Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92362 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Another Generic11.bdde removal


  • This topic is locked This topic is locked
23 replies to this topic

#16 altenuta

altenuta

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 03 December 2009 - 12:44 AM

Latest Logs:

All processes killed
========== FILES ==========
C:\WINDOWS\SYSTEM32\cmd.ftp moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\7ND3J9OW\wbk25.tmp moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\A5XUNEHO\nCaseInstaller[1].cab moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\ERAVMT2R\popup[1].htm moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\I5GDG58D\pup[1].htm moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\KJ5FYENX\wbk36.tmp moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\Q9WNAP2H\iMeshV4[1].exe moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\VNHRFDO8\nCaseInstaller[1].cab moved successfully.
File\Folder F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\VY0RJPS5\iMeshV4[1].exe I not found.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\VY0RJPS5\wbk12.tmp moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\VY0RJPS5\wbkB.tmp moved successfully.
F:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\VY0RJPS5\WeatherAutoCAST0010[1].cab moved successfully.
F:\Program Files\Common Files\CMEII\apps\DateManager\datemanager.zip moved successfully.
F:\Program Files\Common Files\CMEII\apps\PrecisionTime\InstallPrecisionTime.exe moved successfully.
File\Folder F:\Program Files\Common Files\CMEII\apps\PrecisionTime\precisiontime.zip I not found.
F:\Program Files\Common Files\CMEII\store\apps\datemanager.zip moved successfully.
F:\Program Files\Common Files\CMEII\store\apps\precisiontime.zip moved successfully.
F:\WINDOWS\desktop\KaZaA\My Shared Folder\kmd133_en.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Stickly
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: User.PEECEE
->Temp folder emptied: 102383701 bytes
->Temporary Internet Files folder emptied: 27298106 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 42913531 bytes
->Apple Safari cache emptied: 6334189 bytes

User: USER~1~PEE

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 543273 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 171.22 mb


OTL by OldTimer - Version 3.1.6.0 log created on 12022009_222658

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

OTL logfile created on: 12/2/2009 10:37:58 PM - Run 2
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Documents and Settings\User.PEECEE\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.00 Mb Total Physical Memory | 671.03 Mb Available Physical Memory | 65.66% Memory free
1.47 Gb Paging File | 1.26 Gb Available in Paging File | 85.74% Paging File free
Paging file location(s): F:\pagefile.sys 573 773 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.25 Gb Total Space | 7.11 Gb Free Space | 18.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 456.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 14.92 Gb Total Space | 7.80 Gb Free Space | 52.28% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 1.42 Gb Free Space | 38.06% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PEECEE
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\User.PEECEE\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Skype\Plugin Manager\skypePM.exe (Skype Technologies)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\SYSTEM32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
PRC - F:\Program Files\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\BCMSMMSG.exe (Broadcom Corporation)
PRC - C:\Program Files\Common Files\AOL\ACS\acsd.exe (America Online, Inc.)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
PRC - C:\WINDOWS\SYSTEM32\pctspk.exe (PCtel, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\User.PEECEE\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\SYSTEM32\WBEM\framedyn.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Macromedia Licensing Service) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (p2pgasvc) -- C:\WINDOWS\SYSTEM32\p2pgasvc.dll (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe (America Online, Inc.)
SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (NwSapAgent) -- C:\WINDOWS\SYSTEM32\IPXSAP.DLL (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (Pctspk) -- C:\WINDOWS\SYSTEM32\pctspk.exe (PCtel, Inc.)


========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- F:\Program Files\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (PxHelp20) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (SASKUTIL) -- F:\Program Files\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NwlnkIpx) -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys (Microsoft Corporation)
DRV - (usbaudio) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Secdrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (PAC7302) -- C:\WINDOWS\SYSTEM32\DRIVERS\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (GEARAspiWDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (SASENUM) -- F:\Program Files\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (MCSTRM) -- C:\WINDOWS\SYSTEM32\DRIVERS\mcstrm.sys (RealNetworks, Inc.)
DRV - (ialm) -- C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (Afc) -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys (Arcsoft, Inc.)
DRV - (CoachAud) -- C:\WINDOWS\SYSTEM32\DRIVERS\CoachAud.sys (FotoNation Inc.)
DRV - (NTIDrvr) -- C:\WINDOWS\SYSTEM32\DRIVERS\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (nv) -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (iAimFP4) -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys (Intel® Corporation)
DRV - (iAimFP3) -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys (Intel® Corporation)
DRV - (iAimTV4) -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys (Intel® Corporation)
DRV - (iAimTV3) -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys (Intel® Corporation)
DRV - (iAimTV1) -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys (Intel® Corporation)
DRV - (iAimTV0) -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys (Intel® Corporation)
DRV - (iAimFP0) -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys (Intel® Corporation)
DRV - (iAimFP1) -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys (Intel® Corporation)
DRV - (iAimFP2) -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys (Intel® Corporation)
DRV - (i81x) -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys (Intel® Corporation)
DRV - (BCMModem) -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys (Broadcom Corporation)
DRV - (bcm4sbxp) -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - ({6080A529-897E-4629-A488-ABA0C29B635E}) -- C:\WINDOWS\SYSTEM32\DRIVERS\ialmsbw.sys (Intel Corporation)
DRV - ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) -- C:\WINDOWS\SYSTEM32\DRIVERS\ialmkchw.sys (Intel Corporation)
DRV - (smwdm) -- C:\WINDOWS\SYSTEM32\DRIVERS\smwdm.sys (Analog Devices, Inc.)
DRV - (wanatw) -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (omci) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (sonypvs1) -- C:\WINDOWS\SYSTEM32\DRIVERS\sonypvs1.sys (Sony Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS (Microsoft Corporation)
DRV - (Ptilink) -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS (Parallel Technologies, Inc.)
DRV - (DCamUSBSQTECH) -- C:\WINDOWS\SYSTEM32\DRIVERS\sqcaptur.sys (Service & Quality Technology.)
DRV - (aeaudio) -- C:\WINDOWS\SYSTEM32\DRIVERS\aeaudio.sys (Andrea Electronics Corporation)
DRV - (NETMDUSB) -- C:\WINDOWS\SYSTEM32\DRIVERS\NETMDUSB.sys (Sony Corporation)
DRV - (SONYPVU1) -- C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (Vpctcom) -- C:\WINDOWS\System32\DRIVERS\vpctcom.sys (PCtel, Inc.)
DRV - (Vvoice) -- C:\WINDOWS\System32\DRIVERS\vvoice.sys (PCtel, Inc.)
DRV - (Vmodem) -- C:\WINDOWS\System32\DRIVERS\vmodem.sys (PCTEL, INC.)
DRV - (Ptserlp) -- C:\WINDOWS\SYSTEM32\DRIVERS\ptserlp.sys (PCTEL, INC.)
DRV - (Sparrow) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (MODEMCSA) -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys (Microsoft Corporation)
DRV - (ultra) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (EL90XBC) -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS (3Com Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/11 05:36:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/05/14 18:54:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/02 15:24:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/06 17:36:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 1.5.0.14\Extensions\\Components: C:\Program Files\Mozilla Thunderbird\components\ [2007/12/22 09:05:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 1.5.0.14\Extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins\ [2009/05/20 18:41:10 | 00,000,000 | ---D | M]

[2008/06/20 20:02:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Extensions
[2008/06/20 20:02:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/12/01 17:20:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions
[2009/09/11 17:22:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/21 14:46:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}
[2009/11/22 14:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/07/25 18:27:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
[2009/11/01 08:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/07/21 14:45:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\ci0bplqa.Default User\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2005/01/07 17:51:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\qfpfppcb.default\extensions
[2004/12/21 21:17:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\qfpfppcb.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2005/01/07 17:51:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User.PEECEE\Application Data\Mozilla\Firefox\Profiles\qfpfppcb.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/12/01 17:20:06 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/06 17:36:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/14 18:55:08 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/22 07:26:13 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/11/30 19:42:00 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009/11/06 17:36:08 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/06 17:36:08 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2006/10/02 19:59:57 | 00,040,552 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
[2009/10/11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2007/06/01 15:51:16 | 00,069,632 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npitunes.dll
[2004/12/22 08:08:32 | 00,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2009/11/06 17:36:11 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/12/18 04:18:30 | 00,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2007/06/08 10:59:45 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006/03/30 20:18:23 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
[2005/08/09 10:42:53 | 00,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
[2003/08/04 14:19:02 | 00,438,272 | ---- | M] (AOL Time Warner) -- C:\Program Files\Mozilla Firefox\plugins\npwinamp.dll
[2009/09/04 18:26:41 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/09/04 18:26:42 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/06/27 07:40:29 | 00,001,490 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/09/04 18:26:42 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/09/04 18:26:42 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/09/04 18:26:42 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/09/04 18:26:43 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Photo Downloader] F:\Program Files\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCMSMMSG] C:\WINDOWS\BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BuildBU] c:\DELL\BLDBUBG.EXE ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [updateMgr] F:\Program Files\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = F:\Program Files\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.micr...0367/wmavax.CAB (Reg Error: Key error.)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zon...kr.cab31267.cab (Checkers Class)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} http://messenger.zon...er.cab31267.cab (Minesweeper Flags Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} http://www2.incredim...er/imloader.cab (IMDownloader Class)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zon...wn.cab31267.cab (Solitaire Showdown Class)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.ao.../ampx_en_dl.cab (IWinAmpActiveX Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.166.65.1 209.166.64.3
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - F:\Program Files\SASWINLO.DLL - F:\Program Files\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - F:\Program Files\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 06:59:58 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/09/26 16:00:06 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/12/02 18:03:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User.PEECEE\Desktop\2009_12_02
[2009/11/30 19:41:58 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/30 19:41:58 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/30 19:41:58 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/23 22:16:39 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/23 22:14:45 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/11/23 22:14:45 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/11/23 22:14:45 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/11/23 22:14:45 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/11/23 22:14:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/23 22:13:35 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/23 18:17:05 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/11/23 12:17:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User.PEECEE\Desktop\11_17_09
[2009/11/23 12:17:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User.PEECEE\Desktop\__MACOSX
[2009/11/19 19:58:50 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User.PEECEE\Desktop\OTL.exe
[2009/11/16 20:12:55 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/16 18:03:01 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\User.PEECEE\Desktop\ATF_Cleaner.exe
[1 C:\Documents and Settings\User.PEECEE\My Documents\*.tmp files -> C:\Documents and Settings\User.PEECEE\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/02 22:29:31 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/12/02 22:28:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/02 22:28:45 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/12/02 22:27:55 | 12,308,480 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\ntuser.dat
[2009/12/02 22:27:55 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\User.PEECEE\NTUSER.INI
[2009/12/02 22:27:00 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\PCHealth Scheduler for Upload Library.job
[2009/12/02 00:15:27 | 00,011,647 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\kapersky.html
[2009/12/01 04:20:59 | 00,036,109 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\geetar.jpg
[2009/12/01 04:20:47 | 00,036,653 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\Album pix.jpg
[2009/11/30 19:31:10 | 00,102,660 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\SystemLook.exe
[2009/11/28 14:17:13 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/23 22:56:05 | 00,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/23 22:55:33 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2009/11/23 22:16:56 | 00,000,281 | RHS- | M] () -- C:\BOOT.INI
[2009/11/23 22:12:42 | 03,573,838 | R--- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\ComboFix.exe
[2009/11/23 12:13:46 | 01,812,652 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\updated slides.zip
[2009/11/22 11:09:59 | 00,434,754 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/11/22 11:09:59 | 00,068,274 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/11/19 19:58:51 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User.PEECEE\Desktop\OTL.exe
[2009/11/16 20:12:57 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\HijackThis.lnk
[2009/11/16 18:03:01 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\User.PEECEE\Desktop\ATF_Cleaner.exe
[2009/11/16 09:53:33 | 00,345,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/16 00:11:57 | 00,491,080 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/16 00:07:39 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/14 20:10:04 | 00,291,840 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\gmer.exe
[2009/11/14 01:47:57 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/11/10 20:33:20 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/11/06 18:19:28 | 00,036,201 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\aher kkkkk.jpg
[2009/11/06 18:15:34 | 00,003,157 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\14436_183253542848_716112848_2918908_5650630_s.jpg
[2009/11/06 18:12:57 | 00,036,054 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\14436_183253572848_716112848_2918909_6489739_n.jpg
[2009/11/06 17:39:01 | 00,062,666 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\photo.php
[2009/11/06 17:32:34 | 00,013,965 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\asher hat.rar
[2009/11/06 17:31:49 | 00,062,625 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Desktop\asher hat.php
[2009/11/05 14:40:52 | 00,102,488 | ---- | M] () -- C:\Documents and Settings\User.PEECEE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/05 09:36:22 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/11/04 20:26:19 | 00,001,876 | -H-- | M] () -- C:\Documents and Settings\User.PEECEE\My Documents\Default.rdp
[1 C:\Documents and Settings\User.PEECEE\My Documents\*.tmp files -> C:\Documents and Settings\User.PEECEE\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/02 00:15:27 | 00,011,647 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\kapersky.html
[2009/12/01 04:20:58 | 00,036,109 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\geetar.jpg
[2009/12/01 04:20:45 | 00,036,653 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\Album pix.jpg
[2009/11/30 19:31:09 | 00,102,660 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\SystemLook.exe
[2009/11/23 22:16:56 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/11/23 22:16:51 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/11/23 22:14:45 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/23 22:14:45 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/23 22:14:45 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/11/23 22:14:45 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/23 22:14:45 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/11/23 22:12:41 | 03,573,838 | R--- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\ComboFix.exe
[2009/11/23 12:13:44 | 01,812,652 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\updated slides.zip
[2009/11/17 18:52:33 | 00,291,840 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\gmer.exe
[2009/11/16 20:12:57 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\HijackThis.lnk
[2009/11/06 18:19:26 | 00,036,201 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\aher kkkkk.jpg
[2009/11/06 18:14:50 | 00,003,157 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\14436_183253542848_716112848_2918908_5650630_s.jpg
[2009/11/06 18:12:56 | 00,036,054 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\14436_183253572848_716112848_2918909_6489739_n.jpg
[2009/11/06 17:38:56 | 00,062,666 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\photo.php
[2009/11/06 17:32:34 | 00,013,965 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\asher hat.rar
[2009/11/06 17:31:45 | 00,062,625 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Desktop\asher hat.php
[2009/09/07 13:26:41 | 00,000,322 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2007/12/22 11:59:11 | 00,001,427 | ---- | C] () -- C:\WINDOWS\System32\LXBRSET.INI
[2007/05/09 16:57:04 | 00,102,104 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\GDIPFONTCACHEV1.DAT
[2007/03/20 15:44:02 | 00,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2007/03/09 18:54:25 | 00,000,006 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\dm.ini
[2007/03/09 18:54:23 | 00,001,559 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\AdobeDLM.log
[2007/02/10 16:28:17 | 00,000,262 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/08/01 10:48:57 | 01,958,898 | -H-- | C] () -- C:\Documents and Settings\User.PEECEE\Local Settings\Application Data\IconCache.db
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/26 10:08:05 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2006/04/29 11:08:52 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/19 21:38:08 | 00,000,156 | ---- | C] () -- C:\WINDOWS\ae_mini.INI
[2005/11/16 23:30:04 | 00,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv9553p4now.sys
[2005/10/01 17:53:55 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6s.DLL
[2005/08/10 19:22:11 | 00,001,024 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\WavCodec.wff
[2005/08/09 14:12:28 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/06/11 06:31:43 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/06/06 20:58:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2005/05/16 19:14:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\stsaver.ini
[2005/05/15 20:33:46 | 00,000,377 | ---- | C] () -- C:\WINDOWS\MediaFace.INI
[2005/05/15 09:29:54 | 00,004,672 | ---- | C] () -- C:\WINDOWS\WINMEM32.DLL
[2005/04/16 09:04:15 | 00,000,359 | ---- | C] () -- C:\WINDOWS\farmmext.ini
[2005/03/26 09:28:51 | 00,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/03/26 08:56:04 | 00,000,253 | ---- | C] () -- C:\WINDOWS\WSHORTEN.INI
[2005/03/03 18:02:52 | 00,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005/03/03 18:02:52 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005/03/03 18:02:52 | 00,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005/03/03 18:02:51 | 02,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2005/03/02 17:57:45 | 00,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2005/03/02 17:30:55 | 00,000,107 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2005/03/02 16:21:36 | 03,423,744 | ---- | C] () -- C:\WINDOWS\System32\libfilefmt-1.1.0.dll
[2005/03/02 16:21:36 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\libavi-dd-1.2.0.dll
[2005/02/25 15:07:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/12/13 20:47:05 | 00,000,045 | ---- | C] () -- C:\WINDOWS\IEIEJNP.ini
[2004/12/03 16:00:08 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2004/10/29 15:21:12 | 00,000,029 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2004/10/29 15:17:25 | 00,000,783 | ---- | C] () -- C:\WINDOWS\NTIWVEDT.INI
[2004/10/29 14:55:18 | 00,000,117 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2004/10/23 09:10:35 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/10/05 14:37:20 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2004/09/08 19:48:49 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2004/09/02 12:41:50 | 00,001,697 | ---- | C] () -- C:\WINDOWS\System32\sdusbpdr.ini
[2004/08/28 06:00:59 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\MPEGCreator.dll
[2004/08/11 03:41:08 | 00,270,336 | ---- | C] () -- C:\WINDOWS\System32\WMVCreator.dll
[2004/08/11 03:03:13 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\AVICreator.dll
[2004/08/01 17:36:44 | 00,001,034 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2004/05/20 07:50:14 | 01,537,536 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-hi.dll
[2004/02/08 20:29:15 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/02/01 11:21:56 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2004/01/07 20:37:58 | 00,000,063 | ---- | C] () -- C:\WINDOWS\dgnet007.ini
[2004/01/03 21:37:50 | 00,005,133 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/01/03 16:06:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2003/12/07 19:48:31 | 00,032,397 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2003/12/04 22:01:10 | 00,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2003/12/04 21:56:52 | 00,001,609 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2003/12/04 21:56:52 | 00,000,032 | ---- | C] () -- C:\WINDOWS\album.ini
[2003/11/29 17:25:04 | 00,000,022 | ---- | C] () -- C:\WINDOWS\OP70.INI
[2003/11/29 15:31:06 | 00,000,448 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/11/25 18:46:24 | 00,262,416 | ---- | C] () -- C:\WINDOWS\System32\Asfv2.dll
[2003/11/24 19:28:53 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\PFP110JPR.{PB
[2003/11/24 19:28:53 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\PFP110JCM.{PB
[2003/11/23 19:56:01 | 00,217,600 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/11/23 16:11:03 | 00,000,174 | ---- | C] () -- C:\WINDOWS\System32\mcini.ini
[2003/11/23 15:03:20 | 00,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2003/11/23 14:40:09 | 00,000,045 | ---- | C] () -- C:\WINDOWS\EPSC82.ini
[2003/11/23 13:47:16 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\User.PEECEE\Application Data\DESKTOP.INI
[2003/11/23 13:47:11 | 00,102,488 | ---- | C] () -- C:\Documents and Settings\User.PEECEE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2003/11/17 19:10:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/11/17 19:02:55 | 00,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2003/11/17 18:54:15 | 00,000,292 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/11/17 18:48:45 | 00,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/11/17 18:26:52 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/11/17 18:13:04 | 00,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/11/16 10:32:30 | 01,253,376 | ---- | C] () -- C:\WINDOWS\System32\mptiff.dll
[2003/08/07 11:01:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/07/30 19:29:08 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2003/04/21 00:00:00 | 01,036,800 | ---- | C] () -- C:\WINDOWS\System32\libmpeg-1.0.0.dll
[2003/04/21 00:00:00 | 00,987,136 | ---- | C] () -- C:\WINDOWS\System32\liboggvorbis-1.0.0.dll
[2003/04/21 00:00:00 | 00,696,832 | ---- | C] () -- C:\WINDOWS\System32\libmcl-2.8.0.dll
[2002/11/24 04:40:36 | 00,046,080 | ---- | C] () -- C:\WINDOWS\System32\ac3encode.dll
[2002/09/03 06:59:58 | 00,001,151 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2002/09/03 06:50:58 | 00,000,256 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/09/03 06:50:46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\DESKTOP.INI
[2001/12/26 15:12:30 | 00,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2000/12/29 09:34:01 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AD0EB3C
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2947BEA
< End of report >

OTL Extras logfile created on: 12/2/2009 10:37:58 PM - Run 2
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Documents and Settings\User.PEECEE\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.00 Mb Total Physical Memory | 671.03 Mb Available Physical Memory | 65.66% Memory free
1.47 Gb Paging File | 1.26 Gb Available in Paging File | 85.74% Paging File free
Paging file location(s): F:\pagefile.sys 573 773 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.25 Gb Total Space | 7.11 Gb Free Space | 18.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 456.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 14.92 Gb Total Space | 7.80 Gb Free Space | 52.28% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 1.42 Gb Free Space | 38.06% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PEECEE
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Safari\Safari.exe" -url "%1" (Apple Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- Reg Error: Key error.
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"177:TCP" = 177:TCP:LocalSubNet:Enabled:Nick

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series" = Canon MP470 series
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.3
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 17
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{553E56C3-7AA1-45FE-A2FC-2C43DC27F765}" = iTunes
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{867DD3AD-D155-4035-AAB3-E74673AC8464}" = PC VGA Camer@ Plus
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{9B79DCB0-AAD7-456B-8D07-433C936FA24B}" = DS21Patch
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A47CC380-5C96-4542-98EA-23884ECB42C6}" = Win32
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AF10D7E4-D29A-45DA-8050-B116097B69B5}" = Safari
"{B7EE8B5C-7911-4DA5-9871-75CAEB631A69}" = Media Wizard
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}" = OpenMG Secure Module 3.0.03
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"2004 Backgammon" = 2004 Backgammon 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AdobeESD" = Adobe Download Manager 2.2 (Remove Only)
"Agent Ransack_is1" = Agent Ransack Version 1.7.3
"All Video Converter_is1" = All Video Converter 1.0
"America Online us" = America Online (Choose which version to remove)
"Canon MP470 series User Registration" = Canon MP470 series User Registration
"EPSON Printer and Utilities" = EPSON Printer Software
"Football Playbook 010_is1" = Football Playbook 010
"HCC Lite" = HCC Lite
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{867DD3AD-D155-4035-AAB3-E74673AC8464}" = PC VGA Camer@ Plus
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Web Developer 2005 Express Edition - ENU" = Microsoft Visual Web Developer 2005 Express Edition - ENU
"Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
"Mozilla Thunderbird (1.5.0.14)" = Mozilla Thunderbird (1.5.0.14)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Network Play System (Patching)" = Network Play System (Patching)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PHOTOVU LINK & CARD LINK" = PHOTOVU LINK & CARD LINK
"Picasa 3" = Picasa 3
"QuickTime 3.0" = QuickTime 3.0
"ShockwaveFlash" = Macromedia Flash Player 8
"The Sims" = The Sims
"WinASO Registry Optimizer 2.7_is1" = WinASO Registry Optimizer 2.7
"WinASO Registry Optimizer 3.0.6_is1" = WinASO Registry Optimizer 3.0.6
"Windows Media Encoder 7" = Windows Media Encoder 7.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/7/2009 4:35:40 PM | Computer Name = PEECEE | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 4.1.0.166, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.

Error - 9/19/2009 7:02:11 PM | Computer Name = PEECEE | Source = Application Error | ID = 1000
Description = Faulting application rdl318.tmp.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00095fff.

Error - 9/29/2009 12:14:13 AM | Computer Name = PEECEE | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
msvcr71.dll, version 7.10.3052.4, fault address 0x00002cd0.

Error - 11/5/2009 6:39:45 PM | Computer Name = PEECEE | Source = MsiInstaller | ID = 10005
Description = Product: Skype web features -- The installer has encountered an unexpected
error installing this package. This may indicate a problem with this package. The
error code is 2738. The arguments are: , ,

Error - 11/20/2009 6:14:23 PM | Computer Name = PEECEE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00060206.

Error - 11/20/2009 6:14:48 PM | Computer Name = PEECEE | Source = Application Error | ID = 1000
Description = Faulting application DRWTSN32.EXE, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 11/22/2009 3:09:56 PM | Computer Name = PEECEE | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 7112, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 11/22/2009 3:09:56 PM | Computer Name = PEECEE | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 11/22/2009 3:09:59 PM | Computer Name = PEECEE | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 7112, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 11/24/2009 2:37:29 AM | Computer Name = PEECEE | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

[ System Events ]
Error - 12/2/2009 4:43:36 AM | Computer Name = PEECEE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\D, has a bad block.

Error - 12/2/2009 4:43:51 AM | Computer Name = PEECEE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\D, has a bad block.

Error - 12/2/2009 4:44:05 AM | Computer Name = PEECEE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\D, has a bad block.

Error - 12/2/2009 4:45:41 AM | Computer Name = PEECEE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\D, has a bad block.

Error - 12/3/2009 2:26:59 AM | Computer Name = PEECEE | Source = Service Control Manager | ID = 7034
Description = The AOL Connectivity Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 12/3/2009 2:26:59 AM | Computer Name = PEECEE | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/3/2009 2:26:59 AM | Computer Name = PEECEE | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/3/2009 2:26:59 AM | Computer Name = PEECEE | Source = Service Control Manager | ID = 7034
Description = The PCTEL Speaker Phone service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/3/2009 2:27:00 AM | Computer Name = PEECEE | Source = Service Control Manager | ID = 7034
Description = The WAN Miniport (ATW) Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 12/3/2009 2:27:01 AM | Computer Name = PEECEE | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).


< End of report >


Thanks for sticking with me.

Al
Al Tenuta Dell 2400 Windows XP

    Advertisements

Register to Remove


#17 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,755 posts

Posted 03 December 2009 - 01:03 AM

Hi alenuta, Looks ok. How's the computer?

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#18 altenuta

altenuta

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 03 December 2009 - 02:20 PM

I have a problem with the vertical scroll bar going crazy on me. This is both on all web browsers, and os windows too. It is intermittent. Upon opening a window or webpage it seems ok then it will go crazy and scroll to the bottom and not let me scroll back. Also the mouse pointer is acting up. Like something is taking control of the machine. I'm going to try another mouse tonite when I get home from work. Thank you for all your help. Al
Al Tenuta Dell 2400 Windows XP

#19 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,755 posts

Posted 03 December 2009 - 07:44 PM

Hi altenuta, What mouse are you using? Try a different mouse. If you are now using a wireless mouse, try changing the batteries. Let us know how you make out.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#20 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,755 posts

Posted 06 December 2009 - 11:08 AM

Hi altenuta, You still with us?

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#21 altenuta

altenuta

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 07 December 2009 - 02:32 PM

I haven't had a problem with the scrolling problem. It kind of went away on its own. I installed ClamWin anti-virus and wasn't happy with the way it works so I unloaded it and re-installed AVG free. Did a scan last night but haven't looked at the logs yet. The computer seems to be acting ok. I suspect that Skype may have been a major culprit in all this trouble. I want to keep using it but would like to restrain it from loading itself at start up. Is the best way to do this by going to msconfig and disabling it from startup items? I'll let you know how the AVG scan went. Al
Al Tenuta Dell 2400 Windows XP

#22 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,755 posts

Posted 07 December 2009 - 08:47 PM

Hi altenuta,

Good to hear about the scrolling problem. I don't believe Clam Win has real time protection so you are better off with AVG.

We can stop Skype from loading at startup. After this fix and reboot it won't load at startup.

Open hijackthis, do a system scan only and checkmark this line, if present

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized


Close ALL other windows/browsers and click Fix Checked. Answer Yes if prompted. Close HJT.


If no other problems, we can clean up our tools.

From your desktop, please delete
  • any notepads/logs that we created
  • GMER.zip
  • GMER.exe

Next

Click the Start button, click Run. Copy and paste the following line into the run box and click OK
Combofix /Uninstall


Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.


I suggest you keep MBAM. Keep it updated and use it regularly.


Updates and upgrades

You have an older version of Adobe Reader. You can download the current version HERE

You may want to consider Foxit Reader instead. It may be a bit lighter on resources.

Visit their support forum
Foxit Forum

In either case you should uninstall Adobe Reader 7.0.9 first. Be sure to move any PDF documents to another folder first though.


Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. You are missing a resident antispyware and a firewall program.

I recommend you use an antispyware program with resident (real time) scanning. I suggest

Windows Defender
OR
Winpatrol


* If you are behind a router Windows firewall should be fine. Otherwise a 3rd party firewall with outbound monitoring is recommended.

Click FIREWALL for tips, reviews and links to good, free and paid for firewalls. (Note: Zone Alarm is becoming bloatware)


You should also use Spyware Blaster to help immunize your computer.

- SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs.

OR

A guide to understanding and using the hosts file.

Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS

Please read the info on disabling the DNS Client before installing a custom hosts file.


-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.


- Keeping your Windows up-to-date is crucial to your computer's security. Please go to the Windows Update Site (using Internet Explorer) and download and install all critical updates on a regular basis.


- Ensure that Automatic Update is turned on so you get all the latest patches.
Click start, control panel, click Security Center.


- Keep your antivirus program updated, as well as any other security programs you have.


-Check this site out to check for out of date programs
Secunia Personal Software Inspector (PSI) 1.0


-More tips and programs can be found HERE


- You may also want to read this article By Tony Klein
http://www.freedomli...pic.php?t=22879

We will keep this thread open for a couple of days. Please post back if you have any problems or questions. Please post back when you have finished so this thread can be marked "Resolved".

Take care :adios:

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#23 altenuta

altenuta

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 08 December 2009 - 12:58 PM

I'll run the items tonite. Thanks, Al
Al Tenuta Dell 2400 Windows XP

#24 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,755 posts

Posted 13 December 2009 - 12:35 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users