Solved Windows Explorer Errors

[Solved] Windows Explorer Errors

When I try to browse through the folders on my computer, I receive an error message that Windows Explorer needs to close.
Here's my log

* Malwarebytes (MBAM)

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5110

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/14/2010 10:19:49 AM
mbam-log-2010-11-14 (10-19-49).txt

Scan type: Quick scan
Objects scanned: 139956
Time elapsed: 7 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

* GMER

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-14 11:43:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e WDC_WD1600BEVT-75ZCT2 rev.11.01A11
Running: 25mpiorc.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwriqaog.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA6C4D620]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[488] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 104505FE C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\program files\real\realplayer\update\realsched.exe[636] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\Program Files\Mozilla Firefox\firefox.exe[2084] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


* MBRCheck
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 144):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA0B8000 ohci1394.sys
0xBA0C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xBA4BC000 compbatt.sys
0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0D8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9F23000 dmio.sys
0xBA330000 PartMgr.sys
0xBA0E8000 VolSnap.sys
0xB9F0B000 atapi.sys
0xBA0F8000 disk.sys
0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9EEB000 fltMgr.sys
0xB9ED9000 sr.sys
0xBA118000 PxHelp20.sys
0xB9EC2000 KSecDD.sys
0xB9EAB000 WudfPf.sys
0xB9E1E000 Ntfs.sys
0xB9DF1000 NDIS.sys
0xB9DD7000 Mup.sys
0xBA2D8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB927D000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xB9269000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA440000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9245000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA448000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB921D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB910A000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xB90DB000 \SystemRoot\system32\DRIVERS\b57xp32.sys
0xBA2E8000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB90C7000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xBA450000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xBA2F8000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xB907B000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xBA308000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB904F000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0xBA318000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB8FDE000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xBA458000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA460000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA138000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA148000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA158000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB8FBB000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA590000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xBA594000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xB8ECA000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xBA732000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA168000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA598000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB8EB3000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA178000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA188000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA468000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB8EA2000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA198000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA470000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA478000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB8DD2000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA1A8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA5D0000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB8D74000 \SystemRoot\system32\DRIVERS\update.sys
0xB9DAB000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA480000 \SystemRoot\system32\DRIVERS\btport.sys
0xBA1B8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA1D8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5D6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xA8AC2000 \SystemRoot\system32\drivers\sthda.sys
0xA8A9E000 \SystemRoot\system32\drivers\portcls.sys
0xBA1E8000 \SystemRoot\system32\drivers\drmk.sys
0xA8A6B000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xA8977000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xA88C5000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xBA488000 \SystemRoot\System32\Drivers\Modem.SYS
0xBA5DA000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA768000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5DC000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA4A8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA4B0000 \SystemRoot\System32\drivers\vga.sys
0xBA5DE000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5E0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA340000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA360000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA560000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA886A000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA8811000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA87D7000 \SystemRoot\System32\Drivers\avgtdix.sys
0xA87B1000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xBA368000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xBA228000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xBA238000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xA8789000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA8767000 \SystemRoot\System32\drivers\afd.sys
0xBA248000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA869C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA862C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA268000 \SystemRoot\System32\Drivers\Fips.SYS
0xBA370000 \SystemRoot\System32\Drivers\avgmfx86.sys
0xA85F8000 \SystemRoot\System32\Drivers\avgldx86.sys
0xBA258000 \SystemRoot\System32\Drivers\btwusb.sys
0xB8D68000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xBA278000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xA85B2000 \SystemRoot\System32\Drivers\usbvideo.sys
0xA858E000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0xB8D60000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB8D5C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xA8570000 \SystemRoot\system32\DRIVERS\btwdndis.sys
0xA84EF000 \SystemRoot\system32\drivers\btaudio.sys
0xBA298000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA84D7000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA5EA000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA8BE4000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA388000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA68A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF058000 \SystemRoot\System32\igxpdv32.DLL
0xBF296000 \SystemRoot\System32\igxpdx32.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA86C7000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xA8367000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA80C2000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA2A8000 \SystemRoot\system32\drivers\sysaudio.sys
0xA7C7F000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA7D50000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA7B0F000 \SystemRoot\system32\DRIVERS\srv.sys
0xA766E000 \SystemRoot\System32\Drivers\HTTP.sys
0xA6C43000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0xBA3D8000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xA481D000 \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwriqaog.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 41):
0 System Idle Process
4 System
884 C:\WINDOWS\system32\smss.exe
952 csrss.exe
976 C:\WINDOWS\system32\winlogon.exe
1020 C:\WINDOWS\system32\services.exe
1032 C:\WINDOWS\system32\lsass.exe
1204 C:\WINDOWS\system32\svchost.exe
1248 svchost.exe
1288 C:\WINDOWS\system32\svchost.exe
1332 C:\WINDOWS\system32\svchost.exe
1396 svchost.exe
1492 svchost.exe
1804 C:\WINDOWS\system32\spoolsv.exe
636 C:\Program Files\Real\realplayer\Update\realsched.exe
644 C:\Program Files\DellTPad\Apoint.exe
656 C:\WINDOWS\system32\ctfmon.exe
652 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
724 C:\Program Files\DellTPad\ApMsgFwd.exe
768 C:\Program Files\DellTPad\hidfind.exe
776 C:\Program Files\DellTPad\ApntEx.exe
1420 svchost.exe
1384 C:\Program Files\AVG\AVG9\avgwdsvc.exe
1572 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
1620 C:\Program Files\Java\jre6\bin\jqs.exe
1892 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
360 C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe
1752 C:\Program Files\AVG\AVG9\avgnsx.exe
1436 C:\WINDOWS\system32\svchost.exe
1632 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2340 C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
2944 alg.exe
3064 C:\Program Files\AVG\AVG9\avgchsvx.exe
3076 C:\Program Files\AVG\AVG9\avgrsx.exe
3264 C:\Program Files\AVG\AVG9\avgcsrvx.exe
216 C:\WINDOWS\explorer.exe
2084 C:\Program Files\Mozilla Firefox\firefox.exe
488 C:\Program Files\Mozilla Firefox\plugin-container.exe
256 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
520 C:\Documents and Settings\Administrator\My Documents\25mpiorc.exe
1704 C:\Documents and Settings\Administrator\My Documents\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000018`69e59800 (NTFS)

PhysicalDrive0 Model Number: <error opening>

Size Device Name MBR Status
--------------------------------------------
ERROR Opening: \\.\PhysicalDrive0 (32)


Done!

* DDS(2 logs)
DDS


DDS (Ver_10-11-10.01) - NTFSx86
Run by Administrator at 10:34:14.37 on Sun 11/14/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.804 [GMT 8:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Administrator\My Documents\25mpiorc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E6BB2089-163F-466B-812A-748096614DFD} - hxxp://cainternetsecurity.net/scanner/cascanner.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\m77w2vy2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--fiqz9s ", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--fiqs8s ", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--j6w193g ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4a87g ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbqly7c0a67fbc ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbqly7cvafr ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--kpry57d ", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--kprw13d ", true); // Simplified

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-26 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-26 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-26 243024]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-7-3 54760]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-6-26 143968]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2010-6-26 134144]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-7-24 114432]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-9-5 137344]
S4 TwonkyMedia;TwonkyMedia;c:\program files\nokia\nokia home media server\media server\twonkymedia.exe -serviceversion 0 --> c:\program files\nokia\nokia home media server\media server\TwonkyMedia.exe -serviceversion 0 [?]

=============== Created Last 30 ================

2010-11-14 02:03:16 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-14 02:03:13 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-14 01:50:47 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-11-14 01:50:47 -------- d-----w- c:\docume~1\admini~1\applic~1\SUPERAntiSpyware.com
2010-11-14 01:50:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-11-14 01:31:29 -------- d-----w- c:\docume~1\alluse~1\applic~1\CA
2010-11-13 14:46:55 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-11-13 14:46:55 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-13 14:33:17 -------- d-----w- c:\windows\pss
2010-11-12 12:23:37 -------- d-----w- C:\downloads
2010-11-12 12:22:51 -------- d-----w- c:\program files\Xmlbar
2010-11-12 12:22:51 -------- d-----w- c:\docume~1\admini~1\applic~1\Youku Downloader(xmlbar)
2010-11-11 17:26:33 -------- d-----w- c:\windows\A4W_DATA
2010-11-11 17:26:30 -------- d-----w- c:\documents and settings\administrator\WINDOWS
2010-11-06 12:20:10 -------- d-----w- c:\windows\system32\appmgmt
2010-11-06 12:15:48 388096 ----a-r- c:\docume~1\admini~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-11-06 12:15:47 -------- d-----w- c:\program files\Trend Micro
2010-11-06 11:44:13 -------- d-----w- c:\windows\$regcmp$
2010-11-06 11:36:53 -------- d-----w- c:\program files\Registry Clean Expert
2010-11-06 11:32:38 -------- d-----w- c:\program files\AAPTrojan Removal Tool
2010-11-06 11:32:02 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\PCHealth
2010-11-06 10:59:49 -------- d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-11-06 10:59:47 -------- d-----w- C:\HJT
2010-11-06 10:59:37 -------- d-----w- c:\documents and settings\administrator\dwhelper
2010-11-06 10:59:32 -------- d-----w- c:\program files\common files\xing shared
2010-11-06 09:34:24 -------- d-----w- c:\docume~1\admini~1\applic~1\ElevatedDiagnostics
2010-11-06 09:33:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-11-06 09:33:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-06 07:35:12 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-11-04 13:20:40 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2010-11-04 13:20:20 151776 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2010-11-04 13:19:52 100352 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2010-10-19 14:55:17 209608 ----a-w- c:\windows\system32\tabctl32.ocx
2010-10-16 11:08:20 221184 ----a-w- c:\windows\system32\wmpns.dll

==================== Find3M ====================

2010-11-04 13:19:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 04:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-14 20:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-14 18:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 03:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 03:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll

============= FINISH: 10:35:25.65 ===============

Attach


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/26/2010 3:30:15 PM
System Uptime: 11/14/2010 9:42:54 AM (1 hours ago)

Motherboard: Dell Inc. | | 0DT492
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | Microprocessor | 1655/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 98 GiB total, 20.914 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 51 GiB total, 51.273 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: N97
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: N97
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP72: 8/16/2010 5:32:41 PM - System Checkpoint
RP73: 8/18/2010 9:40:24 PM - System Checkpoint
RP74: 8/21/2010 11:05:36 AM - System Checkpoint
RP75: 8/23/2010 8:15:40 PM - System Checkpoint
RP76: 8/27/2010 5:20:29 PM - System Checkpoint
RP77: 8/28/2010 7:39:29 PM - System Checkpoint
RP78: 8/31/2010 2:00:36 PM - System Checkpoint
RP79: 9/3/2010 7:36:18 PM - System Checkpoint
RP80: 9/5/2010 6:07:48 PM - Installed Windows XP Wdf01009.
RP81: 9/5/2010 10:38:33 PM - Installed QuickTime
RP82: 9/13/2010 11:37:23 AM - Avg Update
RP83: 9/13/2010 3:59:01 PM - Removed Java(TM) 6 Update 20
RP84: 9/13/2010 4:01:37 PM - Installed Java(TM) 6 Update 21
RP85: 9/14/2010 11:43:23 AM - Installed Windows XP Wudf01009.
RP86: 9/15/2010 1:13:21 PM - System Checkpoint
RP87: 9/16/2010 3:00:18 AM - Software Distribution Service 3.0
RP88: 9/17/2010 11:28:43 PM - System Checkpoint
RP89: 9/23/2010 10:50:43 PM - System Checkpoint
RP90: 9/24/2010 7:56:46 PM - Avg Update
RP91: 9/24/2010 7:57:42 PM - Avg Update
RP92: 9/26/2010 1:45:14 PM - System Checkpoint
RP93: 9/27/2010 11:06:33 PM - System Checkpoint
RP94: 9/29/2010 7:11:01 AM - Software Distribution Service 3.0
RP95: 9/30/2010 3:27:23 PM - System Checkpoint
RP96: 10/1/2010 11:52:03 PM - System Checkpoint
RP97: 10/4/2010 10:50:12 AM - System Checkpoint
RP98: 10/5/2010 8:12:38 PM - System Checkpoint
RP99: 10/7/2010 11:28:29 PM - Software Distribution Service 3.0
RP100: 10/8/2010 2:53:03 PM - Avg Update
RP101: 10/10/2010 6:41:28 PM - System Checkpoint
RP102: 10/14/2010 11:12:06 AM - System Checkpoint
RP103: 10/15/2010 6:45:41 PM - System Checkpoint
RP104: 10/16/2010 10:01:34 AM - Software Distribution Service 3.0
RP105: 10/16/2010 7:05:36 PM - Software Distribution Service 3.0
RP106: 10/18/2010 7:52:07 PM - System Checkpoint
RP107: 10/19/2010 8:36:10 PM - System Checkpoint
RP108: 10/22/2010 10:32:23 PM - System Checkpoint
RP109: 10/23/2010 3:13:58 PM - Installed Java(TM) 6 Update 22
RP110: 10/24/2010 10:18:04 PM - System Checkpoint
RP111: 10/26/2010 3:48:49 PM - System Checkpoint
RP112: 10/27/2010 2:08:08 PM - Avg Update
RP113: 10/31/2010 4:25:14 PM - System Checkpoint
RP114: 11/1/2010 10:53:19 PM - System Checkpoint
RP115: 11/3/2010 1:04:42 AM - System Checkpoint
RP116: 11/5/2010 12:09:30 AM - System Checkpoint
RP117: 11/6/2010 1:07:19 AM - System Checkpoint
RP118: 11/6/2010 3:31:20 PM - Installed Windows Defender
RP119: 11/6/2010 3:35:09 PM - Software Distribution Service 3.0
RP120: 11/6/2010 5:31:51 PM - Installed %1 %2.
RP121: 11/6/2010 6:27:42 PM - Restore Operation
RP122: 11/6/2010 6:31:40 PM - Restore Operation
RP123: 11/6/2010 6:48:37 PM - Restore Operation
RP124: 11/6/2010 6:55:01 PM - Restore Operation
RP125: 11/6/2010 7:01:31 PM - Restore Operation
RP126: 11/6/2010 7:04:55 PM - Restore Operation
RP127: 11/6/2010 8:15:46 PM - Installed HiJackThis
RP128: 11/6/2010 8:19:44 PM - Removed Windows Defender
RP129: 11/10/2010 3:43:24 PM - System Checkpoint
RP130: 11/10/2010 8:26:22 PM - Avg Update
RP131: 11/11/2010 11:07:14 PM - Avg Update
RP132: 11/12/2010 1:28:47 AM - Software Distribution Service 3.0
RP133: 11/13/2010 2:06:02 AM - System Checkpoint
RP134: 11/13/2010 10:45:57 PM - Restore Operation

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
AVG Free 9.0
Canon MP Navigator 3.1
Dell Resource CD
Dell Touchpad
Dell Webcam Central
gen_msn_adv 1.1
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
IB Questionbank Biology Standard and Higher Level
IB Questionbank Business and Management SL and HL
IB Questionbank Chemistry Standard and Higher Level
IB Questionbank Mathematics Higher and Standard Level
IB Questionbank Mathematics Standard Level
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
K-Lite Mega Codec Pack 4.4.5
Korean Language Support
Live! Cam Avatar Creator
Malwarebytes' Anti-Malware
Maxis Broadband
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
Mozilla Firefox (3.6.6)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Nero 7 Ultra Edition
neroxml
NetWaiting
Nokia Connectivity Cable Driver
Nokia Home Media Server
Nokia Map Loader
Nokia Music
Nokia Ovi Application Installer
Nokia Ovi Application Installer 6.85.3011
Nokia Ovi Content Copier
Nokia Ovi Content Copier 6.85.3011
Nokia Ovi One Touch Access
Nokia Ovi One Touch Access 6.85.3011
Nokia Ovi Suite
Nokia Ovi System Utilities
Nokia Ovi System Utilities 6.85.3013
Nokia Photos
Nokia Software Updater
PC Connectivity Solution
Photo! Editor 1.1
PIXMA Extended Survey Program
QuickTime
QuranReciter 4.0 beta 3
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
ScanSoft OmniPage SE 4
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SigmaTel Audio
SUPERAntiSpyware
Switch Sound File Converter
ThinkPad Bluetooth with Enhanced Data Rate Software
TwonkyMedia
Unlocker 1.8.7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VDownloader 1.0
Vuze
Vuze Remote Toolbar
WavePad Sound Editor
WebFldrs XP
Winamp
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows PowerShell(TM) 1.0
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
Youku Downloader(xmlbar)(remove only)

==== Event Viewer Messages From Past Week ========

11/9/2010 11:28:38 PM, error: Dhcp [1002] - The IP address lease 121.121.63.128 for the Network Card with network address 001E101FE9C7 has been denied by the DHCP server 121.121.77.241 (The DHCP Server sent a DHCPNACK message).
11/7/2010 1:26:50 PM, error: Print [6161] - The document Microsoft Word - Document1 owned by Administrator failed to print on printer Canon MP140 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 405992. Number of bytes printed: 36080. Total number of pages in the document: 3. Number of pages printed: 0. Client machine: \\USER-1E082709FD. Win32 error code returned by the print processor: 13 (0xd).
11/7/2010 1:20:20 PM, error: Print [6161] - The document Microsoft Word - Document1 owned by Administrator failed to print on printer Canon MP140 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 458752. Number of bytes printed: 78296. Total number of pages in the document: 4. Number of pages printed: 0. Client machine: \\USER-1E082709FD. Win32 error code returned by the print processor: 13 (0xd).
11/14/2010 9:41:34 AM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 9:41:34 AM, error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 9:41:34 AM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 9:41:34 AM, error: Service Control Manager [7034] - The PIXMA Extended Survey Program service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 9:41:34 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 9:41:34 AM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/14/2010 9:41:34 AM, error: Service Control Manager [7031] - The AVG Free WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/14/2010 9:17:55 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
11/14/2010 9:01:42 AM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00234D4D866A has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
11/13/2010 2:40:09 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
11/13/2010 2:40:09 PM, error: SideBySide [59] - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
11/13/2010 2:40:09 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
11/12/2010 11:41:04 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service NMIndexingService with arguments " " in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

==== End Of File ===========================

 

Hi and welcome to the WindowsBBs forums .

==========

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

===========

Download Bootkit Remover to your Desktop.

• You then need to extract the remover.exe file from the RAR using a program capable of extracting RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
• After extracting remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.
• It will show a Black screen with some data on it.
• Right click on the screen and click Select All.
• Press CTRL+C
• Open a Notepad and press CTRL+V
• Post the output back here.

 

OTL.txt

OTL logfile created on: 11/14/2010 12:07:33 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Administrator\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 74.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 19.52 Gb Free Space | 19.99% Space Free | Partition Type: NTFS
Drive E: | 51.39 Gb Total Space | 51.27 Gb Free Space | 99.77% Space Free | Partition Type: NTFS

Computer Name: USER-1E082709FD | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/14 12:05:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
PRC - [2010/11/11 23:06:29 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/11/04 21:19:45 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2010/09/24 19:57:36 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/16 20:33:59 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/16 20:33:56 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/16 20:33:50 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/18 18:45:42 | 000,346,720 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2008/04/14 19:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/02 13:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe
PRC - [2007/04/14 00:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2010/11/14 12:05:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
MOD - [2010/08/24 00:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/16 20:33:56 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/01/29 23:54:44 | 000,102,400 | ---- | M] (PacketVideo) [Disabled | Stopped] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/18 18:45:42 | 000,346,720 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe -- (STacSV)
SRV - [2007/04/14 00:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Unknown | Running] -- -- (SASKUTIL)
DRV - File not found [Kernel | Unknown | Running] -- -- (SASDIFSV)
DRV - [2010/07/16 20:34:00 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 20:33:52 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/07/03 16:12:38 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/08 20:19:12 | 000,114,432 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/12/07 19:53:12 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/06/15 13:05:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/05/28 10:48:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2008/10/21 11:17:58 | 006,048,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/19 05:15:06 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/19 05:15:04 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/24 01:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/29 19:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/04/14 19:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/19 14:26:24 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2008/02/04 01:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/09/20 21:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/13 02:46:36 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/08/13 02:46:36 | 000,726,400 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/08/13 02:46:36 | 000,206,976 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/06/25 18:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/12/22 17:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/11/16 20:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/11/01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q= "
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm "
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm "
FF - prefs.js..browser.search.param.yahoo-type: "${8} "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157 "
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/06 18:59:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/13 22:46:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/13 22:46:40 | 000,000,000 | ---D | M]

[2010/06/26 21:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/11/12 18:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\m77w2vy2.default\extensions
[2010/07/16 23:32:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\m77w2vy2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/07 00:29:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\m77w2vy2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/07/03 21:45:11 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\m77w2vy2.default\searchplugins\bing.xml
[2010/11/13 18:20:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/24 17:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/13 16:02:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/06 19:03:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2008/04/14 19:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/26 15:27:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7a5b24fe-9fcb-11df-9816-001e101f3da8}\Shell\AutoRun - " " = Auto&Play
O33 - MountPoints2\{7a5b24fe-9fcb-11df-9816-001e101f3da8}\Shell\AutoRun\command - " " = G:\SLADJIM\obaram.exe -- File not found
O33 - MountPoints2\{7a5b24fe-9fcb-11df-9816-001e101f3da8}\Shell\explore\command - " " = G:\SLADJIM\obaram.exe -- File not found
O33 - MountPoints2\{7a5b24fe-9fcb-11df-9816-001e101f3da8}\Shell\Install\command - " " = G:\SLADJIM\obaram.exe -- File not found
O33 - MountPoints2\{7a5b24fe-9fcb-11df-9816-001e101f3da8}\Shell\open\command - " " = G:\SLADJIM\obaram.exe -- File not found
O33 - MountPoints2\{ee40a69a-96c4-11df-97f0-001fe2df4177}\Shell - " " = AutoRun
O33 - MountPoints2\{ee40a69a-96c4-11df-97f0-001fe2df4177}\Shell\AutoRun - " " = Auto&Play
O33 - MountPoints2\{ee40a69a-96c4-11df-97f0-001fe2df4177}\Shell\AutoRun\command - " " = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{ee40a69d-96c4-11df-97f0-001fe2df4177}\Shell - " " = AutoRun
O33 - MountPoints2\{ee40a69d-96c4-11df-97f0-001fe2df4177}\Shell\AutoRun - " " = Auto&Play
O33 - MountPoints2\{ee40a69d-96c4-11df-97f0-001fe2df4177}\Shell\AutoRun\command - " " = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{fe3470d7-80f7-11df-97b5-f17fa7b32584}\Shell\AutoRun\command - " " = G:\tmp\bak.exe -- File not found
O33 - MountPoints2\{fe3470d7-80f7-11df-97b5-f17fa7b32584}\Shell\explore\command - " " = G:\tmp\bak.exe -- File not found
O33 - MountPoints2\{fe3470d7-80f7-11df-97b5-f17fa7b32584}\Shell\open\comMand - " " = G:\tmp\bak.exe -- File not found
O33 - MountPoints2\F\Shell - " " = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - " " = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - " " = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/11/14 12:05:29 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
[2010/11/14 09:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/11/14 09:31:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/11/13 22:33:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/11/12 20:23:37 | 000,000,000 | ---D | C] -- C:\downloads
[2010/11/12 20:22:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Youku Downloader(xmlbar)
[2010/11/12 20:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Xmlbar
[2010/11/12 01:26:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\A4W_DATA
[2010/11/12 01:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS
[2010/11/12 01:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CHemIStRY
[2010/11/09 22:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\bio design
[2010/11/09 20:43:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Desktop\IB 45
[2010/11/06 20:20:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/11/06 20:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/06 19:44:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2010/11/06 19:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Clean Expert
[2010/11/06 19:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\AAPTrojan Removal Tool
[2010/11/06 19:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PCHealth
[2010/11/06 18:59:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/11/06 18:59:47 | 000,000,000 | ---D | C] -- C:\HJT
[2010/11/06 18:59:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\dwhelper
[2010/11/06 18:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/11/06 18:34:04 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/11/06 17:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2010/11/06 17:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/06 17:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/06 17:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2010/11/06 15:31:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/10/30 22:23:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/19 20:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\JYJ
[2010/10/16 03:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\math
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/14 12:07:33 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1682526488-1801674531-500.job
[2010/11/14 12:07:33 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1682526488-1801674531-500.job
[2010/11/14 12:05:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
[2010/11/14 12:01:39 | 000,444,324 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/14 12:01:39 | 000,072,200 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/14 11:57:26 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/11/14 11:57:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/14 11:49:18 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/14 11:48:31 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/14 11:48:19 | 1440,828,926 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\[DBSKnights] 100925 Jaejoong - Heaven_'s Postman.avi
[2010/11/14 11:04:48 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/11/14 10:33:55 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2010/11/14 09:50:29 | 067,593,014 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/11/14 09:48:41 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2010/11/14 09:32:52 | 000,056,117 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\shexview.zip
[2010/11/14 05:37:04 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{358C6D3C-D841-4872-BF4F-A209FA202507}.job
[2010/11/14 03:30:12 | 000,033,069 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\warisan -.-.docx
[2010/11/13 22:53:54 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/11/13 22:53:54 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/11/13 22:48:08 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/12 21:31:13 | 006,379,223 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\DBSG - DON'T SAY GOODBYE.mp3
[2010/11/12 20:22:53 | 000,000,924 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Youku Downloader.lnk
[2010/11/12 20:22:53 | 000,000,906 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Youku Downloader.lnk
[2010/11/12 01:27:18 | 000,051,612 | ---- | M] () -- C:\WINDOWS\Run32A40.mch
[2010/11/12 01:26:33 | 000,000,035 | ---- | M] () -- C:\WINDOWS\A4W.INI
[2010/11/11 18:35:01 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\rate-of-evaporation-13.doc
[2010/11/10 20:25:45 | 000,094,868 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\plugin-BOND PT5.pdf
[2010/11/09 21:57:51 | 000,014,697 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\milk subs conc.docx
[2010/11/09 21:57:23 | 000,038,867 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\subs conc 2.docx
[2010/11/09 21:39:57 | 000,017,615 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\subs conc 1.docx
[2010/11/09 20:58:18 | 000,031,971 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\subs conc.docx
[2010/11/09 20:41:22 | 000,024,318 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\sub conc proc.docx
[2010/11/09 20:27:48 | 000,079,360 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\hurmmm...doc
[2010/11/07 13:28:00 | 000,099,670 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\bms.docx
[2010/11/06 22:06:56 | 000,660,323 | ---- | M] () -- C:\188833171.gif
[2010/11/06 21:34:29 | 000,214,531 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\TO PRINT.docx
[2010/11/06 21:04:33 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/06 16:49:35 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/06 11:42:05 | 005,279,744 | ---- | M] () -- C:\Ost Japan(Kiroro)-Mirai E.mp3
[2010/11/04 21:59:18 | 000,211,005 | ---- | M] () -- C:\187364304.jpg
[2010/11/04 21:20:35 | 000,001,601 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Free Offers.lnk
[2010/11/04 21:20:35 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/11/04 21:19:47 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2010/11/03 14:18:25 | 004,523,877 | ---- | M] () -- C:\01. Tonight.MP3
[2010/10/31 22:06:14 | 003,172,804 | ---- | M] () -- C:\SNSD - - Hoot MP3.mp3
[2010/10/31 22:02:56 | 008,047,030 | ---- | M] () -- C:\Co-Ed - 01 Too Late (Part.1).mp3
[2010/10/31 00:04:16 | 005,274,539 | ---- | M] () -- C:\Big Bang- Make Love.mp3
[2010/10/29 21:14:49 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\My Documents\~$fanfic.docx
[2010/10/24 21:13:57 | 000,032,359 | ---- | M] () -- C:\182117878.jpg
[2010/10/24 14:32:18 | 000,033,208 | ---- | M] () -- C:\73038_161241873899248_148977641792338_349662_1742674_n.jpg
[2010/10/23 21:21:29 | 000,023,582 | ---- | M] () -- C:\64400d2ag9347ab4e2554.jpg
[2010/10/22 14:50:12 | 000,055,001 | ---- | M] () -- C:\66911_135991366451186_106655339384789_228474_2467088_n.jpg
[2010/10/19 23:09:20 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\IB Questionbank Mathematics Standard Level.lnk
[2010/10/19 23:09:19 | 000,001,236 | ---- | M] () -- C:\WINDOWS\exampro32.ini
[2010/10/19 23:00:33 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\IB Questionbank Chemistry Standard and Higher Level.lnk
[2010/10/19 22:55:21 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\IB Questionbank Biology Standard and Higher Level.lnk
[2010/10/19 21:23:21 | 000,141,682 | ---- | M] () -- C:\1277877530bb.jpg
[2010/10/17 09:01:44 | 000,133,487 | ---- | M] () -- C:\178327187.jpg
[2010/10/16 19:18:12 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/14 11:45:30 | 1440,828,926 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\[DBSKnights] 100925 Jaejoong - Heaven_'s Postman.avi
[2010/11/14 10:33:54 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2010/11/14 09:48:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2010/11/14 09:32:51 | 000,056,117 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\shexview.zip
[2010/11/12 21:24:00 | 006,379,223 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\DBSG - DON'T SAY GOODBYE.mp3
[2010/11/12 20:22:53 | 000,000,924 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Youku Downloader.lnk
[2010/11/12 20:22:53 | 000,000,906 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Youku Downloader.lnk
[2010/11/12 01:28:08 | 017,267,402 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Mesut Kurtis - Burdah -.flv
[2010/11/12 01:27:18 | 000,051,612 | ---- | C] () -- C:\WINDOWS\Run32A40.mch
[2010/11/12 01:26:33 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2010/11/12 01:24:37 | 010,646,583 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Must Watch Islamic Youth Inspiring Video Part 1 3.flv
[2010/11/12 01:24:35 | 011,732,285 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\NEVER EVER GIVE UP IN LIFE.mp4
[2010/11/12 01:24:35 | 005,609,955 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Must Watch Islamic Youth Inspiring Video Part 3 3.flv
[2010/11/12 01:24:34 | 007,562,807 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Must Watch Islamic Youth Inspiring Video Part 2 3.flv
[2010/11/11 18:35:01 | 000,121,856 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\rate-of-evaporation-13.doc
[2010/11/10 20:25:45 | 000,094,868 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\plugin-BOND PT5.pdf
[2010/11/09 21:57:50 | 000,014,697 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\milk subs conc.docx
[2010/11/09 21:57:23 | 000,038,867 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\subs conc 2.docx
[2010/11/09 21:39:57 | 000,017,615 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\subs conc 1.docx
[2010/11/09 20:58:17 | 000,031,971 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\subs conc.docx
[2010/11/09 20:41:21 | 000,024,318 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\sub conc proc.docx
[2010/11/09 20:27:47 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\hurmmm...doc
[2010/11/07 13:27:59 | 000,099,670 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\bms.docx
[2010/11/06 22:06:27 | 000,660,323 | ---- | C] () -- C:\188833171.gif
[2010/11/06 21:02:57 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1682526488-1801674531-500.job
[2010/11/06 09:55:21 | 000,214,531 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\TO PRINT.docx
[2010/11/05 21:59:33 | 000,350,720 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\hjsplit.exe
[2010/11/05 20:41:15 | 000,033,069 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\warisan -.-.docx
[2010/11/04 21:59:17 | 000,211,005 | ---- | C] () -- C:\187364304.jpg
[2010/11/04 21:20:35 | 000,001,601 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Free Offers.lnk
[2010/11/04 21:20:35 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/11/04 16:18:17 | 005,279,744 | ---- | C] () -- C:\Ost Japan(Kiroro)-Mirai E.mp3
[2010/11/04 16:18:13 | 007,810,682 | ---- | C] () -- C:\03. Doushite Kimi Wo Suki Ni Natte Shimattandarou [Acappella].mp3
[2010/11/03 14:12:32 | 004,523,877 | ---- | C] () -- C:\01. Tonight.MP3
[2010/10/31 16:39:25 | 003,172,804 | ---- | C] () -- C:\SNSD - - Hoot MP3.mp3
[2010/10/31 01:14:47 | 008,047,030 | ---- | C] () -- C:\Co-Ed - 01 Too Late (Part.1).mp3
[2010/10/31 00:02:09 | 005,274,539 | ---- | C] () -- C:\Big Bang- Make Love.mp3
[2010/10/30 21:14:58 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/10/29 22:07:29 | 000,032,359 | ---- | C] () -- C:\182117878.jpg
[2010/10/29 21:14:49 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Administrator\My Documents\~$fanfic.docx
[2010/10/27 20:48:26 | 027,168,861 | ---- | C] () -- C:\Muslim Scientists are the founders of Current Science and Technology.mp4
[2010/10/24 14:32:17 | 000,033,208 | ---- | C] () -- C:\73038_161241873899248_148977641792338_349662_1742674_n.jpg
[2010/10/23 21:21:29 | 000,023,582 | ---- | C] () -- C:\64400d2ag9347ab4e2554.jpg
[2010/10/22 14:50:12 | 000,055,001 | ---- | C] () -- C:\66911_135991366451186_106655339384789_228474_2467088_n.jpg
[2010/10/19 23:09:20 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\IB Questionbank Mathematics Standard Level.lnk
[2010/10/19 22:55:21 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\IB Questionbank Biology Standard and Higher Level.lnk
[2010/10/19 21:23:21 | 000,141,682 | ---- | C] () -- C:\1277877530bb.jpg
[2010/10/17 09:01:43 | 000,133,487 | ---- | C] () -- C:\178327187.jpg
[2010/09/13 16:15:19 | 000,001,236 | ---- | C] () -- C:\WINDOWS\exampro32.ini
[2010/09/13 16:15:17 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2010/09/13 16:15:17 | 000,000,478 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini
[2010/08/15 13:22:16 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\0500234D4D866A
[2010/07/25 01:30:57 | 000,165,456 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/18 12:23:10 | 000,000,046 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/07/11 11:11:17 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010/07/02 19:06:06 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/26 23:15:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/26 20:50:33 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/26 16:17:00 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/06/26 16:16:55 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/06/26 16:16:55 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/06/26 16:16:54 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/06/26 16:16:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/06/26 15:47:36 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010/06/26 15:42:09 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2010/06/26 15:40:20 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5002.dll
[2008/08/18 18:44:34 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2002/09/28 22:00:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ALFATH.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2010/09/13 15:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2010/07/11 12:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2010/08/15 13:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\duowan
[2010/11/06 17:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2010/07/18 14:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
[2010/07/24 10:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia
[2010/07/25 02:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2010/09/05 05:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Raptr
[2010/07/11 11:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2010/11/12 20:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Youku Downloader(xmlbar)
[2010/06/26 16:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/06/26 15:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broadcom
[2010/11/14 09:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/11 11:15:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/11 11:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010/09/05 04:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/07/25 14:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/07/25 15:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/07/24 10:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2010/07/25 15:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/07/11 11:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/07/28 15:23:01 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2010/11/14 05:37:04 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{358C6D3C-D841-4872-BF4F-A209FA202507}.job
[2010/11/14 11:04:48 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job
[2010/11/14 11:57:26 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/04/14 19:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: AHCIX86.SYS >
[2009/01/21 09:18:11 | 000,174,600 | ---- | M] (AMD Technologies Inc.) MD5=15DA079FF09BE5FA6602041EE286DE80 -- C:\WINDOWS\NLDRV\002\ahcix86.sys
[2009/01/21 09:19:31 | 000,174,600 | ---- | M] (AMD Technologies Inc.) MD5=15DA079FF09BE5FA6602041EE286DE80 -- C:\WINDOWS\NLDRV\003\ahcix86.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 19:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 08:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 19:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 19:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2008/09/20 12:02:41 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/14 19:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 19:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 19:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 19:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/06/26 23:13:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/06/26 23:13:32 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/06/26 23:13:32 | 000,937,984 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Files - Unicode (All) ==========
[2010/11/02 23:13:20 | 021,898,471 | ---- | C] ()(C:\YouTube - 2NE1 - It Hurts (??) MV [HD].flv) -- C:\YouTube - 2NE1 - It Hurts (아파) MV [HD].flv
[2010/11/01 12:25:38 | 021,898,471 | ---- | M] ()(C:\YouTube - 2NE1 - It Hurts (??) MV [HD].flv) -- C:\YouTube - 2NE1 - It Hurts (아파) MV [HD].flv
[2010/10/31 23:38:48 | 022,793,841 | ---- | C] ()(C:\Documents and Settings\Administrator\My Documents\Facebook ? Videos Posted by Izuan Iskandar_ Rasulullah Menangis di Padang Mahsyar [HQ].flv) -- C:\Documents and Settings\Administrator\My Documents\Facebook  Videos Posted by Izuan Iskandar_ Rasulullah Menangis di Padang Mahsyar [HQ].flv
[2010/10/20 22:59:20 | 022,793,841 | ---- | M] ()(C:\Documents and Settings\Administrator\My Documents\Facebook ? Videos Posted by Izuan Iskandar_ Rasulullah Menangis di Padang Mahsyar [HQ].flv) -- C:\Documents and Settings\Administrator\My Documents\Facebook  Videos Posted by Izuan Iskandar_ Rasulullah Menangis di Padang Mahsyar [HQ].flv
[2010/10/07 23:02:24 | 002,927,515 | ---- | C] ()(C:\YouTube - Super Junior - l?????? ?ho?i?g hi? ??Å !!!!.flv) -- C:\YouTube - Super Junior - ℓєєțєυκ șĥōшıиĝ ĥıș ΑΒÅ !!!!.flv
[2010/10/07 10:12:46 | 002,927,515 | ---- | M] ()(C:\YouTube - Super Junior - l?????? ?ho?i?g hi? ??Å !!!!.flv) -- C:\YouTube - Super Junior - ℓєєțєυκ șĥōшıиĝ ĥıș ΑΒÅ !!!!.flv
[2010/10/05 23:19:21 | 027,737,609 | ---- | C] ()(C:\YouTube - Se7en - I_m Going Crazy [Eng Sub-Rom-Hangul] (?? - I am Going Crazy).flv) -- C:\YouTube - Se7en - I_m Going Crazy [Eng Sub-Rom-Hangul] (세븐 - I am Going Crazy).flv
[2010/10/01 16:53:59 | 027,737,609 | ---- | M] ()(C:\YouTube - Se7en - I_m Going Crazy [Eng Sub-Rom-Hangul] (?? - I am Going Crazy).flv) -- C:\YouTube - Se7en - I_m Going Crazy [Eng Sub-Rom-Hangul] (세븐 - I am Going Crazy).flv
[2010/09/03 17:56:33 | 000,000,000 | ---D | M](C:\Playful?Kiss) -- C:\Playful♥Kiss
[2010/09/03 17:53:14 | 000,000,000 | ---D | C](C:\Playful?Kiss) -- C:\Playful♥Kiss

< End of report >

 

Extra.txt

OTL Extras logfile created on: 11/14/2010 12:07:33 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Administrator\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 74.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 19.52 Gb Free Space | 19.99% Space Free | Partition Type: NTFS
Drive E: | 51.39 Gb Total Space | 51.27 Gb Free Space | 99.77% Space Free | Partition Type: NTFS

Computer Name: USER-1E082709FD | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe" = C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia -- (PacketVideo)
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe" = C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer -- ()
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)
"C:\Program Files\Raptr\raptr.exe" = C:\Program Files\Raptr\raptr.exe:*:Enabled:Raptr Client -- ()
"C:\Program Files\Raptr\raptr_im.exe" = C:\Program Files\Raptr\raptr_im.exe:*:Enabled:Raptr IM -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}" = Nokia Home Media Server
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{43FFE159-3199-4188-A1CD-629166AD1033}" = Nero 7 Ultra Edition
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}" = Nokia Ovi One Touch Access
"{4ECA710C-B818-4751-A3B8-42C2D93922A8}" = Nokia Software Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A588FD3-104A-4517-91B1-D85AD27FA487}" = Nokia Ovi Suite
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{82388E38-FDFD-4D36-9D35-EA720F9467D6}" = Nokia Ovi System Utilities
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9333DA9B-4F8C-4580-88A7-F12D7B10DC2A}" = Nokia Music
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB938616-16BB-491E-A5A0-CA4AB4167BB4}" = Nokia Photos
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AVG9Uninstall" = AVG Free 9.0
"CANONIJPLM100" = PIXMA Extended Survey Program
"CNXT_MODEM_HDAUDIO_wis30B5m" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Webcam Central" = Dell Webcam Central
"gen_msn_adv" = gen_msn_adv 1.1
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IB Questionbank IB_BIO" = IB Questionbank Biology Standard and Higher Level
"IB Questionbank IB_BUS" = IB Questionbank Business and Management SL and HL
"IB Questionbank IB_CHEM" = IB Questionbank Chemistry Standard and Higher Level
"IB Questionbank IB_MA" = IB Questionbank Mathematics Higher and Standard Level
"IB Questionbank IB_MAS" = IB Questionbank Mathematics Standard Level
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.4.5
"KOIELangPack" = Korean Language Support
"Maxis Broadband" = Maxis Broadband
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MP Navigator 3.1" = Canon MP Navigator 3.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3013
"PhotoToolkit_is1" = Photo! Editor 1.1
"PROPLUS" = Microsoft Office Professional Plus 2007
"QuranReciter" = QuranReciter 4.0 beta 3
"RealPlayer 12.0" = RealPlayer
"Switch" = Switch Sound File Converter
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"Unlocker" = Unlocker 1.8.7
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Xmlbar YoukuDownloader" = Youku Downloader(xmlbar)(remove only)
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/13/2010 10:36:01 AM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 10:43:02 AM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x000369da.

Error - 11/13/2010 10:51:31 AM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 10:56:55 AM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 11:06:50 AM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 9:02:30 PM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x000369da.

Error - 11/13/2010 9:33:03 PM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 9:44:09 PM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 11:50:43 PM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

Error - 11/13/2010 11:51:13 PM | Computer Name = USER-1E082709FD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00010f1e.

[ OSession Events ]
Error - 7/24/2010 4:11:26 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1174
seconds with 480 seconds of active time. This session ended with a crash.

Error - 7/24/2010 4:12:03 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 27
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/29/2010 6:48:30 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10911
seconds with 780 seconds of active time. This session ended with a crash.

Error - 8/1/2010 2:04:15 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 686
seconds with 660 seconds of active time. This session ended with a crash.

Error - 8/21/2010 2:49:10 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/3/2010 2:54:06 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 728
seconds with 420 seconds of active time. This session ended with a crash.

Error - 11/9/2010 9:51:29 AM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/11/2010 1:21:49 PM | Computer Name = USER-1E082709FD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 124
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/13/2010 11:52:03 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .

Error - 11/13/2010 11:52:26 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.

Error - 11/13/2010 11:52:26 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .

Error - 11/13/2010 11:52:26 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .

Error - 11/13/2010 11:52:26 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.

Error - 11/13/2010 11:52:26 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .

Error - 11/13/2010 11:52:26 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .

Error - 11/13/2010 11:52:57 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.

Error - 11/13/2010 11:52:57 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .

Error - 11/13/2010 11:52:57 PM | Computer Name = USER-1E082709FD | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .


< End of report >

bootkit remover

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...

 

Look ok.

I will get you to run an on-line scan now please.

Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on the Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

• Spyware, Adware, Dialers, and other potentially dangerous programs
  [*] Archives
  [*] Mail databases

6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

 

thanks for your help! but i searched for other solution from other website and it worked! at least i think it works...
well, no more error message, that's a huge relief.

well, this is what i did maybe you can give comment..
i downloaded ShelExView and disabled realplayer extensions.. and poof~ no more error message.. but i wonder what causes realplayer to cause problem :S

 

Realplayer probably installed incorrectly or got corrupted. As long as you are happy with it, it's all good .
Maybe you should do the on-line scan anyway, just to be sure.

 

i can't scan online
[ERROR: License has expired]

 

Is the system time/date correct?

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.

• You will need to use Internet Explorer to complete this scan.
• You will need to temporarily Disable your current Anti-virus program.
• Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
• When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

​

NOTE: If you are unable to complete the ESET scan, please try another from the list below:

• Kaspersky Online Scanner ​

• Panda Active Scan ​

• Trend Micro HouseCall ​

• F-Secure Online Virus Scanner ​

 

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=cfa21bb924e2804abdf10f3abb3201a4
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-11-16 04:58:23
# local_time=2010-11-16 12:58:23 (+0800, Malay Peninsula Standard Time)
# country= "United States "
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 836271 836271 0 0
# compatibility_mode=1024 16777191 100 0 12341666 12341666 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=53851
# found=1
# cleaned=0
# scan_time=1485
C:\Program Files\Unlocker\eBay_shortcuts_1016.exe Win32/Adware.ADON application 00000000000000000000000000000000 I

 

Ok, if you run ESET again you will be able to remove that entry.

How is the PC?

 

well, the pc works fine, i guess..
no more error reports

 

Good news

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC by OldTimer:
Save it to your Desktop.
Double click OTC.exe.
Click the CleanUp! button.
If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes.