KillAV.KI {TRJ} JS:FakeAV-K[TRJ], TRJ[GEN], avast not updatind, Sad But True

[St.Anger_561_]

O1 HOSTS File: (853 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1    localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized File not found
O4 - HKLM..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" (ALWIL Software)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)
O4 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownWithoutLogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - Reg Error: Value error. File not found

[St.Anger_561_]

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: musicmatch.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
[2009/04/19 03:21:39 | 00,000,000 | -HSD | C] -- C:\found.000
[2009/04/18 23:59:41 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/18 21:06:54 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/18 21:06:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/04/18 21:06:35 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/18 21:06:31 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/04/18 12:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Levent Canyas\Application Data\Malwarebytes
[2009/04/18 12:01:23 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/18 12:01:23 | 00,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/18 12:01:21 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/18 12:01:19 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/18 12:01:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/18 11:55:43 | 02,967,800 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Levent Canyas\My Documents\mbam-setup.exe
[2009/04/18 11:42:54 | 00,000,466 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Scan (full scan).job
[2009/04/18 11:40:35 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/18 11:28:13 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily).job
[2009/04/18 11:19:18 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/04/18 11:16:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/04/18 11:16:34 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/04/18 09:17:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/18 09:17:39 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/18 09:17:24 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/18 09:16:41 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/04/18 09:16:41 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/04/18 09:16:40 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/04/18 09:16:40 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/04/18 09:16:40 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/04/18 09:16:40 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/04/18 09:16:40 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/04/18 09:16:39 | 00,000,000 | ---D | C] -- C:\f5b77fb82c53c9034e9a44f517b8
[2009/04/18 09:16:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
O15 - HKU\.DEFAULT\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 115 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2835264611-1626357533-382488265-1007\..Trusted Domains: 65 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://help.bellsouth.net/sdccommon/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02CA9974-B6AC-497E-A371-73580432B0F6} http://imlive.com/ChatSource/gVideoContol.cab (Eyeball Video Message Control)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.trendmicro.com/housecall/xscan60.cab (HouseCall Control)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,81/mcinsctl.cab (Reg Error: Value error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by124fd.bay124.hotmail.msn.com/resources/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145927023781 (MUWebControl Class)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab (HouseCall Control)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll (Yahoo! MailTo)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}  (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

[St.Anger_561_]

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} http://www.livemetallica.com/nugster/dlControl.CAB (dlControl.UserControl1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}  (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{8ED412C0-6CA1-43D5-A584-2A41E154CB5A}\\NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{B7F3EB81-4190-41B1-8527-EAC21B3079E9}\\NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\SYSTEM32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll -  File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 10:59:58 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
 
========== Files/Folders - Created Within 30 Days ==========

[St.Anger_561_]

========== Files/Folders - Created Within 30 Days ==========
 
[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/25 09:11:45 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Levent Canyas\My Documents\OTListIt2.exe
[2009/04/22 23:17:33 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/22 20:15:35 | 00,003,500 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\DrWebScan2.csv
[2009/04/22 20:14:33 | 00,003,464 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\DrWebScan.csv
[2009/04/21 23:44:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/21 23:43:55 | 00,000,702 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\Desktop\SpywareBlaster.lnk
[2009/04/21 23:43:45 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/04/19 23:03:47 | 00,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2009/04/19 23:03:03 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\Desktop\True Sword.lnk
[2009/04/19 23:03:00 | 00,356,352 | ---- | C] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll
[2009/04/19 23:03:00 | 00,081,920 | ---- | C] (eSellerate Inc.) -- C:\WINDOWS\eSellerateControl350.dll
[2009/04/19 23:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\True Sword 5
[2009/04/19 15:32:08 | 70,178,288 | ---- | C] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\Levent Canyas\My Documents\a2FreeOASetup.exe
[2009/04/19 15:27:08 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/04/19 15:25:17 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/04/19 15:24:15 | 00,221,154 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\cc_20090419_152412.reg
[2009/04/19 15:19:33 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\RSIT.exe
[2009/04/19 14:48:45 | 02,480,016 | -H-- | C] () -- C:\Documents and Settings\Levent Canyas\Local Settings\Application Data\IconCache.db
[2009/04/19 12:49:08 | 00,000,886 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2009/04/19 12:49:08 | 00,000,161 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\Desktop\IObit Freeware.url
[2009/04/19 12:49:04 | 00,000,000 | ---D | C] -- C:\Program Files\IObit
[2009/04/19 12:49:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Levent Canyas\Application Data\IObit
[2009/04/19 12:46:35 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\Desktop\CCleaner.lnk
[2009/04/19 12:46:35 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/04/19 12:42:53 | 01,970,629 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\runscanner.zip
[2009/04/19 12:42:29 | 03,190,688 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Levent Canyas\My Documents\ccsetup218.exe
[2009/04/19 12:37:10 | 00,102,664 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/04/19 12:23:41 | 07,796,200 | ---- | C] (IObit                                                       ) -- C:\Documents and Settings\Levent Canyas\My Documents\asc-setup.exe
[2009/04/19 12:22:23 | 01,055,648 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\RootkitBuster_2.52.1013.zip
[2009/04/19 03:21:39 | 00,000,000 | -HSD | C] -- C:\found.000
[2009/04/18 23:59:41 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/18 21:06:54 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/18 21:06:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/04/18 21:06:35 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/18 21:06:31 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/04/18 12:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Levent Canyas\Application Data\Malwarebytes
[2009/04/18 12:01:23 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/18 12:01:23 | 00,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/18 12:01:21 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/18 12:01:19 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/18 12:01:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/18 11:55:43 | 02,967,800 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Levent Canyas\My Documents\mbam-setup.exe
[2009/04/18 11:42:54 | 00,000,466 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Scan (full scan).job
[2009/04/18 11:40:35 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/18 11:28:13 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily).job
[2009/04/18 11:19:18 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/04/18 11:16:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/04/18 11:16:34 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/04/18 09:17:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/18 09:17:39 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/18 09:17:24 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/18 09:16:41 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/04/18 09:16:41 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/04/18 09:16:40 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/04/18 09:16:40 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/04/18 09:16:40 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/04/18 09:16:40 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/04/18 09:16:40 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/04/18 09:16:39 | 00,000,000 | ---D | C] -- C:\f5b77fb82c53c9034e9a44f517b8
[2009/04/18 09:16:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/04/18 09:08:39 | 03,569,025 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\SASDEFINITIONS.EXE
[2009/04/18 09:05:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/04/18 01:01:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/04/18 00:58:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/17 21:00:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/17 20:03:53 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\Desktop\HijackThis.lnk
[2009/04/17 20:03:52 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/17 20:03:45 | 00,000,000 | ---D | C] -- C:\b6af8ac97383a24bba8a1bef8244c9
[2009/04/17 19:53:46 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Levent Canyas\My Documents\HJTInstall.exe
[2009/04/17 19:45:19 | 25,569,440 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Levent Canyas\My Documents\Setup.exe
[2009/04/16 23:00:26 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 23:00:25 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 23:00:25 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 23:00:24 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 23:00:24 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 23:00:23 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 23:00:22 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 23:00:22 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 23:00:22 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 22:58:38 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb

[St.Anger_561_]

[2009/04/16 22:58:38 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 22:58:37 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 01:32:15 | 00,022,648 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\American_Community_Survey_Wexler.wpd
[2009/04/08 19:12:11 | 00,003,864 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\life_Letter.wpd
[2009/04/06 21:11:01 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/04/06 21:09:11 | 06,237,728 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\SUPERAntiSpyware.exe
[2009/04/06 20:58:58 | 06,187,552 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\SUPERAntiSpywarePro.exe
[2009/04/05 19:13:44 | 24,356,488 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\vpsupd.exe
[2009/04/01 23:18:43 | 00,047,525 | ---- | C] () -- C:\Documents and Settings\Levent Canyas\My Documents\EU Transcript Request (2).pdf
[2009/03/27 00:26:27 | 00,016,320 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\LC_UF_UOT.wpd
[2007/07/08 21:32:10 | 00,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2007/05/22 00:00:26 | 00,000,250 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/04 08:49:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI
[2007/03/22 09:52:57 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/02/21 03:29:50 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/02 21:53:29 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/01/22 07:08:19 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zwpshex.dll
[2005/11/24 01:16:21 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/08/30 00:39:24 | 00,000,264 | ---- | C] () -- C:\WINDOWS\System32\winsusrm.dll
[2005/05/03 11:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll
[2005/05/03 11:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll
[2005/04/24 00:51:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\sys_dll.dll
[2005/04/04 18:12:19 | 00,000,073 | ---- | C] () -- C:\WINDOWS\morphexe.INI
[2005/03/15 01:01:13 | 00,016,970 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/01/10 23:39:05 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/11/10 18:42:16 | 00,000,045 | ---- | C] () -- C:\WINDOWS\Protocol.ini
[2004/11/09 01:03:46 | 00,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2004/11/09 01:03:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/11/09 00:58:26 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/10/21 19:53:14 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2004/10/21 19:53:13 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2004/09/01 11:49:17 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/06/17 21:30:15 | 00,002,450 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2004/05/17 20:57:42 | 00,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2004/05/17 20:57:41 | 00,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2004/04/05 09:46:37 | 00,000,116 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2004/03/25 20:22:10 | 00,000,031 | ---- | C] () -- C:\WINDOWS\AUTHMGR.INI
[2004/03/25 19:25:08 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2004/03/25 19:24:48 | 00,002,188 | ---- | C] () -- C:\WINDOWS\BRMFBIDI.INI
[2004/03/25 19:23:56 | 00,000,585 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini
[2004/03/25 19:23:56 | 00,000,463 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2004/03/25 19:23:56 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2004/03/25 19:22:02 | 00,000,806 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2004/02/25 20:17:13 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/02/25 20:09:09 | 00,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2004/02/25 20:02:28 | 00,000,899 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/02/25 19:47:15 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/02/25 19:34:14 | 00,000,452 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/11/01 17:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/09/03 10:59:58 | 00,000,226 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2002/09/03 10:50:58 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2002/08/12 09:19:42 | 00,101,376 | ---- | C] () -- C:\WINDOWS\System32\Welsof32.dll
[2002/07/04 16:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2002/01/08 17:57:34 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001/12/14 14:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/07/07 04:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/09/08 17:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1999/12/07 01:00:00 | 00,024,976 | ---- | C] () -- C:\WINDOWS\twain_16.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
 
========== Files - Modified Within 30 Days ==========

[St.Anger_561_]

1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/25 09:04:20 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Levent Canyas\My Documents\OTListIt2.exe
[2009/04/25 08:45:13 | 00,000,853 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2009/04/25 08:36:39 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/25 08:35:12 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/25 08:31:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/04/25 08:30:15 | 02,480,016 | -H-- | M] () -- C:\Documents and Settings\Levent Canyas\Local Settings\Application Data\IconCache.db
[2009/04/25 08:10:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/25 08:10:26 | 00,000,230 | -H-- | M] () -- C:\BOOT.INI
[2009/04/25 08:10:26 | 00,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2009/04/25 08:10:26 | 00,000,226 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/04/24 07:39:01 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2009/04/22 20:15:35 | 00,003,500 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\DrWebScan2.csv
[2009/04/22 20:14:33 | 00,003,464 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\DrWebScan.csv
[2009/04/21 23:43:55 | 00,000,702 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Desktop\SpywareBlaster.lnk
[2009/04/21 23:37:47 | 00,155,136 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/21 23:35:41 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/04/19 23:03:03 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Desktop\True Sword.lnk
[2009/04/19 22:57:34 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/04/19 15:32:12 | 70,178,288 | ---- | M] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\Levent Canyas\My Documents\a2FreeOASetup.exe
[2009/04/19 15:24:37 | 00,221,154 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\cc_20090419_152412.reg
[2009/04/19 15:19:37 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\RSIT.exe
[2009/04/19 12:49:08 | 00,000,886 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2009/04/19 12:49:08 | 00,000,161 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Desktop\IObit Freeware.url
[2009/04/19 12:46:35 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Desktop\CCleaner.lnk
[2009/04/19 12:46:26 | 03,190,688 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Levent Canyas\My Documents\ccsetup218.exe
[2009/04/19 12:43:07 | 01,970,629 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\runscanner.zip
[2009/04/19 12:37:26 | 07,796,200 | ---- | M] (IObit                                                       ) -- C:\Documents and Settings\Levent Canyas\My Documents\asc-setup.exe
[2009/04/19 12:36:48 | 01,055,648 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\RootkitBuster_2.52.1013.zip
[2009/04/19 08:11:03 | 00,000,899 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2009/04/18 23:55:11 | 00,075,200 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/18 21:06:54 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/18 21:06:35 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/18 21:05:48 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/18 20:46:18 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2009/04/18 12:48:16 | 00,000,466 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (full scan).job
[2009/04/18 12:01:23 | 00,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/18 11:56:01 | 02,967,800 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Levent Canyas\My Documents\mbam-setup.exe
[2009/04/18 11:28:13 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily).job
[2009/04/18 11:16:34 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/04/18 09:50:51 | 00,278,944 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/18 09:25:37 | 00,524,280 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/18 09:25:37 | 00,442,774 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/04/18 09:25:37 | 00,071,848 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/04/18 09:09:10 | 03,569,025 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\SASDEFINITIONS.EXE
[2009/04/18 07:50:26 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\DESKTOP.INI
[2009/04/17 20:03:54 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\Desktop\HijackThis.lnk
[2009/04/17 20:03:46 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Levent Canyas\My Documents\HJTInstall.exe
[2009/04/17 20:03:36 | 25,569,440 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Levent Canyas\My Documents\Setup.exe
[2009/04/17 07:49:30 | 00,016,970 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2009/04/16 12:08:55 | 00,022,648 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\American_Community_Survey_Wexler.wpd
[2009/04/09 23:16:05 | 00,312,968 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20090418-235101.backup
[2009/04/08 19:16:31 | 00,003,864 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\life_Letter.wpd
[2009/04/06 21:11:01 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/04/06 21:09:50 | 06,237,728 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\SUPERAntiSpyware.exe
[2009/04/06 21:07:14 | 06,187,552 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\SUPERAntiSpywarePro.exe
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/05 19:14:04 | 24,356,488 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\vpsupd.exe
[2009/04/05 18:41:17 | 00,304,968 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20090409-231605.backup
[2009/04/02 16:03:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/01 23:18:43 | 00,047,525 | ---- | M] () -- C:\Documents and Settings\Levent Canyas\My Documents\EU Transcript Request (2).pdf
[2009/03/31 23:35:48 | 00,001,831 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger .lnk
[2009/03/27 02:58:38 | 01,203,922 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/03/27 00:26:27 | 00,016,320 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\LC_UF_UOT.wpd
 
========== Alternate Data Streams ==========

[St.Anger_561_]

========== Alternate Data Streams ==========
 
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >


holy smokes, what a bunch of stuff is in this log!!!  it also gave me another log, called a extraol2.list, I guess I should post that too?

[St.Anger_561_]

OTListIt Extras logfile created on: 4/25/2009 9:12:06 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0     Folder = C:\Documents and Settings\Levent Canyas\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.25 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 72.42% Memory free
1.48 Gb Paging File | 1.32 Gb Available in Paging File | 88.97% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 33.09 Gb Free Space | 44.45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 54.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 1.94 Gb Total Space | 1.80 Gb Free Space | 92.54% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: D3Z3PF41
Current User Name: Levent Canyas
Logged in as Administrator.
 
Current Boot Mode: SafeMode
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
 

[St.Anger_561_]

========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 20:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
[2008/04/13 20:12:25 | 01,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\mmc.exe:*:Disabled:Microsoft Management Console
[2007/08/30 18:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Disabled:Yahoo! FT Server
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2006/02/19 05:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
[2006/02/19 06:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
[2006/04/21 01:13:30 | 00,231,000 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
[2006/04/20 22:28:12 | 00,040,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
[2006/04/21 00:43:46 | 00,087,640 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
[2006/02/17 01:19:34 | 00,192,512 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2006/02/16 23:49:52 | 01,085,440 | R--- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2006/04/21 01:06:26 | 00,181,848 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
[2006/02/15 11:37:26 | 00,147,511 | R--- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
[2006/04/21 01:13:00 | 00,456,280 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
[2006/02/09 17:43:36 | 00,110,592 | R--- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
[2006/02/09 17:41:28 | 00,573,440 | ---- | M] ( ) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
[2006/04/21 00:42:18 | 00,063,064 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
[2006/02/19 06:29:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
[2009/04/25 07:17:15 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
[2007/08/30 18:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger
[2008/02/08 11:04:44 | 00,072,264 | ---- | M] (Kaspersky Lab) -- C:\kav\kav7\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup
[2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[St.Anger_561_]

========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}" = aspi
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0E9804E3-1D94-4D4A-A17D-19777FEF049D}" = Weather Add-in for Windows Live Toolbar
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}" = Form Fill (Windows Live Toolbar)
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66A7A386-6F35-41A7-A731-101F0C0153C8}" = Popup Blocker (Windows Live Toolbar)
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}" = Ad-Aware SE Personal
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{84F1DE76-C48C-4281-87A0-CC9548D1E7F9}" = Rhapsody Player Engine
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp

[St.Anger_561_]

"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A72C3852-1B81-4E49-BBF7-A1795413FCBD}" = Veo Creative Studio - Connect
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}" = PaperPort 8.0 SE
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{C44CB060-2AD1-11D6-BC84-00D0B7E10CD1}" = Veo Advanced Connect
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D43E1D3F-CC1F-4E41-80F5-9C1D28187DE9}" = iPod Updater 2004-08-06
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.2.1060)
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Ad-Aware" = Ad-Aware
"Adobe Acrobat Reader 3.0" = Adobe Acrobat Reader 3.0
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ashampoo WinOptimizer 4_is1" = Ashampoo WinOptimizer 4.35
"avast!" = avast! Antivirus
"BellSouth" = BellSouth FastAccess DSL Help Center
"blstoolbar" = BellSouth Toolbar 1.0
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)

[St.Anger_561_]

"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V.9x 56K DF PCI Modem
"CyberScrub Trial Edition 3.5" = CyberScrub Trial Edition 3.5
"dBpoweramp [Calculate Audio CRC] Codec" = dBpoweramp [Calculate Audio CRC] Codec
"dBpoweramp CD Writer" = dBpoweramp CD Writer
"dBpoweramp Dalet Codec" = dBpoweramp Dalet Codec
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp Monkeys Audio Codec" = dBpoweramp Monkeys Audio Codec
"dBpoweramp Mp2 and BwfMp2 codec" = dBpoweramp Mp2 and BwfMp2 codec
"dBpoweramp mp3 (Fraunhofer IIS) Codec" = dBpoweramp mp3 (Fraunhofer IIS) Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp Ogg Vorbis Codec" = dBpoweramp Ogg Vorbis Codec
"dBpoweramp Real Audio (Helix) Encoder" = dBpoweramp Real Audio (Helix) Encoder
"dBPoweramp tooLame MP2 codec" = dBPoweramp tooLame MP2 codec
"dBpoweramp Wave64 Codec" = dBpoweramp Wave64 Codec
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Eraser_is1" = Eraser
"Eyeball Chat 2.2" = Eyeball Chat 2.2
"GRE POWERPREP" = GRE POWERPREP
"HijackThis" = HijackThis 2.0.2
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inspiration 8" = Inspiration 8
"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"InstallShield_{D43E1D3F-CC1F-4E41-80F5-9C1D28187DE9}" = iPod Updater 2004-08-06
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.9)" = Mozilla Firefox (3.0.9)
"MSN Music Assistant" = MSN Music Assistant
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MySpaceIM" = MySpaceIM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"SpywareBlaster_is1" = SpywareBlaster 4.2
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TOEFL POWERPREP" = TOEFL POWERPREP
"TradeManager" = TradeManager
"True Sword 5_is1" = True Sword 5
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMCSetup" = Windows Media Connect
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZipWiz" = ZipWiz 2005 by Synaptek Software
 
========== HKEY_CURRENT_USER Uninstall List ==========

[St.Anger_561_]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2835264611-1626357533-382488265-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 3/20/2009 7:31:51 AM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
Error - 3/21/2009 5:53:45 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
Error - 3/26/2009 8:49:36 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
Error - 4/2/2009 7:38:04 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
Error - 4/2/2009 7:38:05 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\SESSIONSTORE.JS
 failed, 00000005. 
 
Error - 4/4/2009 9:28:36 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
Error - 4/4/2009 9:28:36 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\SESSIONSTORE.JS
 failed, 00000005. 

[St.Anger_561_]

Error - 4/12/2009 7:22:25 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
Error - 4/17/2009 8:26:47 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\WINDOWS\SoftwareDistribution\Download\ff6a3f56b09f733b206809386437d42e\BIT49.tmp
 failed, 00000026. 
 
Error - 4/18/2009 6:21:26 PM | Computer Name = D3Z3PF41 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\DOCUMENTS AND SETTINGS\LEVENT CANYAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0YYYPZPN.DEFAULT\PREFS.JS
 failed, 00000005. 
 
[ Application Events ]
Error - 3/18/2009 7:26:58 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 3/18/2009 7:26:59 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{8D1D0E9A-C799-4D28-9E29-0061D1E66E43}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error - 3/19/2009 3:01:01 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 3/19/2009 3:01:02 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{8D1D0E9A-C799-4D28-9E29-0061D1E66E43}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

[St.Anger_561_]

Error - 3/19/2009 8:21:39 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 3/19/2009 8:21:39 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{8D1D0E9A-C799-4D28-9E29-0061D1E66E43}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error - 3/20/2009 3:01:03 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 3/20/2009 3:01:03 AM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{8D1D0E9A-C799-4D28-9E29-0061D1E66E43}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error - 3/20/2009 10:53:43 PM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 3/20/2009 10:53:44 PM | Computer Name = D3Z3PF41 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{8D1D0E9A-C799-4D28-9E29-0061D1E66E43}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
[ System Events ]
Error - 4/25/2009 8:37:01 AM | Computer Name = D3Z3PF41 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 4/25/2009 8:37:04 AM | Computer Name = D3Z3PF41 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
 arguments ""  in order to run the server:  {BA126AE5-2166-11D1-B1D0-00805FC1270E}
 
Error - 4/25/2009 8:37:04 AM | Computer Name = D3Z3PF41 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 4/25/2009 8:37:04 AM | Computer Name = D3Z3PF41 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}