16
Re: bds/small.iuj another one on Thu Mar 18, 2010 1:09 am
ervinako
Member
is this ok??.. hmpf damn virus.
Message [Page 2 of 6]
16
Member
17 Re: bds/small.iuj another one on Thu Mar 18, 2010 2:51 am
ervinako
Member
i post the result in first page..
18 Re: bds/small.iuj another one on Thu Mar 18, 2010 10:41 am
DragonMaster Jay
Site Owner
Download OTL.exe by OldTimer to your Desktop.
Please run OTL.exe.
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
Please run OTL.exe.
- Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
- Code:
:files
C:\windows\explorer.exe|C:\documents and settings\ej\desktop\explorer.exe /replace
:commands
[reboot]
[emptytemp]
[purity]
- Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
- Click the red Run Fix button.
- A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here 19 Re: bds/small.iuj another one on Thu Mar 18, 2010 9:11 pm
ervinako
Member
All processes killed
========== FILES ==========
File C:\windows\explorer.exe successfully replaced with C:\documents and settings\ej\desktop\explorer.exe
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ej
->Temp folder emptied: 1293917 bytes
->Temporary Internet Files folder emptied: 85724 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 5924996 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7.00 mb
OTL by OldTimer - Version 3.1.37.3 log created on 03192010_090756
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== FILES ==========
File C:\windows\explorer.exe successfully replaced with C:\documents and settings\ej\desktop\explorer.exe
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ej
->Temp folder emptied: 1293917 bytes
->Temporary Internet Files folder emptied: 85724 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 5924996 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7.00 mb
OTL by OldTimer - Version 3.1.37.3 log created on 03192010_090756
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
20 Re: bds/small.iuj another one on Thu Mar 18, 2010 9:11 pm
ervinako
Member
THANKS!! IT IS NOW FIX YOUR THE MAN!!!
can i delete the explorer in my desktop?..
can i delete the explorer in my desktop?..
21 Re: bds/small.iuj another one on Thu Mar 18, 2010 9:13 pm
DragonMaster Jay
Site Owner
Please open OTL.
- Under the Custom Scan box paste this in
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
c:\$recycle.bin\*.* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
explorer.exe
/md5stop
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles - Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here 22 Re: bds/small.iuj another one on Thu Mar 18, 2010 9:31 pm
ervinako
Member
dude can i now delete the Explorer in my desktop?
cause im cleaning my pc. and deleting all unnecessary files
cause im cleaning my pc. and deleting all unnecessary files
23 Re: bds/small.iuj another one on Thu Mar 18, 2010 9:59 pm
DragonMaster Jay
Site Owner
Yes.
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here 24 Re: bds/small.iuj another one on Thu Mar 18, 2010 10:16 pm
ervinako
Member
Extras.txt
OTL Extras logfile created on: 3/19/2010 9:28:57 AM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\ej\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 200.00 Mb Available Physical Memory | 39.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 21.89 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive D: | 35.44 Gb Total Space | 30.43 Gb Free Space | 85.86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 232.83 Gb Total Space | 151.68 Gb Free Space | 65.15% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive J: | 3.90 Gb Total Space | 2.58 Gb Free Space | 66.12% Space Free | Partition Type: FAT32
Computer Name: 9568F4ADBC8649B
Current User Name: ej
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5191:TCP" = 5191:TCP:*:Enabled:The Browser Highlighter XCOM
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\tbh\base\bin\tbhDaemon.exe" = C:\Program Files\tbh\base\bin\tbhDaemon.exe:*:Enabled:The Browser Highlighter - Daemon -- ()
"C:\Program Files\tbh\monitor\bin\tbhMonitor.exe" = C:\Program Files\tbh\monitor\bin\tbhMonitor.exe:*:Enabled:The Browser Highlighter - Monitor -- ()
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"H:\Gamez\Grand Chase\Main.exe" = H:\Gamez\Grand Chase\Main.exe:*:Enabled:GrandChase -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3B62CF95-5E25-4720-A3D6-B4A2B0501961}" = Browser Highlighter - Firefox
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}" = Sony Media Manager 2.2
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4E8444C5-766E-4f4d-82F8-BB83E2FBB42A}" = HP Deskjet F2200 All-In-One Driver 10.0 Rel .3
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{8FE54D21-8254-4CCF-AEE0-066496AE43F4}" = Delta Force - Black Hawk Down
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe Extendscript Toolkit 2
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Celebration! Stuff
"{EC6BAAC5-F5E0-48D4-B4B6-7C654DD54086}" = Sony Vegas 7.0b
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Download Manager_is1" = Free Download Manager 3.0
"FrostWire" = FrostWire 4.18.5
"Garena" = Garena
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Nokia PC Suite" = Nokia PC Suite
"PowerISO" = PowerISO
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QuicktimeAlt_is1" = QuickTime Alternative 1.67
"Raganrok Renewal" = Ragnarok Renewal
"Ragnarok Online" = Ragnarok Online
"Ragnarok Sakray" = Ragnarok Sakray
"Software Informer_is1" = Software Informer 1.0 BETA
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.5.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/14/2010 9:23:47 PM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/15/2010 7:11:44 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/16/2010 12:08:09 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/16/2010 10:31:28 AM | Computer Name = 9568F4ADBC8649B | Source = Application Error | ID = 1000
Description = Faulting application ideas.exe, version 1.0.0.8, faulting module ideas.exe,
version 1.0.0.8, fault address 0x0001508c.
Error - 3/16/2010 10:31:40 AM | Computer Name = 9568F4ADBC8649B | Source = Application Error | ID = 1000
Description = Faulting application ideas.exe, version 1.0.0.8, faulting module ideas.exe,
version 1.0.0.8, fault address 0x0001508c.
Error - 3/16/2010 10:34:09 AM | Computer Name = 9568F4ADBC8649B | Source = Application Error | ID = 1000
Description = Faulting application ideas.exe, version 1.0.0.8, faulting module ideas.exe,
version 1.0.0.8, fault address 0x0001508c.
Error - 3/17/2010 1:36:07 AM | Computer Name = 9568F4ADBC8649B | Source = Google Update | ID = 20
Description =
Error - 3/17/2010 6:57:36 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/17/2010 8:59:52 PM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/18/2010 5:58:50 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
[ System Events ]
Error - 3/18/2010 9:03:11 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The The Browser Highlighter Monitor service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/18/2010 9:03:11 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:03:12 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The ServiceLayer service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:04:43 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service terminated
unexpectedly. It has done this 1 time(s).
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The The Browser Highlighter Monitor service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:07:57 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The ServiceLayer service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:09:20 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2
< End of report >
OTL.txt
OTL logfile created on: 3/19/2010 9:28:57 AM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\ej\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 200.00 Mb Available Physical Memory | 39.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 21.89 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive D: | 35.44 Gb Total Space | 30.43 Gb Free Space | 85.86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 232.83 Gb Total Space | 151.68 Gb Free Space | 65.15% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive J: | 3.90 Gb Total Space | 2.58 Gb Free Space | 66.12% Space Free | Partition Type: FAT32
Computer Name: 9568F4ADBC8649B
Current User Name: ej
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/03/19 09:28:47 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
PRC - [2010/03/19 09:09:21 | 000,492,840 | ---- | M] (eBay) -- C:\Program Files\tbh\base\bin\tbhSystray.exe
PRC - [2010/03/19 09:09:20 | 000,062,760 | ---- | M] () -- c:\Program Files\tbh\base\bin\tbhDaemon.exe
PRC - [2010/03/17 23:44:30 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010/03/13 23:58:34 | 000,530,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/02/20 19:02:50 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/22 21:57:44 | 000,070,952 | ---- | M] () -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
PRC - [2009/07/27 10:37:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/23 21:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2004/10/14 22:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
========== Modules (SafeList) ==========
MOD - [2010/03/19 09:28:47 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
MOD - [2006/01/13 09:10:05 | 001,053,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/01/22 23:02:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/12/17 05:05:00 | 003,375,888 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/10/22 21:57:44 | 000,070,952 | ---- | M] () [Auto | Running] -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -- (tbhMonitor.exe)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14200&l=dis
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.ph/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: browserhighlighter@ebay.com:1.0.17641
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/01/04 17:50:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/16 22:01:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/16 22:01:40 | 000,000,000 | ---D | M]
[2009/12/27 13:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Extensions
[2010/03/18 22:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Firefox\Profiles\ozcaff2w.default\extensions
[2010/03/19 00:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Firefox\Profiles\ozcaff2w.default\extensions\browserhighlighter@ebay.com
[2009/12/27 18:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Firefox\Profiles\ozcaff2w.default\extensions\nasanightlaunch@example.com
[2010/03/19 00:27:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/14 06:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
O1 HOSTS File: ([2010/01/12 19:41:13 | 000,001,216 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe (eBay)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 58.69.254.5 58.69.254.25 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\ej\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ej\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/27 20:41:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2010/03/19 09:28:45 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
[2010/03/19 08:52:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ej\Recent
[2010/03/19 00:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Desktop\eh
[2010/03/18 23:15:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/18 13:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Application Data\fltk.org
[2010/03/18 13:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Application Data\Free Download Manager
[2010/03/18 13:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/03/18 13:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2010/03/18 09:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/18 00:21:34 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/03/18 00:21:34 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/03/18 00:21:34 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/03/18 00:21:33 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/03/18 00:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/03/18 00:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/03/18 00:02:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/17 23:41:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/17 23:41:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/17 23:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/16 20:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/03/16 20:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/03/16 20:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/03/16 20:22:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/03/16 12:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\My Documents\oral revalida
[2010/03/13 22:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/13 21:06:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ej\IETldCache
[2010/03/13 21:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/13 21:01:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/03/13 21:01:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/03/13 11:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/03/13 11:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Local Settings\Application Data\Downloaded Installations
[2010/03/12 23:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Application Data\Malwarebytes
[2010/03/12 23:17:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/12 23:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/12 23:17:26 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/12 23:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/12 22:42:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/12 22:39:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/12 22:39:02 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/12 22:39:02 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/12 22:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/11 23:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Local Settings\Application Data\Yahoo!
[2010/03/07 21:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/07 21:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/07 21:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/07 21:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/07 21:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/07 21:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/07 21:37:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/03/07 21:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Local Settings\Application Data\Microsoft Help
[2010/03/07 21:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/07 21:35:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/03/07 21:34:20 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/03/05 19:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\My Documents\THE
[2010/02/12 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009/12/27 17:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/12/27 13:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[1 C:\Documents and Settings\ej\*.tmp files -> C:\Documents and Settings\ej\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2010/03/19 09:28:47 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
[2010/03/19 09:21:00 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\ej\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/19 09:18:58 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2010/03/19 09:18:58 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/03/19 09:09:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/19 09:09:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/19 09:08:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/19 09:08:57 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/19 09:08:15 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\ej\NTUSER.DAT
[2010/03/19 09:08:07 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ej\ntuser.ini
[2010/03/19 01:45:23 | 001,576,488 | -H-- | M] () -- C:\Documents and Settings\ej\Local Settings\Application Data\IconCache.db
[2010/03/19 01:40:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/18 23:42:09 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\ej\Desktop\Sony Vegas 7.lnk
[2010/03/18 23:41:26 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\ej\Desktop\Photoshop CS3.lnk
[2010/03/18 23:07:21 | 000,259,200 | ---- | M] () -- C:\Documents and Settings\ej\My Documents\Tae.veg
[2010/03/18 22:05:20 | 000,259,200 | ---- | M] () -- C:\Documents and Settings\ej\My Documents\Tae.veg.bak
[2010/03/18 21:43:47 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/03/18 13:00:00 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/18 09:08:44 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/03/14 18:39:07 | 002,397,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/14 18:36:26 | 000,033,312 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010/03/14 18:36:26 | 000,004,196 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010/03/14 18:36:25 | 001,085,472 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/03/14 18:36:25 | 000,014,840 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/03/14 18:00:02 | 000,099,536 | ---- | M] () -- C:\Documents and Settings\ej\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/14 16:17:04 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/13 21:00:15 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/03/12 22:42:59 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/03/07 21:37:18 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[1 C:\Documents and Settings\ej\*.tmp files -> C:\Documents and Settings\ej\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/03/19 00:04:38 | 001,683,456 | ---- | C] () -- C:\Documents and Settings\ej\Desktop\grandchase.exe
[2010/03/18 23:42:09 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\ej\Desktop\Sony Vegas 7.lnk
[2010/03/18 23:41:26 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\ej\Desktop\Photoshop CS3.lnk
[2010/03/18 21:07:24 | 000,259,200 | ---- | C] () -- C:\Documents and Settings\ej\My Documents\Tae.veg.bak
[2010/03/18 21:07:24 | 000,259,200 | ---- | C] () -- C:\Documents and Settings\ej\My Documents\Tae.veg
[2010/03/13 21:00:14 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/03/13 11:51:47 | 001,085,472 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/03/13 11:51:47 | 000,033,312 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010/03/13 11:51:47 | 000,014,840 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/03/13 11:51:47 | 000,004,196 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010/03/12 22:42:59 | 000,000,211 | -H-- | C] () -- C:\Boot.bak
[2010/03/12 22:42:56 | 000,260,272 | -H-- | C] () -- C:\cmldr
[2010/03/12 22:39:02 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/12 22:39:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/12 22:39:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/12 22:39:02 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/12 22:39:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/02/08 22:33:39 | 000,000,340 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/01/29 18:05:15 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/12/29 22:18:09 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\ej\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/27 20:46:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/27 20:28:39 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/01/13 10:02:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/13 09:55:02 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006/01/13 09:52:59 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll
[2006/01/13 09:52:17 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/01/13 09:40:44 | 001,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006/01/13 09:40:28 | 001,040,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006/01/13 09:39:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2006/01/13 09:38:40 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2006/01/13 09:33:47 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006/01/13 09:33:47 | 000,000,609 | ---- | C] () -- C:\WINDOWS\System32\OEMinfo.ini
========== LOP Check ==========
[2010/02/12 22:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/01/23 23:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/03/18 13:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/01/04 17:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/01/04 17:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/02/28 17:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/01/23 23:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\DAEMON Tools Lite
[2010/03/18 13:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\fltk.org
[2010/03/19 01:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Free Download Manager
[2010/03/18 19:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\FrostWire
[2010/01/30 09:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\GrabPro
[2009/12/28 15:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Leadertech
[2010/01/05 18:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Nokia
[2010/01/30 10:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Orbit
[2010/01/05 18:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\PC Suite
[2010/02/28 17:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Publish Providers
[2010/02/14 17:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Software Informer
[2010/02/28 17:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Sony
[2010/02/28 16:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Sony Setup
[2010/03/19 09:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\*. /mp /s >
< c:\$recycle.bin\*.* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< MD5 for: EXPLORER.EXE >
[2010/03/17 23:44:30 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\Documents and Settings\ej\Desktop\explorer.exe
[2010/03/17 23:44:30 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >
OTL Extras logfile created on: 3/19/2010 9:28:57 AM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\ej\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 200.00 Mb Available Physical Memory | 39.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 21.89 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive D: | 35.44 Gb Total Space | 30.43 Gb Free Space | 85.86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 232.83 Gb Total Space | 151.68 Gb Free Space | 65.15% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive J: | 3.90 Gb Total Space | 2.58 Gb Free Space | 66.12% Space Free | Partition Type: FAT32
Computer Name: 9568F4ADBC8649B
Current User Name: ej
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5191:TCP" = 5191:TCP:*:Enabled:The Browser Highlighter XCOM
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\tbh\base\bin\tbhDaemon.exe" = C:\Program Files\tbh\base\bin\tbhDaemon.exe:*:Enabled:The Browser Highlighter - Daemon -- ()
"C:\Program Files\tbh\monitor\bin\tbhMonitor.exe" = C:\Program Files\tbh\monitor\bin\tbhMonitor.exe:*:Enabled:The Browser Highlighter - Monitor -- ()
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"H:\Gamez\Grand Chase\Main.exe" = H:\Gamez\Grand Chase\Main.exe:*:Enabled:GrandChase -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3B62CF95-5E25-4720-A3D6-B4A2B0501961}" = Browser Highlighter - Firefox
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}" = Sony Media Manager 2.2
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4E8444C5-766E-4f4d-82F8-BB83E2FBB42A}" = HP Deskjet F2200 All-In-One Driver 10.0 Rel .3
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{8FE54D21-8254-4CCF-AEE0-066496AE43F4}" = Delta Force - Black Hawk Down
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe Extendscript Toolkit 2
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Celebration! Stuff
"{EC6BAAC5-F5E0-48D4-B4B6-7C654DD54086}" = Sony Vegas 7.0b
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Download Manager_is1" = Free Download Manager 3.0
"FrostWire" = FrostWire 4.18.5
"Garena" = Garena
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Nokia PC Suite" = Nokia PC Suite
"PowerISO" = PowerISO
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QuicktimeAlt_is1" = QuickTime Alternative 1.67
"Raganrok Renewal" = Ragnarok Renewal
"Ragnarok Online" = Ragnarok Online
"Ragnarok Sakray" = Ragnarok Sakray
"Software Informer_is1" = Software Informer 1.0 BETA
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.5.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/14/2010 9:23:47 PM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/15/2010 7:11:44 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/16/2010 12:08:09 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/16/2010 10:31:28 AM | Computer Name = 9568F4ADBC8649B | Source = Application Error | ID = 1000
Description = Faulting application ideas.exe, version 1.0.0.8, faulting module ideas.exe,
version 1.0.0.8, fault address 0x0001508c.
Error - 3/16/2010 10:31:40 AM | Computer Name = 9568F4ADBC8649B | Source = Application Error | ID = 1000
Description = Faulting application ideas.exe, version 1.0.0.8, faulting module ideas.exe,
version 1.0.0.8, fault address 0x0001508c.
Error - 3/16/2010 10:34:09 AM | Computer Name = 9568F4ADBC8649B | Source = Application Error | ID = 1000
Description = Faulting application ideas.exe, version 1.0.0.8, faulting module ideas.exe,
version 1.0.0.8, fault address 0x0001508c.
Error - 3/17/2010 1:36:07 AM | Computer Name = 9568F4ADBC8649B | Source = Google Update | ID = 20
Description =
Error - 3/17/2010 6:57:36 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/17/2010 8:59:52 PM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/18/2010 5:58:50 AM | Computer Name = 9568F4ADBC8649B | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
[ System Events ]
Error - 3/18/2010 9:03:11 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The The Browser Highlighter Monitor service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/18/2010 9:03:11 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:03:12 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The ServiceLayer service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:04:43 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service terminated
unexpectedly. It has done this 1 time(s).
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The The Browser Highlighter Monitor service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/18/2010 9:07:56 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:07:57 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7034
Description = The ServiceLayer service terminated unexpectedly. It has done this
1 time(s).
Error - 3/18/2010 9:09:20 PM | Computer Name = 9568F4ADBC8649B | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2
< End of report >
OTL.txt
OTL logfile created on: 3/19/2010 9:28:57 AM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\ej\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 200.00 Mb Available Physical Memory | 39.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 21.89 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive D: | 35.44 Gb Total Space | 30.43 Gb Free Space | 85.86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 232.83 Gb Total Space | 151.68 Gb Free Space | 65.15% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive J: | 3.90 Gb Total Space | 2.58 Gb Free Space | 66.12% Space Free | Partition Type: FAT32
Computer Name: 9568F4ADBC8649B
Current User Name: ej
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/03/19 09:28:47 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
PRC - [2010/03/19 09:09:21 | 000,492,840 | ---- | M] (eBay) -- C:\Program Files\tbh\base\bin\tbhSystray.exe
PRC - [2010/03/19 09:09:20 | 000,062,760 | ---- | M] () -- c:\Program Files\tbh\base\bin\tbhDaemon.exe
PRC - [2010/03/17 23:44:30 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010/03/13 23:58:34 | 000,530,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/02/20 19:02:50 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/22 21:57:44 | 000,070,952 | ---- | M] () -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
PRC - [2009/07/27 10:37:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/23 21:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2004/10/14 22:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
========== Modules (SafeList) ==========
MOD - [2010/03/19 09:28:47 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
MOD - [2006/01/13 09:10:05 | 001,053,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/01/22 23:02:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/12/17 05:05:00 | 003,375,888 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/10/22 21:57:44 | 000,070,952 | ---- | M] () [Auto | Running] -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -- (tbhMonitor.exe)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14200&l=dis
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.ph/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: browserhighlighter@ebay.com:1.0.17641
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/01/04 17:50:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/16 22:01:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/16 22:01:40 | 000,000,000 | ---D | M]
[2009/12/27 13:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Extensions
[2010/03/18 22:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Firefox\Profiles\ozcaff2w.default\extensions
[2010/03/19 00:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Firefox\Profiles\ozcaff2w.default\extensions\browserhighlighter@ebay.com
[2009/12/27 18:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Mozilla\Firefox\Profiles\ozcaff2w.default\extensions\nasanightlaunch@example.com
[2010/03/19 00:27:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/14 06:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
O1 HOSTS File: ([2010/01/12 19:41:13 | 000,001,216 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe (eBay)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 58.69.254.5 58.69.254.25 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\ej\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ej\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/27 20:41:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2010/03/19 09:28:45 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
[2010/03/19 08:52:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ej\Recent
[2010/03/19 00:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Desktop\eh
[2010/03/18 23:15:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/18 13:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Application Data\fltk.org
[2010/03/18 13:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Application Data\Free Download Manager
[2010/03/18 13:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/03/18 13:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2010/03/18 09:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/18 00:21:34 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/03/18 00:21:34 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/03/18 00:21:34 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/03/18 00:21:33 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/03/18 00:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/03/18 00:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/03/18 00:02:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/17 23:41:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/17 23:41:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/17 23:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/16 20:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/03/16 20:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/03/16 20:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/03/16 20:22:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/03/16 12:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\My Documents\oral revalida
[2010/03/13 22:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/13 21:06:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ej\IETldCache
[2010/03/13 21:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/13 21:01:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/03/13 21:01:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/03/13 11:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/03/13 11:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Local Settings\Application Data\Downloaded Installations
[2010/03/12 23:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Application Data\Malwarebytes
[2010/03/12 23:17:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/12 23:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/12 23:17:26 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/12 23:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/12 22:42:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/12 22:39:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/12 22:39:02 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/12 22:39:02 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/12 22:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/11 23:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Local Settings\Application Data\Yahoo!
[2010/03/07 21:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/07 21:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/07 21:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/07 21:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/07 21:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/07 21:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/07 21:37:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/03/07 21:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\Local Settings\Application Data\Microsoft Help
[2010/03/07 21:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/07 21:35:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/03/07 21:34:20 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/03/05 19:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ej\My Documents\THE
[2010/02/12 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009/12/27 17:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/12/27 13:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[1 C:\Documents and Settings\ej\*.tmp files -> C:\Documents and Settings\ej\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2010/03/19 09:28:47 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ej\Desktop\OTL.exe
[2010/03/19 09:21:00 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\ej\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/19 09:18:58 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2010/03/19 09:18:58 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/03/19 09:09:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/19 09:09:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/19 09:08:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/19 09:08:57 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/19 09:08:15 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\ej\NTUSER.DAT
[2010/03/19 09:08:07 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ej\ntuser.ini
[2010/03/19 01:45:23 | 001,576,488 | -H-- | M] () -- C:\Documents and Settings\ej\Local Settings\Application Data\IconCache.db
[2010/03/19 01:40:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/18 23:42:09 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\ej\Desktop\Sony Vegas 7.lnk
[2010/03/18 23:41:26 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\ej\Desktop\Photoshop CS3.lnk
[2010/03/18 23:07:21 | 000,259,200 | ---- | M] () -- C:\Documents and Settings\ej\My Documents\Tae.veg
[2010/03/18 22:05:20 | 000,259,200 | ---- | M] () -- C:\Documents and Settings\ej\My Documents\Tae.veg.bak
[2010/03/18 21:43:47 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/03/18 13:00:00 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/18 09:08:44 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/03/14 18:39:07 | 002,397,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/14 18:36:26 | 000,033,312 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010/03/14 18:36:26 | 000,004,196 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010/03/14 18:36:25 | 001,085,472 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/03/14 18:36:25 | 000,014,840 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/03/14 18:00:02 | 000,099,536 | ---- | M] () -- C:\Documents and Settings\ej\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/14 16:17:04 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/13 21:00:15 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/03/12 22:42:59 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/03/07 21:37:18 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[1 C:\Documents and Settings\ej\*.tmp files -> C:\Documents and Settings\ej\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/03/19 00:04:38 | 001,683,456 | ---- | C] () -- C:\Documents and Settings\ej\Desktop\grandchase.exe
[2010/03/18 23:42:09 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\ej\Desktop\Sony Vegas 7.lnk
[2010/03/18 23:41:26 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\ej\Desktop\Photoshop CS3.lnk
[2010/03/18 21:07:24 | 000,259,200 | ---- | C] () -- C:\Documents and Settings\ej\My Documents\Tae.veg.bak
[2010/03/18 21:07:24 | 000,259,200 | ---- | C] () -- C:\Documents and Settings\ej\My Documents\Tae.veg
[2010/03/13 21:00:14 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/03/13 11:51:47 | 001,085,472 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/03/13 11:51:47 | 000,033,312 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010/03/13 11:51:47 | 000,014,840 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/03/13 11:51:47 | 000,004,196 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010/03/12 22:42:59 | 000,000,211 | -H-- | C] () -- C:\Boot.bak
[2010/03/12 22:42:56 | 000,260,272 | -H-- | C] () -- C:\cmldr
[2010/03/12 22:39:02 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/12 22:39:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/12 22:39:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/12 22:39:02 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/12 22:39:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/02/08 22:33:39 | 000,000,340 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/01/29 18:05:15 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/12/29 22:18:09 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\ej\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/27 20:46:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/27 20:28:39 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/01/13 10:02:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/13 09:55:02 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006/01/13 09:52:59 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll
[2006/01/13 09:52:17 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/01/13 09:40:44 | 001,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006/01/13 09:40:28 | 001,040,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006/01/13 09:39:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2006/01/13 09:38:40 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2006/01/13 09:33:47 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006/01/13 09:33:47 | 000,000,609 | ---- | C] () -- C:\WINDOWS\System32\OEMinfo.ini
========== LOP Check ==========
[2010/02/12 22:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/01/23 23:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/03/18 13:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/01/04 17:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/01/04 17:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/02/28 17:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/01/23 23:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\DAEMON Tools Lite
[2010/03/18 13:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\fltk.org
[2010/03/19 01:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Free Download Manager
[2010/03/18 19:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\FrostWire
[2010/01/30 09:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\GrabPro
[2009/12/28 15:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Leadertech
[2010/01/05 18:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Nokia
[2010/01/30 10:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Orbit
[2010/01/05 18:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\PC Suite
[2010/02/28 17:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Publish Providers
[2010/02/14 17:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Software Informer
[2010/02/28 17:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Sony
[2010/02/28 16:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\Sony Setup
[2010/03/19 09:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ej\Application Data\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\*. /mp /s >
< c:\$recycle.bin\*.* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< MD5 for: EXPLORER.EXE >
[2010/03/17 23:44:30 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\Documents and Settings\ej\Desktop\explorer.exe
[2010/03/17 23:44:30 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >
25 Re: bds/small.iuj another one on Thu Mar 18, 2010 10:17 pm
ervinako
Member
it is now done?.. it is now ok?..
26 Re: bds/small.iuj another one on Thu Mar 18, 2010 10:23 pm
DragonMaster Jay
Site Owner
Do you like ParetoLogic? How is it working for you? Do you still run Norton software?
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here 27 Re: bds/small.iuj another one on Thu Mar 18, 2010 10:58 pm
ervinako
Member
what is parelogic?.. i dont run norton 
my anti virus is only avira..
y??
my anti virus is only avira..y??
28 Re: bds/small.iuj another one on Thu Mar 18, 2010 11:43 pm
DragonMaster Jay
Site Owner
Both of them showed up in the log.
Do you want to remove them?
Do you want to remove them?
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here 29 Re: bds/small.iuj another one on Fri Mar 19, 2010 8:45 am
ervinako
Member
is that unnecessary file??.. if parelogic is unnecessary file..i will remove it.
i want to remove norton..
how to remove?//
..is there any antivirus that is free and active?..
i want to remove norton..
how to remove?//
..is there any antivirus that is free and active?..
30 Re: bds/small.iuj another one on Fri Mar 19, 2010 9:14 am
DragonMaster Jay
Site Owner
To uninstall ComboFix
(Note: Make sure there's a space between the word ComboFix and the forward-slash.)
===========
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
===========
Avira is fine.
ParetoLogic is not very recommended, but if people are satisfied, it is fine. I recommend its removal. You can do so via Control Panel > Add or Remove Programs.
Norton products can be removed by going to the following link and downloading the appropriate removal tool: ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/SymNRT.exe
Other than that, are you satisfied with the way your computer is running? Would you like tips of staying clean in the future?
- Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
- In the field, type in ComboFix /uninstall
(Note: Make sure there's a space between the word ComboFix and the forward-slash.)
- Then, press Enter, or click OK.
- This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
===========
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
- Save it to your Desktop.
- Double click OTC.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
===========
Avira is fine.
ParetoLogic is not very recommended, but if people are satisfied, it is fine. I recommend its removal. You can do so via Control Panel > Add or Remove Programs.
Norton products can be removed by going to the following link and downloading the appropriate removal tool: ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/SymNRT.exe
Other than that, are you satisfied with the way your computer is running? Would you like tips of staying clean in the future?
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here Message [Page 2 of 6]
Cheetah-Fast Antivirus Forum (formerly The Ultimate Geek TaskForce!) » Malware/Threat Removal » bds/small.iuj another one
Permissions in this forum:
You cannot reply to topics in this forum
Sun Feb 05, 2012 3:10 pm by 
