OTViewIt Log;OTViewIt logfile created on: 03/02/2009 22:54:03 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Sami\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
446.48 Mb Total Physical Memory | 243.73 Mb Available Physical Memory | 54.59% Memory free
1.03 Gb Paging File | 0.51 Gb Available in Paging File | 49.38% Paging File free
Paging file location(s): C:\pagefile.sys 669 1344;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 25.09 Gb Free Space | 51.39% Space Free | Partition Type: NTFS
Drive D: | 25.69 Gb Total Space | 25.56 Gb Free Space | 99.49% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REBORN
Current User Name: Sami
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 60 Days
========== Processes ========== [2007/03/02 21:46:14 | 00,446,464 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/03/02 21:46:14 | 00,446,464 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2008/08/22 12:53:18 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/08/30 10:31:06 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2008/12/27 12:28:01 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008/07/23 10:38:13 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
[2008/11/27 15:32:48 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2008/08/30 10:31:02 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
[2005/09/22 12:36:20 | 14,854,144 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2008/12/27 12:28:01 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2002/12/31 12:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/08/28 09:18:24 | 03,660,848 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[2007/03/02 21:46:14 | 00,446,464 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2002/12/31 12:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/11/27 15:32:48 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2005/09/22 12:36:20 | 14,854,144 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2008/12/27 12:28:01 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/03/02 21:46:14 | 00,446,464 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2002/12/31 12:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/11/27 15:32:48 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2005/09/22 12:36:20 | 14,854,144 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2008/12/27 12:28:01 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2008/12/14 15:55:28 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Sami\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[2009/01/20 15:52:12 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[2009/02/03 22:50:59 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sami\Desktop\OTViewIt.exe
========== (O23) Win32 Services ========== [2008/08/22 12:53:18 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/08/08 14:48:31 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/03/02 21:46:14 | 00,446,464 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2008/08/30 10:31:02 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
[2008/08/30 10:31:06 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/07/22 18:10:52 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/12/27 12:28:01 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2002/12/31 11:00:00 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services ========== [2007/03/02 21:53:20 | 01,972,224 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2008/08/30 10:31:01 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
[2008/07/23 10:38:13 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
[2008/07/23 10:38:49 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX [Auto | Running])
[2004/03/17 07:12:12 | 00,135,168 | R--- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2005/09/23 17:56:28 | 03,966,976 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
[2002/12/31 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
[2008/12/22 11:06:00 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [System | Running])
[2008/12/22 11:06:02 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
[2008/12/22 11:05:58 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2007/11/13 10:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.com/
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search/?q=%s
"provider"=gogl
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.com/
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search/?q=%s
"provider"=gogl
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.co.uk/
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1007\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1007\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
========== (O1) Hosts File ========== HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
========== (O3) Toolbars ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Documents and Settings\Sami\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"ProxyWay"=C:\Program Files\ProxyWay\proxyway.exe File not found
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Documents and Settings\Sami\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"ProxyWay"=C:\Program Files\ProxyWay\proxyway.exe File not found
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
""= File not found
"gadcom"="C:\Documents and Settings\chippy\Application Data\gadcom\gadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139 File not found
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide (Veoh Networks)
========== (O4) Startup Folders ========== [2005/03/16 18:16:50 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Sami\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableRegistryTools"=0
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
========== (O8) IE Context Menu Extensions ========== [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/03/15 22:16:10 | 10,352,128 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/03/15 22:16:10 | 10,352,128 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1007\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{0483894E-2422-45E0-8384-021AFF1AF3CD}: Button: iOpus iMacros -- %ProgramFiles%\iMacros\imacros.dll [2008/07/08 11:53:36 | 00,929,144 | ---- | M] (iOpus Software GmbH)
{0483894E-2422-45E0-8384-021AFF1AF3CD}: Menu: iMacros Web Automation -- File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{0483894E-2422-45E0-8384-021AFF1AF3CD} [HKLM] -> %ProgramFiles%\iMacros\imacros.dll [iOpus iMacros] -> [2008/07/08 11:53:36 | 00,929,144 | ---- | M] (iOpus Software GmbH)
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{0483894E-2422-45E0-8384-021AFF1AF3CD} [HKLM] -> %ProgramFiles%\iMacros\imacros.dll [iOpus iMacros] -> [2008/07/08 11:53:36 | 00,929,144 | ---- | M] (iOpus Software GmbH)
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1006\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{0483894E-2422-45E0-8384-021AFF1AF3CD} [HKLM] -> %ProgramFiles%\iMacros\imacros.dll [iOpus iMacros] -> [2008/07/08 11:53:36 | 00,929,144 | ---- | M] (iOpus Software GmbH)
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{C5428486-50A0-4a02-9D20-520B59A9F9B2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{C5428486-50A0-4a02-9D20-520B59A9F9B3} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" =
http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_11
{A90A5822-F108-45AD-8482-9BC8B12DD539}:
http://www.crucial.com/controls/cpcScanner.cab -- Crucial cpcScan
{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}:
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab -- Java Plug-in 1.5.0_12
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_11
========== (O17) DNS Name Servers ========== {3C50D662-88C5-4D58-AC1C-C2586CDA1343} (Servers: 208.67.222.222,208.67.222.220 | Description: Realtek RTL8139 Family PCI Fast Ethernet NIC)
========== (O20) AppInit_DLLs ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=avgrsstx.dll rpopmo.dll
>[2008/07/23 10:38:14 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll
>File not found --
========== (O20) Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
========== Safeboot Options ========== "AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ========== AUTOEXEC.BAT []
[2008/07/18 09:18:03 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16dfbc98-2843-11de-a4ec-0016761da936}\Shell]
""=AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16dfbc98-2843-11de-a4ec-0016761da936}\Shell\AutoRun]
""=Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16dfbc98-2843-11de-a4ec-0016761da936}\Shell\AutoRun\command]
""=F:\AutoRun.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16dfbc9b-2843-11de-a4ec-0016761da936}\Shell]
""=AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16dfbc9b-2843-11de-a4ec-0016761da936}\Shell\AutoRun]
""=Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16dfbc9b-2843-11de-a4ec-0016761da936}\Shell\AutoRun\command]
""=F:\AutoRun.exe -- File not found
========== Files/Folders - Created Within 60 Days ========== [5 C:\WINDOWS\*.tmp files]
[2009/09/12 21:44:08 | 00,000,000 | ---D | C] -- C:\Program Files\Tales of Pirates Online
[2009/04/22 20:35:38 | 00,000,000 | ---D | C] -- C:\Program Files\alot
[2009/04/14 17:49:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\My Documents\Downloads
[2009/02/03 22:50:55 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sami\Desktop\OTViewIt.exe
[2009/02/02 22:17:55 | 00,000,000 | ---D | C] -- C:\rsit
[2009/02/02 22:04:45 | 00,781,851 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\RSIT.exe
[2009/02/02 18:57:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Application Data\Malwarebytes
[2009/02/02 18:57:41 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/02/02 18:57:38 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/02 18:57:36 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/02 18:57:34 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/02 18:57:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2009/01/29 18:11:23 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/01/27 10:04:46 | 00,000,000 | ---D | C] -- C:\spoolerlogs
[2009/01/26 20:27:12 | 00,004,111 | ---- | C] () -- C:\WINDOWS\System32\02231134bb.ax
[2009/01/26 20:07:53 | 00,027,136 | ---- | C] (Adobe) -- C:\WINDOWS\System32\lspffd.dll
[2009/01/26 13:32:07 | 00,000,000 | -HSD | C] -- C:\found.001
[2009/01/18 19:31:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Local Settings\Application Data\Opera
[2009/01/18 19:31:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Application Data\Opera
[2009/01/18 10:11:50 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Opera.lnk
[2009/01/18 10:11:15 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/01/11 18:29:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
[2009/01/11 17:54:21 | 05,230,592 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\proxyway.exe
[2009/01/06 22:41:33 | 00,364,668 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\ipb_images-CD6600.xml.gz
[2009/01/06 22:37:45 | 00,011,922 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\ipb_skin-ipb-CD6600.xml.gz
[2009/01/06 22:30:51 | 00,000,570 | ---- | C] () -- C:\Documents and Settings\Sami\My Documents\My Sharing Folders.lnk
[2009/01/06 19:02:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\My Documents\My Received Files
[2009/01/05 20:35:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\My Documents\My Chat Logs
[2009/01/04 23:12:34 | 70,960,398 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\True_Warrior_Volume_1-(DatPiff.com).zip
[2009/01/04 22:55:58 | 61,223,562 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\Find_a_Place_2_Rest-(DatPiff.com).zip
[2009/01/04 22:38:15 | 58,508,348 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\Choo_Presents_2Pac_-_Reason_2_Live__2007_.rar
[2009/01/02 22:19:11 | 00,001,663 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\FileZilla Client.lnk
[2009/01/02 22:19:00 | 00,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2009/01/02 20:55:49 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/01/02 18:15:24 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/01/02 18:15:19 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/01/02 18:15:14 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/01/02 18:13:55 | 00,000,000 | ---D | C] -- C:\ComboFix
[2008/12/31 14:19:29 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2008/12/31 14:19:29 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2008/12/31 14:19:29 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2008/12/31 14:19:29 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2008/12/31 14:19:29 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2008/12/31 14:19:29 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2008/12/31 14:19:29 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2008/12/31 14:19:29 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2008/12/31 14:19:29 | 00,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2008/12/31 14:19:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2008/12/31 14:19:18 | 00,000,000 | ---D | C] -- C:\Qoobox
[2008/12/29 16:21:28 | 02,888,937 | R--- | C] () -- C:\Documents and Settings\Sami\Desktop\ComboFix.exe
[2008/12/29 13:15:40 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/12/26 21:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\ProxyWay
[2008/12/26 20:57:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Desktop\ContactForm
[2008/12/25 23:50:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Desktop\reddy
[2008/12/25 22:02:11 | 00,023,833 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\Reddy.zip
[2008/12/24 22:11:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Application Data\Hide IP NG
[2008/12/24 21:46:26 | 00,000,032 | ---- | C] () -- C:\WINDOWS\go
[2008/12/24 20:42:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2008/12/24 20:42:38 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\SUPERAntiSpyware Free Edition.lnk
[2008/12/24 20:42:26 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2008/12/24 20:42:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Application Data\SUPERAntiSpyware.com
[2008/12/14 15:29:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Desktop\Tube Increaser
[2008/12/10 22:51:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\My Documents\Adobe
[2008/12/10 22:48:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe Systems
[2008/12/10 22:47:07 | 00,001,762 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Audition 3.0.lnk
[2008/12/09 19:41:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\.jagex_cache_32
[2008/12/08 10:51:55 | 00,000,000 | -HSD | C] -- C:\found.000
[2008/12/07 17:38:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Application Data\Megaupload
[2008/12/07 17:37:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Megaupload
[2008/12/07 17:37:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sami\Application Data\EmailNotifier
[2008/12/07 17:37:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EmailNotifier
[2008/12/06 22:10:43 | 00,000,471 | ---- | C] () -- C:\Documents and Settings\Sami\Desktop\GoldWave.lnk
[2008/12/06 22:10:37 | 00,000,000 | ---D | C] -- C:\Program Files\GoldWave
========== Files - Modified Within 60 Days ========== [255 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/09/13 09:28:56 | 00,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/09/13 09:28:55 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/09/12 21:11:54 | 00,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/09/12 21:11:54 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/09/12 19:00:32 | 00,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/09/12 19:00:32 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/09/12 13:52:23 | 00,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/09/12 13:52:23 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/09/12 13:03:12 | 00,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/09/12 13:03:12 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/04/22 20:41:44 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2009/04/22 20:41:44 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2009/04/16 11:20:49 | 00,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/04/16 11:20:49 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/04/14 11:07:07 | 00,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/04/14 11:07:07 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/04/13 07:02:58 | 00,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/04/13 07:02:58 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/04/13 04:20:00 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/04/13 04:20:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/04/12 22:29:11 | 00,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/04/12 22:29:10 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/02/03 22:50:59 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sami\Desktop\OTViewIt.exe
[2009/02/03 22:45:33 | 00,004,111 | ---- | M] () -- C:\WINDOWS\System32\02231134bb.ax
[2009/02/03 21:51:57 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/03 11:00:38 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/03 11:00:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/02 22:04:47 | 00,781,851 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\RSIT.exe
[2009/02/02 19:16:53 | 00,027,136 | ---- | M] (Adobe) -- C:\WINDOWS\System32\lspffd.dll
[2009/02/02 18:57:41 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/01/27 17:36:49 | 00,000,570 | ---- | M] () -- C:\Documents and Settings\Sami\My Documents\My Sharing Folders.lnk
[2009/01/26 15:23:24 | 32,411,174 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/01/26 15:23:24 | 00,077,022 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/01/18 23:45:43 | 00,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/01/18 23:45:43 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/01/18 11:23:40 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/01/18 11:23:40 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/01/18 10:11:53 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Opera.lnk
[2009/01/17 10:41:59 | 00,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/01/17 10:41:59 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/01/14 16:52:13 | 00,433,630 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/14 16:52:13 | 00,068,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/14 16:52:12 | 00,509,720 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/14 08:24:18 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/01/13 21:56:54 | 00,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/01/13 21:56:54 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/01/13 16:39:01 | 00,000,292 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/01/13 16:39:01 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/01/11 19:48:20 | 00,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/01/11 19:48:20 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/01/11 17:54:53 | 05,230,592 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\proxyway.exe
[2009/01/10 11:37:32 | 00,000,654 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/01/10 01:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/01/06 22:41:33 | 00,364,668 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\ipb_images-CD6600.xml.gz
[2009/01/06 22:37:46 | 00,011,922 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\ipb_skin-ipb-CD6600.xml.gz
[2009/01/06 21:35:53 | 00,028,160 | -HS- | M] () -- C:\Documents and Settings\Sami\My Documents\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Sami\My Documents\Thumbs.db:encryptable
[2009/01/05 19:12:57 | 00,094,216 | ---- | M] () -- C:\Documents and Settings\Sami\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/01/05 19:10:14 | 02,933,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/04 23:14:13 | 70,960,398 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\True_Warrior_Volume_1-(DatPiff.com).zip
[2009/01/04 22:58:51 | 58,508,348 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\Choo_Presents_2Pac_-_Reason_2_Live__2007_.rar
[2009/01/04 22:57:30 | 61,223,562 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\Find_a_Place_2_Rest-(DatPiff.com).zip
[2009/01/02 22:19:11 | 00,001,663 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\FileZilla Client.lnk
[2009/01/02 20:48:59 | 00,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/01/02 20:48:59 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/01/02 18:29:26 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/01/02 18:28:56 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/01/02 18:15:25 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/01/02 18:13:39 | 02,888,937 | R--- | M] () -- C:\Documents and Settings\Sami\Desktop\ComboFix.exe
[2008/12/29 14:54:33 | 00,011,776 | ---- | M] () -- C:\Documents and Settings\Sami\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/29 11:19:36 | 00,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2008/12/29 11:19:35 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2008/12/25 22:02:24 | 00,023,833 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\Reddy.zip
[2008/12/24 22:54:35 | 00,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2008/12/24 22:54:34 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2008/12/24 21:46:26 | 00,000,032 | ---- | M] () -- C:\WINDOWS\go
[2008/12/24 20:42:38 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\SUPERAntiSpyware Free Edition.lnk
[2008/12/23 23:16:04 | 00,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2008/12/23 23:16:04 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2008/12/22 15:54:35 | 00,368,010 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2008/12/12 17:33:23 | 03,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/12 17:33:23 | 03,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/11 11:57:21 | 00,333,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys
[2008/12/11 11:57:21 | 00,333,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2008/12/10 22:47:07 | 00,001,762 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Audition 3.0.lnk
[2008/12/07 19:26:28 | 00,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[2008/12/06 22:10:44 | 00,000,471 | ---- | M] () -- C:\Documents and Settings\Sami\Desktop\GoldWave.lnk
< End of report >
Extras;OTViewIt Extras logfile created on: 03/02/2009 22:54:03 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Sami\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
446.48 Mb Total Physical Memory | 243.73 Mb Available Physical Memory | 54.59% Memory free
1.03 Gb Paging File | 0.51 Gb Available in Paging File | 49.38% Paging File free
Paging file location(s): C:\pagefile.sys 669 1344;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 25.09 Gb Free Space | 51.39% Space Free | Partition Type: NTFS
Drive D: | 25.69 Gb Total Space | 25.56 Gb Free Space | 99.49% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REBORN
Current User Name: Sami
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 60 Days
========== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2002/12/31 12:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/12/02 21:44:52 | 00,582,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2002/12/31 12:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/08/28 22:37:24 | 00,641,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2008/08/30 10:31:02 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/12/02 21:44:52 | 00,582,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
========== (O10) Winsock2 Catalogs ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [PSP] -- C:\WINDOWS\system32\lspffd.dll (Adobe)
========== (O18) Protocol Handlers ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/07/23 10:38:46 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/03/14 12:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/05/10 12:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])
========== (O18) Protocol Filters ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 12:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]
========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}"=Adobe Photoshop CS3
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}"=Windows Live Call
"{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{08CA9554-B5FE-4313-938F-D4A417B81175}"=QuickTime
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}"=OpenOffice.org Installer 1.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{205C6BDD-7B73-42DE-8505-9A093F35A238}"=Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}"=MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java(TM) 6 Update 11
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1"=ConvertHelper 2.1
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2BA00471-0328-3743-93BD-FA813353A783}"=Microsoft .NET Framework 3.0 Service Pack 1
"{2C0CD17D-0B06-4700-83FA-7344B868B0A2}"=Opera 9.63
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}"=Adobe Flash Video Encoder
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}"=Microsoft .NET Framework 3.5
"{3248F0A8-6813-11D6-A77B-00B0D0150120}"=J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}"=Windows Live Sign-in Assistant
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}"=Adobe Audition 3.0
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{5E496A1E-F0BB-43CB-ADBD-225B6E7667E0}"=Tube Increaser
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}"=Adobe Flash CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}"=Adobe Stock Photos 1.0
"{7C9AD221-994C-45B2-B46D-26F5735158CF}"=Sony Vegas Pro 8.0
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}"=Adobe Common File Installer
"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}"=Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81100000003}"=Adobe Reader 8.1.1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B74D4E10-1033-0000-0000-000000000001}"=Adobe Bridge 1.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BA1BE991-D723-41BE-AD16-42EAFDA794EA}"=Ulead COOL 3D 3.5
"{BAF78226-3200-4DB4-BE33-4D922A799840}"=Windows Presentation Foundation
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}"=Adobe Flash Player 9 ActiveX
"{C13A8E73-7E98-4295-BA94-6931701CD1F9}"=Topaz Vivacity
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}"=SUPERAntiSpyware Free Edition
"{CE27EACD-B61A-4E4B-8D61-25BF51D40007}"=xVideoServiceThief
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}"=Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{E9787678-1033-0000-8E67-000000000001}"=Adobe Help Center 1.0
"{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}"=Choice Guard
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}"=Windows Live Communications Platform
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}"=Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC1ADE3-944B-4231-894E-3903C37271D2}"=Adobe Setup
"Adobe Audition 3.0"=Adobe Audition 3.0
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58"=Adobe Photoshop CS3
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390"=Adobe Flash CS3 Professional
"alotToolbar"=ALOT Toolbar
"ATI Display Driver"=ATI Display Driver
"AVG8Uninstall"=AVG Free 8.0
"GoldWave v5.23"=GoldWave v5.23
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"IIM5_is1"=iMacros V6.20
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
"Magic Traffic Bot"=Magic Traffic Bot
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 3.5"=Microsoft .NET Framework 3.5
"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"SystemRequirementsLab"=System Requirements Lab
"WIC"=Windows Imaging Component
"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"WinRAR archiver"=WinRAR archiver
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"551cafe4ab1220fd"=TubeRobo - 1
"FileZilla Client"=FileZilla Client 3.1.6
"Google Chrome"=Google Chrome
========== HKEY_USERS Uninstall List ==========[HKEY_USERS\S-1-5-21-682003330-1303643608-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"551cafe4ab1220fd"=TubeRobo - 1
"FileZilla Client"=FileZilla Client 3.1.6
"Google Chrome"=Google Chrome
========== Last 10 Event Log Errors ==========[ Application Events ]
Error - 24/09/2008 09:29:21 | Computer Name = REBORN | Source = Google Update | ID = 20
Description =
Error - 24/09/2008 10:29:32 | Computer Name = REBORN | Source = Google Update | ID = 20
Description =
Error - 24/09/2008 17:05:19 | Computer Name = REBORN | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office Professional Edition 2003 -- Error 1706.
Setup cannot find the required files. Check your connection to the network, or
CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft
Office\OFFICE11\1033\SETUP.CHM.
Error - 24/09/2008 17:09:13 | Computer Name = REBORN | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office Professional Edition 2003 -- Error 1706.
Setup cannot find the required files. Check your connection to the network, or
CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft
Office\OFFICE11\1033\SETUP.CHM.
Error - 26/09/2008 16:00:04 | Computer Name = REBORN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3180, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 30/09/2008 06:38:11 | Computer Name = REBORN | Source = Application Hang | ID = 1002
Description = Hanging application Ad-Aware.exe, version 7.1.0.10, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 01/10/2008 07:28:03 | Computer Name = REBORN | Source = Application Hang | ID = 1002
Description = Hanging application msnmsgr.exe, version 8.5.1302.1018, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 01/10/2008 07:28:03 | Computer Name = REBORN | Source = Application Hang | ID = 1002
Description = Hanging application msnmsgr.exe, version 8.5.1302.1018, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 08/10/2008 12:06:43 | Computer Name = REBORN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 tube increaser.exe, P2 1.0.0.0, P3 48594426,
P4 system.windows.forms, P5 2.0.0.0, P6 4333aefa, P7 1508, P8 12f, P9 system.objectdisposedexception,
P10 NIL.
Error - 10/10/2008 11:55:53 | Computer Name = REBORN | Source = Application Hang | ID = 1002
Description = Hanging application Tube Increaser.exe, version 1.0.0.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 22/09/2008 00:44:14 | Computer Name = REBORN | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 22/09/2008 00:44:14 | Computer Name = REBORN | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 23/09/2008 10:28:12 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 25/09/2008 03:28:29 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 26/09/2008 03:19:08 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 26/09/2008 09:35:16 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 26/09/2008 15:43:04 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 27/09/2008 03:46:40 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 27/09/2008 07:25:57 | Computer Name = REBORN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 0016761DA936 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 27/09/2008 14:34:31 | Computer Name = REBORN | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.
< End of report >