29 05:07:48 | 000,290,816 | ---- | C] ( ) -- C:\Windows\System32\Interop.WMPLib.dll
[2005-01-13 15:47:42 | 000,061,440 | ---- | C] (none) -- C:\Program Files\mdMod1.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ADMIN\Desktop\*.tmp files -> C:\Users\ADMIN\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-10-06 17:46:49 | 007,077,888 | -HS- | M] () -- C:\Users\ADMIN\ntuser.dat
[2010-10-06 17:14:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-06 15:54:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-06 15:54:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-06 14:13:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
[2010-10-06 13:54:03 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-06 13:54:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-10-06 13:53:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-10-06 13:53:49 | 1062,391,808 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-06 00:00:19 | 000,524,288 | -HS- | M] () -- C:\Users\ADMIN\ntuser.dat{586f49d0-92ff-11df-a66c-bc61c385ec8c}.TMContainer00000000000000000001.regtrans-ms
[2010-10-06 00:00:19 | 000,065,536 | -HS- | M] () -- C:\Users\ADMIN\ntuser.dat{586f49d0-92ff-11df-a66c-bc61c385ec8c}.TM.blf
[2010-10-05 23:59:57 | 002,599,028 | -H-- | M] () -- C:\Users\ADMIN\AppData\Local\IconCache.db
[2010-10-05 21:20:26 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E72484B6-4C5D-4A93-B0BB-1D7689BA478F}.job
[2010-10-05 20:28:32 | 000,052,472 | ---- | M] () -- C:\Users\ADMIN\Desktop\24-74.png
[2010-10-04 18:15:43 | 002,574,990 | ---- | M] () -- C:\Users\ADMIN\Desktop\PCSX2_0.9.6_binary.7z
[2010-10-03 21:22:59 | 042,712,969 | ---- | M] () -- C:\Users\ADMIN\Desktop\moo.rar
[2010-10-03 12:36:38 | 000,046,092 | ---- | M] () -- C:\Users\ADMIN\Desktop\12.Rounds[2009][Unrated.Edition]DvDrip-aXXo.english.subtitlesource.zip
[2010-10-03 11:02:58 | 000,000,697 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-10-02 16:26:07 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Users\ADMIN\Desktop\WinsockxpFix.exe
[2010-10-02 12:48:22 | 000,050,688 | ---- | M] () -- C:\Users\ADMIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-02 12:04:19 | 000,037,388 | ---- | M] () -- C:\Users\ADMIN\Desktop\12.rounds.(2009).eng.1cd.(3539673).zip
[2010-09-30 18:40:03 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
[2010-09-30 18:39:50 | 000,001,609 | ---- | M] () -- C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
[2010-09-29 18:37:01 | 044,402,261 | ---- | M] () -- C:\Users\ADMIN\Desktop\X-Men - The Official Game.zip
[2010-09-27 18:58:36 | 000,072,409 | ---- | M] () -- C:\Users\ADMIN\Documents\Football2.docx
[2010-09-24 17:07:52 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010-09-20 19:48:25 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010-09-20 19:48:05 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010-09-20 19:47:48 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010-09-20 19:47:48 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010-09-20 19:45:10 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010-09-19 14:43:48 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-09-19 14:43:48 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-09-19 14:43:47 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-09-09 21:09:48 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\Applian FLV Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ADMIN\Desktop\*.tmp files -> C:\Users\ADMIN\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-10-05 20:28:24 | 000,052,472 | ---- | C] () -- C:\Users\ADMIN\Desktop\24-74.png
[2010-10-04 22:32:48 | 001,065,500 | ---- | C] () -- C:\Users\ADMIN\Desktop\AVSEQ01.DAT
[2010-10-04 18:14:59 | 002,574,990 | ---- | C] () -- C:\Users\ADMIN\Desktop\PCSX2_0.9.6_binary.7z
[2010-10-03 21:11:12 | 042,712,969 | ---- | C] () -- C:\Users\ADMIN\Desktop\moo.rar
[2010-10-03 12:36:11 | 000,046,092 | ---- | C] () -- C:\Users\ADMIN\Desktop\12.Rounds[2009][Unrated.Edition]DvDrip-aXXo.english.subtitlesource.zip
[2010-10-03 11:02:58 | 000,000,697 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-10-02 12:03:07 | 000,037,388 | ---- | C] () -- C:\Users\ADMIN\Desktop\12.rounds.(2009).eng.1cd.(3539673).zip
[2010-09-30 18:40:03 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
[2010-09-30 18:39:50 | 000,001,609 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
[2010-09-29 17:27:17 | 044,402,261 | ---- | C] () -- C:\Users\ADMIN\Desktop\X-Men - The Official Game.zip
[2010-09-27 18:58:35 | 000,072,409 | ---- | C] () -- C:\Users\ADMIN\Documents\Football2.docx
[2010-09-20 19:48:25 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010-09-09 21:09:48 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\Applian FLV Player.lnk
[2010-08-23 20:37:41 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010-05-05 23:31:51 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010-04-09 15:48:47 | 000,000,000 | -H-- | C] () -- C:\Users\ADMIN\AppData\Roaming\Cricket2009.exe.lock
[2010-04-07 15:37:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-03-10 21:10:54 | 000,076,407 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\Smiley.ico
[2010-02-08 19:35:55 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010-02-04 22:14:36 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2010-02-04 22:14:35 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2010-01-28 23:48:40 | 000,000,024 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\tmp123.txt
[2009-12-13 21:08:53 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-08-31 18:16:49 | 000,473,600 | ---- | C] () -- C:\Windows\System32\Harmony.dll
[2009-08-31 18:16:49 | 000,237,568 | ---- | C] () -- C:\Windows\System32\Unlha32.dll
[2009-08-01 13:39:24 | 000,000,101 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\DownloadLog.txt
[2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009-02-19 18:35:19 | 000,000,552 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\d3d8caps.dat
[2008-09-27 18:29:43 | 000,000,675 | ---- | C] () -- C:\Windows\Spidey.ini
[2008-09-22 15:11:55 | 000,000,465 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008-09-22 14:52:08 | 000,024,206 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\UserTile.png
[2008-08-12 18:21:20 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008-07-19 15:07:59 | 000,005,216 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\d3d9caps.dat
[2008-07-06 10:39:52 | 000,050,688 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-07-05 13:44:19 | 000,001,433 | ---- | C] () -- C:\Windows\disney.ini
[2008-07-05 11:32:17 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2008-07-05 11:32:17 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2008-07-05 11:06:21 | 000,000,000 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\wklnhst.dat
[2008-06-27 02:21:52 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008-06-27 02:21:52 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008-06-27 02:21:52 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008-06-27 02:21:52 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008-06-27 02:21:50 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2006-11-02 15:55:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006-11-02 13:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2002-10-16 04:24:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:8E7C96FD
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:169F1646
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:37F44C44
< End of report >

========== Processes (SafeList) ==========

PRC - [2010-10-06 14:13:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
PRC - [2010-09-20 19:45:06 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009-11-25 05:21:40 | 000,081,000 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 05:21:35 | 000,138,680 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 05:21:21 | 000,254,040 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 05:18:48 | 000,352,920 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 05:13:56 | 000,018,752 | ---- | M] (ALWIL Software) -- J:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-05-21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008-10-29 11:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-08-14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008-01-21 08:03:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


========== Modules (SafeList) ==========

MOD - [2010-10-06 14:13:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
MOD - [2008-01-21 08:04:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 08:03:14 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-05-05 23:12:08 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-25 05:21:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- J:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 05:21:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- J:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 05:18:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- J:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 05:13:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- J:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-10-20 22:42:20 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008-08-14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008-06-26 13:17:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008-01-21 08:03:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ADMIN\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010-02-04 19:45:25 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\SVKP.sys -- (SVKP)
DRV - [2009-12-13 21:08:54 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-09 08:51:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-09-15 16:25:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 16:25:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 16:25:09 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009-09-15 16:24:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 16:24:21 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008-04-22 11:47:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008-01-21 08:02:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 08:02:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 08:02:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 08:02:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 08:02:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 08:02:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 08:02:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 08:02:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 08:02:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 08:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 08:02:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 08:02:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 08:02:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 08:02:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 08:02:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 08:02:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 08:02:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 08:02:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 08:02:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 08:02:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 08:02:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 08:02:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 08:02:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 08:02:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 08:02:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-05-11 18:56:46 | 001,773,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-29 14:12:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007-04-26 16:11:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006-11-02 15:20:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 15:20:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 15:20:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 15:20:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 15:20:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 15:20:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 15:20:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 15:20:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 15:20:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 15:19:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 15:19:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 13:55:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 13:54:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 13:54:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 13:54:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 13:54:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 13:54:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 13:06:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 13:06:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

(Part 2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2233703
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-in
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 B6 D1 6D 83 1A CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "4shared Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.in/"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-09-20 19:48:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-09-20 19:48:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-09-20 19:48:40 | 000,000,000 | ---D | M]

[2009-09-25 13:24:12 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Extensions
[2010-10-06 16:50:15 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions
[2010-07-20 01:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-07-10 21:39:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(17)
[2010-07-20 19:23:13 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010-07-27 18:02:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-07-10 21:39:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(18)
[2010-09-07 13:17:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010-04-05 01:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-04-05 01:57:27 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\FasterFox_Lite@BigRedBrent
[2010-04-05 01:57:28 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\firebug@software.joehewitt.com
[2009-12-09 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\ADMIN\AppData\Roaming\mozilla\Firefox\Profiles\fatt5946.default\extensions\personas@christopher(38).beard
[2010-03-11 11:16:53 | 000,002,267 | ---- | M] () -- C:\Users\ADMIN\AppData\Roaming\Mozilla\FireFox\Profiles\fatt5946.default\searchplugins\BearShareWebSearch.xml
[2010-05-17 16:36:01 | 000,000,897 | ---- | M] () -- C:\Users\ADMIN\AppData\Roaming\Mozilla\FireFox\Profiles\fatt5946.default\searchplugins\conduit.xml
[2010-04-29 19:59:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2005-04-28 01:40:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2010-09-17 17:33:17 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010-09-17 17:33:17 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010-09-17 17:33:17 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010-09-17 17:33:17 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009-08-10 17:40:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll File not found
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTogg.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] J:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\ADMIN\AppData\Local\Temp\{8205B969-61F4-4A5D-AC89-87E3129B21A7}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O4 - Startup: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winmpa.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-19 03:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{774bc7e7-9956-11df-a8be-f4c71d5e12d8}\Shell\AutoRun\command - "" = CONTROL\AutoRun.exe
O33 - MountPoints2\{774bc7e7-9956-11df-a8be-f4c71d5e12d8}\Shell\Explore\Command - "" = CONTROL\AutoRun.exe
O33 - MountPoints2\{774bc7e7-9956-11df-a8be-f4c71d5e12d8}\Shell\Open\Command - "" = CONTROL\AutoRun.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\MFSetup.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\AutorunCD2.exe -- File not found
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\RunGame.exe -- File not found
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\RunGame.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-10-06 14:13:22 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
[2010-10-03 12:06:18 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Roaming\vlc
[2010-10-02 16:00:44 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Users\ADMIN\Desktop\WinsockxpFix.exe
[2010-09-30 18:39:25 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Roaming\Leadertech
[2010-09-30 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Documents\RCT3
[2010-09-30 18:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2010-09-30 01:07:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-09-29 19:04:27 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Local\Unity
[2010-09-20 19:48:04 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010-09-20 19:47:48 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010-09-20 19:47:48 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010-09-20 19:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010-09-20 19:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010-09-20 19:45:10 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010-09-20 19:45:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010-09-20 19:42:29 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\AppData\Roaming\Real
[2010-09-16 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Documents\Sega
[2010-09-16 17:02:08 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010-09-08 18:49:52 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Documents\My Completed Downloads
[2010-09-08 18:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2010-09-06 23:50:54 | 000,000,000 | ---D | C] -- C:\Users\ADMIN\Desktop\NDS
[2009-08-01 13:35:33 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2006-04-29 05:07:48 | 000,290,816 | ---- | C] ( ) -- C:\Windows\System32\Interop.WMPLib.dll
[2005-01-13 15:47:42 | 000,061,440 | ---- | C] (none) -- C:\Program Files\mdMod1.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ADMIN\Desktop\*.tmp files -> C:\Users\ADMIN\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-10-06 17:56:39 | 007,077,888 | -HS- | M] () -- C:\Users\ADMIN\ntuser.dat
[2010-10-06 17:54:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-06 17:54:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-06 17:14:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-06 14:13:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ADMIN\Desktop\OTL.exe
[2010-10-06 13:54:03 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-06 13:54:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-10-06 13:53:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-10-06 13:53:49 | 1062,391,808 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-06 00:00:19 | 000,524,288 | -HS- | M] () -- C:\Users\ADMIN\ntuser.dat{586f49d0-92ff-11df-a66c-bc61c385ec8c}.TMContainer00000000000000000001.regtrans-ms
[2010-10-06 00:00:19 | 000,065,536 | -HS- | M] () -- C:\Users\ADMIN\ntuser.dat{586f49d0-92ff-11df-a66c-bc61c385ec8c}.TM.blf
[2010-10-05 23:59:57 | 002,599,028 | -H-- | M] () -- C:\Users\ADMIN\AppData\Local\IconCache.db
[2010-10-05 21:20:26 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E72484B6-4C5D-4A93-B0BB-1D7689BA478F}.job
[2010-10-05 20:28:32 | 000,052,472 | ---- | M] () -- C:\Users\ADMIN\Desktop\24-74.png
[2010-10-04 18:15:43 | 002,574,990 | ---- | M] () -- C:\Users\ADMIN\Desktop\PCSX2_0.9.6_binary.7z
[2010-10-03 21:22:59 | 042,712,969 | ---- | M] () -- C:\Users\ADMIN\Desktop\moo.rar
[2010-10-03 12:36:38 | 000,046,092 | ---- | M] () -- C:\Users\ADMIN\Desktop\12.Rounds[2009][Unrated.Edition]DvDrip-aXXo.english.subtitlesource.zip
[2010-10-03 11:02:58 | 000,000,697 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-10-02 16:26:07 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Users\ADMIN\Desktop\WinsockxpFix.exe
[2010-10-02 12:48:22 | 000,050,688 | ---- | M] () -- C:\Users\ADMIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-02 12:04:19 | 000,037,388 | ---- | M] () -- C:\Users\ADMIN\Desktop\12.rounds.(2009).eng.1cd.(3539673).zip
[2010-09-30 18:40:03 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
[2010-09-30 18:39:50 | 000,001,609 | ---- | M] () -- C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
[2010-09-29 18:37:01 | 044,402,261 | ---- | M] () -- C:\Users\ADMIN\Desktop\X-Men - The Official Game.zip
[2010-09-27 18:58:36 | 000,072,409 | ---- | M] () -- C:\Users\ADMIN\Documents\Football2.docx
[2010-09-24 17:07:52 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010-09-20 19:48:25 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010-09-20 19:48:05 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010-09-20 19:47:48 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010-09-20 19:47:48 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010-09-20 19:45:10 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010-09-19 14:43:48 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-09-19 14:43:48 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-09-19 14:43:47 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-09-09 21:09:48 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\Applian FLV Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ADMIN\Desktop\*.tmp files -> C:\Users\ADMIN\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-10-05 20:28:24 | 000,052,472 | ---- | C] () -- C:\Users\ADMIN\Desktop\24-74.png
[2010-10-04 22:32:48 | 001,065,500 | ---- | C] () -- C:\Users\ADMIN\Desktop\AVSEQ01.DAT
[2010-10-04 18:14:59 | 002,574,990 | ---- | C] () -- C:\Users\ADMIN\Desktop\PCSX2_0.9.6_binary.7z
[2010-10-03 21:11:12 | 042,712,969 | ---- | C] () -- C:\Users\ADMIN\Desktop\moo.rar
[2010-10-03 12:36:11 | 000,046,092 | ---- | C] () -- C:\Users\ADMIN\Desktop\12.Rounds[2009][Unrated.Edition]DvDrip-aXXo.english.subtitlesource.zip
[2010-10-03 11:02:58 | 000,000,697 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-10-02 12:03:07 | 000,037,388 | ---- | C] () -- C:\Users\ADMIN\Desktop\12.rounds.(2009).eng.1cd.(3539673).zip
[2010-09-30 18:40:03 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
[2010-09-30 18:39:50 | 000,001,609 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
[2010-09-29 17:27:17 | 044,402,261 | ---- | C] () -- C:\Users\ADMIN\Desktop\X-Men - The Official Game.zip
[2010-09-27 18:58:35 | 000,072,409 | ---- | C] () -- C:\Users\ADMIN\Documents\Football2.docx
[2010-09-20 19:48:25 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010-09-09 21:09:48 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\Applian FLV Player.lnk
[2010-08-23 20:37:41 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010-05-05 23:31:51 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010-04-09 15:48:47 | 000,000,000 | -H-- | C] () -- C:\Users\ADMIN\AppData\Roaming\Cricket2009.exe.lock
[2010-04-07 15:37:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-03-10 21:10:54 | 000,076,407 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\Smiley.ico
[2010-02-08 19:35:55 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010-02-04 22:14:36 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2010-02-04 22:14:35 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2010-01-28 23:48:40 | 000,000,024 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\tmp123.txt
[2009-12-13 21:08:53 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-08-31 18:16:49 | 000,473,600 | ---- | C] () -- C:\Windows\System32\Harmony.dll
[2009-08-31 18:16:49 | 000,237,568 | ---- | C] () -- C:\Windows\System32\Unlha32.dll
[2009-08-01 13:39:24 | 000,000,101 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\DownloadLog.txt
[2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009-02-19 18:35:19 | 000,000,552 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\d3d8caps.dat
[2008-09-27 18:29:43 | 000,000,675 | ---- | C] () -- C:\Windows\Spidey.ini
[2008-09-22 15:11:55 | 000,000,465 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008-09-22 14:52:08 | 000,024,206 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\UserTile.png
[2008-08-12 18:21:20 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008-07-19 15:07:59 | 000,005,216 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\d3d9caps.dat
[2008-07-06 10:39:52 | 000,050,688 | ---- | C] () -- C:\Users\ADMIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-07-05 13:44:19 | 000,001,433 | ---- | C] () -- C:\Windows\disney.ini
[2008-07-05 11:32:17 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2008-07-05 11:32:17 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2008-07-05 11:06:21 | 000,000,000 | ---- | C] () -- C:\Users\ADMIN\AppData\Roaming\wklnhst.dat
[2008-06-27 02:21:52 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008-06-27 02:21:52 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008-06-27 02:21:52 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008-06-27 02:21:52 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008-06-27 02:21:50 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2006-11-02 15:55:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006-11-02 13:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2002-10-16 04:24:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:8E7C96FD
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:169F1646
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:37F44C44

< End of report >

Extras.txt
--
TL by OldTimer - Version 3.2.14.1 Folder = C:\Users\ADMIN\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

1,012.00 Mb Total Physical Memory | 509.00 Mb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.23 Gb Total Space | 10.01 Gb Free Space | 14.25% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.57 Gb Free Space | 65.67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 68.74 Gb Total Space | 57.92 Gb Free Space | 84.26% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "J:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- J:\Program Files\KGB Archiver\kgb_arch_compress.exe "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "J:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2D22AEAA-D5E7-45B6-B223-0EBC0EB5B36E}" = lport=137 | protocol=17 | dir=in | app=system |
"{31FBD703-A23E-449A-8A23-0D4C1DC02747}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4B9EFFFA-C03E-44CF-B9B8-C5281AFD4140}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C818C58-8386-4BEC-8095-DA1C78D9AF9B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6C5132E0-0B81-4574-90C7-AD53539AC12D}" = lport=139 | protocol=6 | dir=in | app=system |
"{8152F0C5-62C6-40F5-AF7E-F0D6EBE028B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{B1497022-31D6-4B60-B837-F8947215468E}" = lport=138 | protocol=17 | dir=in | app=system |
"{B58437EE-B5C5-4637-84D2-FD172C265CB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C7B1A7F6-5D3A-4E69-BC50-08C0A345BF48}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD174EC1-1097-4165-BF5B-99D2F7D08734}" = rport=138 | protocol=17 | dir=out | app=system |
"{F470309A-9931-404B-B192-1135FDB00B1D}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09CE2318-9B0D-4F41-83FB-3BF1ABC822A3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{11847B9C-0C7C-42EC-9DF3-0EEFC895E840}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{226AD74C-B3FE-46E0-863F-81B170DBF0E8}" = protocol=17 | dir=in | app=j:\program files\itunes\itunes.exe |
"{29265BF5-090C-4D06-A99D-F707A8B67276}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{503BBD6D-8A7E-47CB-81F5-DB02B27A3DD1}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{58DA7BF7-D6DA-4ECC-B582-322D937BAAC0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5AFEF62F-536D-4628-8D09-B68C464C3A07}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{65F814A6-043F-4C72-8760-94C78BB78524}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{709E5089-0E77-4A05-9730-D3AEFC4785FA}" = protocol=6 | dir=in | app=c:\users\admin\appdata\local\temp\~os2118.tmp\rlvknlg.exe |
"{8A333E9C-A5F4-450A-B272-C6850DF4CB4F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{900C7D9C-D9C9-4741-A6AB-0A70C319CE3E}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{9BA77060-E024-44DB-94ED-6F05123FE6F9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A1EA0156-9E8D-41B7-80A9-18C019563DA0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A6AC664C-760F-4ECB-9752-7B46FAD3CB9F}" = protocol=6 | dir=in | app=j:\program files\itunes\itunes.exe |
"{AFC83148-3A7D-4750-B5CE-F61EB98ED73F}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{C0B06681-D087-4156-8976-8F7C0A84F588}" = protocol=58 | dir=in | app=system |
"{C41C1858-B4C1-440F-9661-2DA2365738DC}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii - the warchiefs trial\age3x.exe |
"{C5570642-8614-4A81-8428-08D42C36BC12}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CE889820-E0E4-4382-B2C9-C4FA71033BCA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CEBAEBBB-90EC-4254-8BC9-897E218CD1A6}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{D3D57996-B746-4ACE-A20D-E7663E2BC797}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D8EDC0DA-F8F5-4F1A-89C5-CBF8DEF6ECE0}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{E1D53DDF-65F5-447C-BA69-9EC824F0E431}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{F5FCA7E2-A8B1-43AF-82FB-BBB83941C6A1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{FA8B7F37-EBEF-4E7E-89B9-1324EDD4C35C}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii - the warchiefs trial\age3x.exe |
"TCP Query User{63CB684A-790F-4900-B5CB-5B34C40CB46E}J:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=j:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{7D726321-4CF9-4CA1-BBF1-EF337EE19E06}C:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"TCP Query User{8260CDE1-1444-4F25-A17E-DC6850F223E5}J:\program files\sega\iron man\ironman.exe" = protocol=6 | dir=in | app=j:\program files\sega\iron man\ironman.exe |
"TCP Query User{86E8E56D-6877-452D-957C-62F3621FD7B0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{88883D13-A5BB-4B2C-905D-9DC86B8A4D98}C:\program files\motogp2\motogp2.exe" = protocol=6 | dir=in | app=c:\program files\motogp2\motogp2.exe |
"TCP Query User{B5FA9536-20CB-443F-B19F-123A074F4DD4}J:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=j:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"TCP Query User{DC5CCED3-ED17-49B2-B1BE-9F4558E7DC8F}J:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=6 | dir=in | app=j:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"TCP Query User{EE4E91FC-3E94-4B62-A8FE-02A371B08A7F}J:\program files\tmbot\tm.exe" = protocol=6 | dir=in | app=j:\program files\tmbot\tm.exe |
"TCP Query User{F6020A26-C8B8-4855-8841-30B0CE15E762}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{06139480-9C97-4CBA-8A90-0B4C7E8D08AC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1256B332-B533-48C9-95E1-F9F4335401E8}J:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=j:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"UDP Query User{32DE0AC6-F9CD-4B34-A09F-5A7BA1C109CA}J:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=j:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{6AA48D8E-A35C-488F-9D12-9F3E8592FB81}C:\program files\motogp2\motogp2.exe" = protocol=17 | dir=in | app=c:\program files\motogp2\motogp2.exe |
"UDP Query User{9C306E8A-2601-42F5-9365-B875261D43DD}J:\program files\tmbot\tm.exe" = protocol=17 | dir=in | app=j:\program files\tmbot\tm.exe |
"UDP Query User{D9B6F904-F51D-41A0-968E-BE3B1660D7DD}C:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"UDP Query User{DEA0F5B7-B026-4C1C-989C-F58CE53FD2D1}J:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=17 | dir=in | app=j:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"UDP Query User{E616F22B-AD51-4FFC-AE6F-63E86985F1FE}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{FFADBC35-064D-4D51-9055-F1B7DDE66E6C}J:\program files\sega\iron man\ironman.exe" = protocol=17 | dir=in | app=j:\program files\sega\iron man\ironman.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1eedb2dc-4eb6-4238-9b8a-ab90db506754}" = Nero 9 Essentials
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{21D50BB7-73F5-11D6-B2FB-0002A5E32BEF}" = Treasure Planet Training Academy Treasure Racer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6E737AC4-C430-4698-8790-C7D55F7107A4}" = Iron Man
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7F128627-9512-11D8-94C5-0003CE117910}" = Room Zoom: Race For Impact
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D6782F44-58DB-4DE5-A65C-890320CF3F99}" = Prince of Persia The Two Thrones
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Applian FLV Player2.0.24" = Applian FLV Player
"avast!" = avast! Antivirus
"BSPlayerp" = BS.Player PRO
"CCleaner" = CCleaner
"Charles_XK72" = Charles
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EAX Unified" = EAX Unified
"Echoes of the Past The Castle of Shadows Collectors Edition 1.00" = Echoes of the Past The Castle of Shadows Collectors Edition 1.00
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarmFrenzy 3 American Pie" = FarmFrenzy 3 American Pie
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HijackThis" = HijackThis 2.0.2
"InstallShield_{8B39736E-7C8C-4A32-82C1-F94245F20D85}" = Ashes Cricket 2009
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MFatigue Uninst" = Metal Fatigue Uninstall
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mystery Case Files Ravenhearst_is1" = Mystery Case Files Ravenhearst
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PJ Pride Pet Detective 2.10" = PJ Pride Pet Detective 2.10
"PowerISO" = PowerISO
"Product_Name" = Millennium Gamepak Platinum
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"Quake2UninstallKey" = Quake II
"RealPlayer 12.0" = RealPlayer
"RPG Maker 2000 1.05" = RPG Maker 2000 1.05
"SpeechAPI" = Microsoft Speech API 3.0
"ST6UNST #1" = Wrestling Scoreboard 1.0.0
"VLC media player" = VLC media player 1.1.4
"VobSub" = VobSub v2.23 (Remove Only)
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR archiver
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 05-06-2010 09:16:44 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 05-06-2010 09:16:44 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

Error - 08-06-2010 07:04:24 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\SoftwareDistribution\Download\aba2712c016d81eecc921a42e696d243\BITF1FD.tmp
failed, 00000026.

Error - 10-09-2010 06:22:10 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\ProgramData\SpeedBit\DAP\History\ADMIN\_lasthist.dat failed, 00000005.

Error - 27-09-2010 09:19:35 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\ADMIN\AppData\Roaming\Microsoft\Office\Recent\Football.LNK failed, 00000026.


[ Application Events ]
Error - 04-10-2010 08:57:57 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04-10-2010 08:58:31 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04-10-2010 10:37:23 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04-10-2010 23:36:05 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 04-10-2010 23:44:20 | Computer Name = ADMIN-PC | Source = Google Update | ID = 20
Description =

Error - 05-10-2010 03:52:46 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 05-10-2010 04:09:53 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 05-10-2010 10:29:10 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 05-10-2010 10:37:10 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 06-10-2010 04:25:05 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 26-07-2008 09:44:10 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 26-07-2008 09:44:10 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 00:41:17 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 00:41:18 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 02:40:22 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 02:40:22 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 09:41:59 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 09:41:59 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 11:45:29 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 11:45:29 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "J:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- J:\Program Files\KGB Archiver\kgb_arch_compress.exe "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "J:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2D22AEAA-D5E7-45B6-B223-0EBC0EB5B36E}" = lport=137 | protocol=17 | dir=in | app=system |
"{31FBD703-A23E-449A-8A23-0D4C1DC02747}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4B9EFFFA-C03E-44CF-B9B8-C5281AFD4140}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C818C58-8386-4BEC-8095-DA1C78D9AF9B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6C5132E0-0B81-4574-90C7-AD53539AC12D}" = lport=139 | protocol=6 | dir=in | app=system |
"{8152F0C5-62C6-40F5-AF7E-F0D6EBE028B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{B1497022-31D6-4B60-B837-F8947215468E}" = lport=138 | protocol=17 | dir=in | app=system |
"{B58437EE-B5C5-4637-84D2-FD172C265CB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C7B1A7F6-5D3A-4E69-BC50-08C0A345BF48}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD174EC1-1097-4165-BF5B-99D2F7D08734}" = rport=138 | protocol=17 | dir=out | app=system |
"{F470309A-9931-404B-B192-1135FDB00B1D}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09CE2318-9B0D-4F41-83FB-3BF1ABC822A3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{11847B9C-0C7C-42EC-9DF3-0EEFC895E840}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{226AD74C-B3FE-46E0-863F-81B170DBF0E8}" = protocol=17 | dir=in | app=j:\program files\itunes\itunes.exe |
"{29265BF5-090C-4D06-A99D-F707A8B67276}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{503BBD6D-8A7E-47CB-81F5-DB02B27A3DD1}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{58DA7BF7-D6DA-4ECC-B582-322D937BAAC0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5AFEF62F-536D-4628-8D09-B68C464C3A07}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{65F814A6-043F-4C72-8760-94C78BB78524}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{709E5089-0E77-4A05-9730-D3AEFC4785FA}" = protocol=6 | dir=in | app=c:\users\admin\appdata\local\temp\~os2118.tmp\rlvknlg.exe |
"{8A333E9C-A5F4-450A-B272-C6850DF4CB4F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{900C7D9C-D9C9-4741-A6AB-0A70C319CE3E}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{9BA77060-E024-44DB-94ED-6F05123FE6F9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A1EA0156-9E8D-41B7-80A9-18C019563DA0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A6AC664C-760F-4ECB-9752-7B46FAD3CB9F}" = protocol=6 | dir=in | app=j:\program files\itunes\itunes.exe |
"{AFC83148-3A7D-4750-B5CE-F61EB98ED73F}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{C0B06681-D087-4156-8976-8F7C0A84F588}" = protocol=58 | dir=in | app=system |
"{C41C1858-B4C1-440F-9661-2DA2365738DC}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii - the warchiefs trial\age3x.exe |
"{C5570642-8614-4A81-8428-08D42C36BC12}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CE889820-E0E4-4382-B2C9-C4FA71033BCA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CEBAEBBB-90EC-4254-8BC9-897E218CD1A6}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{D3D57996-B746-4ACE-A20D-E7663E2BC797}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D8EDC0DA-F8F5-4F1A-89C5-CBF8DEF6ECE0}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{E1D53DDF-65F5-447C-BA69-9EC824F0E431}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{F5FCA7E2-A8B1-43AF-82FB-BBB83941C6A1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{FA8B7F37-EBEF-4E7E-89B9-1324EDD4C35C}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii - the warchiefs trial\age3x.exe |
"TCP Query User{63CB684A-790F-4900-B5CB-5B34C40CB46E}J:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=j:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{7D726321-4CF9-4CA1-BBF1-EF337EE19E06}C:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"TCP Query User{8260CDE1-1444-4F25-A17E-DC6850F223E5}J:\program files\sega\iron man\ironman.exe" = protocol=6 | dir=in | app=j:\program files\sega\iron man\ironman.exe |
"TCP Query User{86E8E56D-6877-452D-957C-62F3621FD7B0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{88883D13-A5BB-4B2C-905D-9DC86B8A4D98}C:\program files\motogp2\motogp2.exe" = protocol=6 | dir=in | app=c:\program files\motogp2\motogp2.exe |
"TCP Query User{B5FA9536-20CB-443F-B19F-123A074F4DD4}J:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=j:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"TCP Query User{DC5CCED3-ED17-49B2-B1BE-9F4558E7DC8F}J:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=6 | dir=in | app=j:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"TCP Query User{EE4E91FC-3E94-4B62-A8FE-02A371B08A7F}J:\program files\tmbot\tm.exe" = protocol=6 | dir=in | app=j:\program files\tmbot\tm.exe |
"TCP Query User{F6020A26-C8B8-4855-8841-30B0CE15E762}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{06139480-9C97-4CBA-8A90-0B4C7E8D08AC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1256B332-B533-48C9-95E1-F9F4335401E8}J:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=j:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"UDP Query User{32DE0AC6-F9CD-4B34-A09F-5A7BA1C109CA}J:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=j:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{6AA48D8E-A35C-488F-9D12-9F3E8592FB81}C:\program files\motogp2\motogp2.exe" = protocol=17 | dir=in | app=c:\program files\motogp2\motogp2.exe |
"UDP Query User{9C306E8A-2601-42F5-9365-B875261D43DD}J:\program files\tmbot\tm.exe" = protocol=17 | dir=in | app=j:\program files\tmbot\tm.exe |
"UDP Query User{D9B6F904-F51D-41A0-968E-BE3B1660D7DD}C:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\admin\desktop\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"UDP Query User{DEA0F5B7-B026-4C1C-989C-F58CE53FD2D1}J:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe" = protocol=17 | dir=in | app=j:\program files\left 4 dead 2 version 2.0.1.1 by rocnogu\left4dead2.exe |
"UDP Query User{E616F22B-AD51-4FFC-AE6F-63E86985F1FE}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{FFADBC35-064D-4D51-9055-F1B7DDE66E6C}J:\program files\sega\iron man\ironman.exe" = protocol=17 | dir=in | app=j:\program files\sega\iron man\ironman.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1eedb2dc-4eb6-4238-9b8a-ab90db506754}" = Nero 9 Essentials
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{21D50BB7-73F5-11D6-B2FB-0002A5E32BEF}" = Treasure Planet Training Academy Treasure Racer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6E737AC4-C430-4698-8790-C7D55F7107A4}" = Iron Man
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7F128627-9512-11D8-94C5-0003CE117910}" = Room Zoom: Race For Impact
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D6782F44-58DB-4DE5-A65C-890320CF3F99}" = Prince of Persia The Two Thrones
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Applian FLV Player2.0.24" = Applian FLV Player
"avast!" = avast! Antivirus
"BSPlayerp" = BS.Player PRO
"CCleaner" = CCleaner
"Charles_XK72" = Charles
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EAX Unified" = EAX Unified
"Echoes of the Past The Castle of Shadows Collectors Edition 1.00" = Echoes of the Past The Castle of Shadows Collectors Edition 1.00
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarmFrenzy 3 American Pie" = FarmFrenzy 3 American Pie
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HijackThis" = HijackThis 2.0.2
"InstallShield_{8B39736E-7C8C-4A32-82C1-F94245F20D85}" = Ashes Cricket 2009
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MFatigue Uninst" = Metal Fatigue Uninstall
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mystery Case Files Ravenhearst_is1" = Mystery Case Files Ravenhearst
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PJ Pride Pet Detective 2.10" = PJ Pride Pet Detective 2.10
"PowerISO" = PowerISO
"Product_Name" = Millennium Gamepak Platinum
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"Quake2UninstallKey" = Quake II
"RealPlayer 12.0" = RealPlayer
"RPG Maker 2000 1.05" = RPG Maker 2000 1.05
"SpeechAPI" = Microsoft Speech API 3.0
"ST6UNST #1" = Wrestling Scoreboard 1.0.0
"VLC media player" = VLC media player 1.1.4
"VobSub" = VobSub v2.23 (Remove Only)
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR archiver
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 05-06-2010 09:16:44 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 05-06-2010 09:16:44 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

Error - 08-06-2010 07:04:24 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\SoftwareDistribution\Download\aba2712c016d81eecc921a42e696d243\BITF1FD.tmp
failed, 00000026.

Error - 10-09-2010 06:22:10 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\ProgramData\SpeedBit\DAP\History\ADMIN\_lasthist.dat failed, 00000005.

Error - 27-09-2010 09:19:35 | Computer Name = ADMIN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\ADMIN\AppData\Roaming\Microsoft\Office\Recent\Football.LNK failed, 00000026.


[ Application Events ]
Error - 04-10-2010 08:57:57 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04-10-2010 08:58:31 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04-10-2010 10:37:23 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04-10-2010 23:36:05 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 04-10-2010 23:44:20 | Computer Name = ADMIN-PC | Source = Google Update | ID = 20
Description =

Error - 05-10-2010 03:52:46 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 05-10-2010 04:09:53 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 05-10-2010 10:29:10 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 05-10-2010 10:37:10 | Computer Name = ADMIN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 06-10-2010 04:25:05 | Computer Name = ADMIN-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 26-07-2008 09:44:10 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 26-07-2008 09:44:10 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 00:41:17 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 00:41:18 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 02:40:22 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 02:40:22 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 09:41:59 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 09:41:59 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =

Error - 27-07-2008 11:45:29 | Computer Name = ADMIN-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0992CDE8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27-07-2008 11:45:29 | Computer Name = ADMIN-PC | Source = HTTP | ID = 15016
Description =


< End of report >

............................................................................................

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4767

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18943

07-10-2010 18:40:54
mbam-log-2010-10-07 (18-40-54).txt

Scan type: Quick scan
Objects scanned: 155209
Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

--

Hello.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight the following:
  
  Adobe Reader 9.1
  Java(TM) 6 Update 18
  
  
• Click on the Uninstall/Change button at the top.
  

Updating Java:

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 21.
  
• Click the "Download JRE" button to the right.
  
• In the Window that opens, select your platform, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Then from your desktop double-click on jre-6u21-windows-i586.exe that you downloaded to install the newest version.
  

Then download and install Adobe Reader 9.3.4

How is the machine running now?

It works awesome now, buddy
Thanks

Sorry for double-post, but I had this problem with the Java.



I tried 2-3 times, and all the other things were closed..

And the Adobe reader update works, that's why I said it works good..

Hello.

Please download JavaRa from here

• First, unzip it.
  
• Then run JavaRa. (If you are running Vista, you will need to right click JavaRa > select "Run as administrator")
  
• Select English from the drop down menu and press Select.
  
• This will open JavaRa.
  
• Press Remove older versions
  
• Press yes to the prompt.
  

Try installed Java Update 22 again.