Helper.dll [RESOLVED]

Hi there

Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  [kill explorer]
  C:\Program Files\Common
  C:\WINDOWS\system32\iehlpr32.dll
  emptytemp
  purity
  [start explorer]

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

And,

• Go Here and download ERUNT
  (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
• Install ERUNT by following the prompts
  (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
• Start ERUNT
  (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
• Choose a location for the backup
  (the default location is C:\WINDOWS\ERDNT which is acceptable).
• Make sure that at least the first two check boxes are ticked
• Press OK
• Press YES to create the folder.

Now please open Notepad by going to Start > Run and typing Notepad.exe in the window that pops up. Press enter and in the notepad window that appears Copy (Ctrl+C) and Paste (Ctrl+P) the following:

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687bf2ff-b79f-495b-a2b1-74a587cb09e0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\main.DLL]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A0E1054B-01EE-4D57-A059-4D99F339709F}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{986A8AC1-AB4D-4F41-9068-4B01C0197867}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8E3C68CD-F500-4A2A-8CB9-132BB38C3573}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\main.BHO]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\main.BHO.1]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}]

Note: it is important to copy this with the spacing left as it is, also make sure "REGEDIT4" is the first thing in Notepad (No spaces ahead or anything).

In Notepad click on the "File" menu > Save As... Under "File name" type Fix.reg and Change "Save as type" to All Files

Now double click Fix.reg. A pop-up will appear asking you if you want to import this to your registry click yes.

And finally,

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Edited by Mike, 28 August 2008 - 12:22 PM.

Here is the OT Move it log. However, right after I clicked 'Move it' I got an error message and OT Move it closed. Below is the log.

Explorer killed successfully
C:\Program Files\Common moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\iehlpr32.dll
C:\WINDOWS\system32\iehlpr32.dll NOT unregistered.
C:\WINDOWS\system32\iehlpr32.dll moved successfully.
< emptytemp >
File delete failed. C:\DOCUME~1\Smadar\LOCALS~1\Temp\Perflib_Perfdata_988.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Smadar\LOCALS~1\Temp\~DF72A0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Smadar\LOCALS~1\Temp\~DFAE9B.tmp scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08282008_182307

more to follow

I got up to this point, but I'm not sure what you want me to double click exactly???

Now double click Fix.reg. A pop-up will appear asking you if you want to import this to your registry click yes.

OK, I figured out what you meant by double clicking fix.reg. I've since downloaded and I am now running RSIT. It appears to be stuck on "performing registry dump'. It's been stuck there for about 10 minutes. Is that supposed to happen?

Edited by Sherry718, 28 August 2008 - 04:57 PM.

OKKKKKKKKKKKK, RSIT just shut itself off with some error message. It had been stuck on performing reg dump for over an hour. Now what?

Since that RSIT fix didn't work, I did something on my own. I followed these instructions
Please download Brute Force Uninstaller .

Right click the downloaded BFU folder, and choose Extract All
Click “Next”
In the box to choose where to extract the files to,
Click “Browse”
Click on the + sign next to “My Computer”
Click on “Local Disk (C:) or whatever your primary drive is
Click “Make New Folder”
Type in BFU
Click “Next”, and Uncheck the “Show Extracted Files” box and then click “Finish”.
RIGHT-CLICK HERE and choose “Save As” (in IE it’s “Save Target As”) in order to download DeepDive Remover.
Save it in the same folder you made earlier (c:\BFU).

Then, please go to Start > My Computer and navigate to the C:\BFU folder.

Start the Brute Force Uninstaller by doubleclicking BFU.exe
Behind the scriptline to execute field click the folder icon and select DeepDive.bfu
Press Execute and let the program do it’s job. (Do not be startled as your taskbar will disappear for a little while.)
Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.
A notepad file called BFUlogdeepdive.txt will be created on the systemdrive (usually the location will be C:\BFUlogdeepdive.txt). Post the content of that file please.

Below is the log the BFU fix created
BFU v1.11.0
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 10:37:58 PM, on 8/28/2008

Option Unload Explorer: Yes
Option Delete files to Recycle Bin: Yes
Success: ProcessKillByPID 3388
Success: ProcessKill C:\WINDOWS\explorer.exe|1
Success: ProcessKillByPID 2436
Success: ProcessKill iexplore.exe|1
Failed: DllUnregister C:\Program Files\Common\helper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common\_helper.dll|1 (file not found)
Failed: DllUnregister \main.dll|1 (file not found)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\AppID\main.DLL (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\AppID\{A0E1054B-01EE-4D57-A059-4D99F339709F} (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\Interface\{986A8AC1-AB4D-4F41-9068-4B01C0197867} (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\TypeLib\{8E3C68CD-F500-4A2A-8CB9-132BB38C3573} (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\main.BHO (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Classes\main.BHO.1 (key does not exist)
Failed: RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (key does not exist)
Failed: FolderDelete C:\Program Files\Common (folder not found)
Success: SystemRun C:\WINDOWS\explorer.exe||1
Script completed at 10:39:33 PM.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:56 PM, on 8/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
C:\WINDOWS\C0130Mon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\Common Files\AOL\1209522247\ee\aolsoftware.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\sol.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080415
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1209522247\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [eFax 4.3] "C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [C0130Mon.exe] C:\WINDOWS\C0130Mon.exe
O4 - HKLM\..\RunOnce: [OTScanIt] C:\Documents and Settings\Smadar\Desktop\OTMoveIt2.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - http://fpdownload2.m...ash/swflash.cab
O18 - Filter hijack: text/html - {687bf2ff-b79f-495b-a2b1-74a587cb09e0} - C:\WINDOWS\system32\iehlpr32.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8590 bytes

Good morning!

Please don't run tools on your own, it makes things difficult for me to follow, we already got rid of the things the BFU targets anyways .

First off, please navigate to C:\_OTMoveIt\MovedFiles. You should see a folder titled 08282008_182307, please right click on that folder - in the menu that appears click on Send to then Compressed (Zipped) Folder. Name the folder and save it to somewhere you remember (eg. your desktop).

Then please go here here and upload the whole thing for me.

Then,

Please open Notepad by going to Start > Run and typing Notepad.exe in the window that pops up. Press enter and in the notepad window that appears Copy (Ctrl+C) and Paste (Ctrl+P) the following:

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687bf2ff-b79f-495b-a2b1-74a587cb09e0}]

Note: it is important to copy this with the spacing left as it is, also make sure "REGEDIT4" is the first thing in Notepad (No spaces ahead or anything).

In Notepad click on the "File" menu > Save As... Under "File name" type Fix.reg and Change "Save as type" to All Files

Now double click Fix.reg. A pop-up will appear asking you if you want to import this to your registry click yes.

Then,

Download OTViewIt to your desktop.

• Close all windows and open it
• Click Run Scan and let the program run uninterrupted
• It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
• You may need to use two posts to get it all on the forum

Post back with the log along with a fresh Hijack This log.

Edited by Mike, 29 August 2008 - 03:00 AM.

OTViewIt logfile created on: 8/29/2008 11:19:59 AM - Run 1
OTViewIt by OldTimer - Version 1.0.1.1 Folder = C:\Documents and Settings\Smadar\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.45% Memory free
3.85 Gb Paging File | 3.34 Gb Available in Paging File | 86.86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.95 Gb Total Space | 54.13 Gb Free Space | 75.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHERRYBROOKLYN
Current User Name: Smadar
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[12/11/2007 02:22 PM | 00,024,064 | ---- | M] () - C:\WINDOWS\system32\WLTRYSVC.EXE
[02/18/2008 11:16 AM | 00,110,592 | ---- | M] (Apple, Inc.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[05/25/2007 12:38 PM | 00,112,176 | ---- | M] (SingleClick Systems) - C:\Program Files\Dell Network Assistant\hnm_svc.exe
[06/03/2007 03:20 PM | 00,851,968 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[05/14/2007 03:23 PM | 01,191,936 | ---- | M] (Dell Inc) - C:\Program Files\Dell\QuickSet\quickset.exe
[11/02/2006 03:05 PM | 00,282,624 | ---- | M] (Knowles Acoustics) - C:\WINDOWS\system32\KADxMain.exe
[03/06/2007 01:21 PM | 00,116,224 | ---- | M] (j2 Global Communications, Inc.) - C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
[10/09/2007 01:01 AM | 00,032,768 | ---- | M] (Creative Technology Ltd.) - C:\WINDOWS\C0130Mon.exe
[04/18/2007 02:49 AM | 00,039,472 | ---- | M] (AOL, LLC.) - C:\Program Files\AOL 9.0\waol.exe
[05/25/2007 12:39 PM | 00,964,144 | ---- | M] (SingleClick Systems) - C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
[11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Program Files\Digital Line Detect\DLG.exe
[04/18/2007 02:49 AM | 00,054,832 | ---- | M] (AOL, LLC.) - C:\Program Files\AOL 9.0\shellmon.exe

===== Win32 Services - Non-Microsoft Only =====

(Apple Mobile Device) Apple Mobile Device [Auto | Running]
[02/18/2008 11:16 AM | 00,110,592 | ---- | M] (Apple, Inc.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

(hnmsvc) Advanced Networking Service [Auto | Running]
[05/25/2007 12:38 PM | 00,112,176 | ---- | M] (SingleClick Systems) - C:\Program Files\Dell Network Assistant\hnm_svc.exe

(wltrysvc) Dell Wireless WLAN Tray Service [Auto | Running]
[12/11/2007 02:22 PM | 00,024,064 | ---- | M] () - C:\WINDOWS\system32\WLTRYSVC.EXE

===== Driver Services - Non-Microsoft Only =====

(APPDRV) APPDRV [System | Running]
[08/12/2005 06:50 PM | 00,016,128 | ---- | M] (Dell Inc) - C:\WINDOWS\system32\drivers\APPDRV.SYS

(ASCTRM) ASCTRM [Auto | Running]
[04/29/2008 08:23 PM | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) - C:\WINDOWS\System32\drivers\asctrm.sys

(BCM43XX) Dell Wireless WLAN Card Driver [On_Demand | Running]
[12/11/2007 02:22 PM | 01,123,328 | ---- | M] (Broadcom Corp.) - C:\WINDOWS\system32\drivers\BCMWL5.SYS

(DXEC02) DXEC02 [On_Demand | Running]
[11/02/2006 01:31 PM | 00,103,168 | ---- | M] (Knowles Acoustics) - C:\WINDOWS\system32\drivers\dxec02.sys

(E100B) Intel® PRO Adapter Driver [On_Demand | Stopped]
[08/17/2001 01:12 PM | 00,117,760 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\e100b325.sys

(iaStor) Intel RAID Controller [Boot | Stopped]
[05/08/2007 09:22 PM | 00,277,784 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\iastor.sys

(mraid35x) mraid35x [Disabled | Stopped]
[08/17/2001 02:52 PM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys

(Packet) Auto Internet Protocol [Auto | Running]
[12/18/2006 08:01 PM | 00,012,672 | ---- | M] (SingleClick Systems) - C:\WINDOWS\system32\drivers\packet.sys

(rimmptsk) rimmptsk [Auto | Running]
[05/08/2007 10:46 PM | 00,032,256 | ---- | M] (REDC) - C:\WINDOWS\system32\drivers\rimmptsk.sys

(rimsptsk) rimsptsk [Auto | Running]
[05/08/2007 10:46 PM | 00,043,520 | ---- | M] (REDC) - C:\WINDOWS\system32\drivers\rimsptsk.sys

(rismxdp) Ricoh xD-Picture Card Driver [Auto | Running]
[05/08/2007 10:46 PM | 00,037,376 | ---- | M] (REDC) - C:\WINDOWS\system32\drivers\rixdptsk.sys

(Sparrow) Sparrow [Disabled | Stopped]
[08/17/2001 03:07 PM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys

(SynTP) Synaptics TouchPad Driver [On_Demand | Running]
[06/03/2007 03:20 PM | 00,202,912 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys

(USBAAPL) Apple Mobile USB Driver [On_Demand | Stopped]
[02/18/2008 11:16 AM | 00,030,464 | ---- | M] (Apple, Inc.) - C:\WINDOWS\system32\drivers\usbaapl.sys

(VC0130Afx) VC130 Audio FX [On_Demand | Stopped]
[06/11/2007 01:01 AM | 00,142,656 | ---- | M] (Creative Technology Ltd.) - C:\WINDOWS\system32\drivers\C0130Afx.sys

(VC0130Aud) VC0130 Audio [On_Demand | Stopped]
[03/28/2007 01:00 AM | 00,094,976 | ---- | M] (Creative Technology Ltd.) - C:\WINDOWS\system32\drivers\C0130Aud.sys

(VC0130Dev) Live! Cam Notebook Ultra [On_Demand | Stopped]
[09/13/2007 01:01 AM | 00,690,528 | ---- | M] (Creative Technology Ltd.) - C:\WINDOWS\system32\drivers\C0130Vid.sys

(VC0130Vfx) VC0130 Video FX [On_Demand | Stopped]
[06/20/2006 01:05 AM | 00,006,912 | ---- | M] (EyePower Games Pte. Ltd.) - C:\WINDOWS\system32\drivers\C0130Vfx.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher" = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 04:06 AM | 00,040,048 | ---- | M] (Adobe Systems Incorporated)
"Broadcom Wireless Manager UI" = C:\WINDOWS\system32\WLTRAY.exe [12/11/2007 02:22 PM | 02,183,168 | ---- | M] (Dell Inc.)
"C0130Mon.exe" = C:\WINDOWS\C0130Mon.exe [10/09/2007 01:01 AM | 00,032,768 | ---- | M] (Creative Technology Ltd.)
"Dell QuickSet" = C:\Program Files\Dell\QuickSet\quickset.exe [05/14/2007 03:23 PM | 01,191,936 | ---- | M] (Dell Inc)
"dscactivate" = "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [02/13/2008 08:21 PM | 00,016,384 | ---- | M] ( )
"ECenter" = C:\Dell\E-Center\EULALauncher.exe [01/17/2008 09:41 PM | 00,017,920 | ---- | M] ( )
"eFax 4.3" = "C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R [03/06/2007 01:21 PM | 00,116,224 | ---- | M] (j2 Global Communications, Inc.)
"HostManager" = C:\Program Files\Common Files\AOL\1209522247\ee\AOLSoftware.exe [09/25/2006 08:52 PM | 00,050,736 | ---- | M] (America Online, Inc.)
"iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM | 00,267,048 | ---- | M] (Apple Inc.)
"KADxMain" = C:\WINDOWS\system32\KADxMain.exe [11/02/2006 03:05 PM | 00,282,624 | ---- | M] (Knowles Acoustics)
"NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [01/29/2008 04:14 PM | 08,491,008 | ---- | M] (NVIDIA Corporation)
"NVHotkey" = rundll32.exe nvHotkey.dll,Start [01/29/2008 04:14 PM | 00,086,016 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [01/29/2008 04:14 PM | 00,081,920 | ---- | M] (NVIDIA Corporation)
"nwiz" = nwiz.exe /installquiet [01/29/2008 04:14 PM | 01,626,112 | ---- | M] ()
"PCMService" = "C:\Program Files\Dell\MediaDirect\PCMService.exe" [11/01/2007 04:39 PM | 00,189,736 | ---- | M] (CyberLink Corp.)
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [03/28/2008 11:37 PM | 00,413,696 | ---- | M] (Apple Inc.)
"RealTray" = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [04/29/2008 08:23 PM | 00,026,112 | ---- | M] (RealNetworks, Inc.)
"SigmatelSysTrayApp" = stsystra.exe [06/06/2007 04:28 PM | 00,405,504 | ---- | M] (SigmaTel, Inc.)
"SunJavaUpdateSched" = C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [11/10/2005 02:03 PM | 00,036,975 | ---- | M] (Sun Microsystems, Inc.)
"SynTPEnh" = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [06/03/2007 03:20 PM | 00,851,968 | ---- | M] (Synaptics, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"OTScanIt" = C:\Documents and Settings\Smadar\Desktop\OTMoveIt2.exe [08/28/2008 06:22 PM | 00,291,840 | ---- | M] (OldTimer Tools)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater" = C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [03/01/2007 11:37 AM | 02,321,600 | R--- | M] (Adobe Systems Incorporated)
"AIM" = C:\Program Files\AIM\aim.exe -cnetwait.odl File not found
"AOL Fast Start" = "C:\Program Files\AOL 9.0\AOL.EXE" -b [04/18/2007 02:49 AM | 00,050,736 | ---- | M] (AOL, LLC.)
"Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/25/2008 09:23 PM | 00,443,968 | ---- | M] (Google Inc.)
"swg" = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [04/14/2008 07:52 PM | 00,068,856 | ---- | M] (Google Inc.)
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [08/30/2007 05:43 PM | 04,670,704 | ---- | M] (Yahoo! Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[04/14/2008 07:54 PM | 00,007,168 | R--- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk = C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe
[11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
[03/06/2007 01:24 PM | 00,629,248 | ---- | M] (j2 Global Communications, Inc.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe

[Smadar Startup Folder - C:\Documents and Settings\Smadar\Start Menu\Programs\Startup]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Link Helper) - [10/23/2006 12:08 AM | 00,062,080 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
HKLM CLSID: (Spybot-S&D IE Protection) - [07/07/2008 09:41 AM | 01,562,448 | ---- | M] (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [11/10/2005 02:22 PM | 00,184,423 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
HKLM CLSID: (Google Toolbar Helper) - [01/19/2007 11:55 PM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar3.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
HKLM CLSID: (Google Toolbar Notifier BHO) - [05/16/2008 02:25 AM | 00,734,704 | ---- | M] (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
HKLM CLSID: (CBrowserHelperObject Object) - [11/09/2006 10:56 AM | 00,098,304 | ---- | M] (Dell Inc.) C:\Program Files\Dell\BAE\BAE.dll

========== Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/19/2007 11:55 PM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar3.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/19/2007 11:55 PM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar3.dll

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

========== AppInit_Dlls ==========

========== HKLM Security Providers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders]
"msapsspc.dll schannel.dll digest.dll msnsspc.dll" - File not found

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [06/13/2007 06:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [08/04/2004 06:00 AM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [08/04/2004 06:00 AM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [08/04/2004 06:00 AM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!


========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "My Current Home Page"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========
Unable to open key or key not present!


========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[08/10/2004 02:04 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29ea398e-2ad9-11dd-8bf0-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a7b6cb4-3bd2-11dd-8bf4-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91c4bd1e-165c-11dd-8bee-00038a000015}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{A5E39255-C67D-4D32-8EBC-56E6A0170D73}]
Servers: | Description: Broadcom 440x 10/100 Integrated Controller

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{AC0F55B3-0002-495A-82AB-3AA281CD9718}]
Servers: | Description:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{BC3494E5-2B32-4772-9242-513062F39CB8}]
Servers: | Description: 1394 Net Adapter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{EF7CAD86-B783-4498-9B48-E9F6455216EE}]
Servers: | Description: Dell Wireless 1395 WLAN Mini-Card

========== Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost



========== Files/Folders - Created Within 30 days ==========

[08/17/2008 04:04 PM | ---D | C] - C:\Live! Cam
[08/28/2008 06:23 PM | ---D | C] - C:\_OTMoveIt
[08/28/2008 06:47 PM | ---D | C] - C:\rsit
[08/28/2008 09:59 PM | ---D | C] - C:\BFU
[08/17/2008 04:16 PM | 00,006,912 | ---- | C] (EyePower Games Pte. Ltd.) - C:\WINDOWS\System32\drivers\C0130Vfx.sys
[08/17/2008 04:16 PM | 00,094,976 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\drivers\C0130Aud.sys
[08/17/2008 04:16 PM | 00,142,656 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\drivers\C0130Afx.sys
[08/17/2008 04:16 PM | 00,690,528 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\drivers\C0130Vid.sys
[08/17/2008 04:16 PM | 00,020,480 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Ext.crl
[08/17/2008 04:16 PM | 00,020,480 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Srv.exe
[08/17/2008 04:16 PM | 00,024,576 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\CtCamPin.crl
[08/17/2008 04:16 PM | 00,028,672 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Afx.dll
[08/17/2008 04:16 PM | 00,036,864 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Pin.dll
[08/17/2008 04:16 PM | 00,036,864 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\CtCamMgr.dll
[08/17/2008 04:16 PM | 00,114,779 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Hwx.dll
[08/17/2008 04:16 PM | 00,118,784 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Ext.ax
[08/17/2008 04:16 PM | 00,126,976 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Vfw.dll
[08/17/2008 04:16 PM | 00,159,744 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Cvw.crl
[08/17/2008 04:16 PM | 00,188,891 | ---- | C] () - C:\WINDOWS\System32\C0130Cvw.bff
[08/17/2008 04:16 PM | 00,331,776 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\C0130Cvw.dll
[08/17/2008 04:16 PM | 00,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) - C:\WINDOWS\System32\cximage.dll
[1 C:\WINDOWS\*.tmp files]
[08/17/2008 04:04 PM | ---D | C] - C:\WINDOWS\CtDrvInstall
[08/17/2008 04:16 PM | 00,003,286 | ---- | C] () - C:\WINDOWS\VC0130.uns
[08/17/2008 04:16 PM | 00,024,576 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\C0130Cfg.exe
[08/17/2008 04:16 PM | 00,032,768 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\C0130Mon.exe
[08/17/2008 04:16 PM | 00,090,112 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\CtDrvIns.exe
[08/28/2008 06:35 PM | ---D | C] - C:\WINDOWS\ERDNT
[08/24/2008 03:31 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[08/28/2008 10:31 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/28/2008 10:31 AM | ---D | C] - C:\Documents and Settings\Smadar\Application Data\Malwarebytes
[07/31/2008 10:43 PM | 00,113,210 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\AlmostLikeBeingThere.bmp
[08/01/2008 01:20 AM | 04,148,975 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\ponte.wmv
[08/01/2008 12:49 PM | 01,511,880 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\whenulove-ushareeverything.wmv
[08/02/2008 08:19 PM | 00,042,128 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\0621081106.jpg
[08/02/2008 08:20 PM | 00,044,294 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\0621081304.jpg
[08/03/2008 08:22 PM | 06,845,858 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Cãoaovolante.wmv
[08/03/2008 08:28 PM | 00,979,326 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\blamethetv.wmv
[08/05/2008 06:51 PM | 02,374,144 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\crackedpot.pps
[08/05/2008 08:32 PM | 00,196,289 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\IMG_9603.zip
[08/05/2008 08:32 PM | ---D | C] - C:\Documents and Settings\Smadar\My Documents\IMG_9603
[08/05/2008 08:33 PM | 00,507,497 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\IMG_9808.zip
[08/05/2008 08:33 PM | ---D | C] - C:\Documents and Settings\Smadar\My Documents\IMG_9808
[08/05/2008 10:26 PM | 07,061,870 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Theadventuresofseniors.wmv
[08/08/2008 06:06 PM | 03,303,936 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\GazaSynagogues.pps
[08/11/2008 10:56 PM | 00,047,784 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\image001.jpg
[08/12/2008 05:18 PM | 00,054,696 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\0812081646.jpg
[08/13/2008 08:59 PM | 05,307,250 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\allesgehtschief.wmv
[08/14/2008 09:00 PM | 02,948,899 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\080723_WEB_PornoPhone.mp3
[08/14/2008 10:05 AM | 00,572,838 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\JEWISHFO.zip
[08/14/2008 10:05 AM | ---D | C] - C:\Documents and Settings\Smadar\My Documents\JEWISHFO
[08/14/2008 10:34 PM | 00,041,722 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\0814082232.jpg
[08/14/2008 10:34 PM | 00,054,594 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\0814082231.jpg
[08/14/2008 10:35 PM | 00,055,856 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\0814082233.jpg
[08/18/2008 04:00 PM | 00,140,989 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\MedicalFormC-PhysicalExam.pdf
[08/18/2008 06:59 PM | 00,315,946 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\ATT000221.zip
[08/18/2008 06:59 PM | ---D | C] - C:\Documents and Settings\Smadar\My Documents\ATT000221
[08/18/2008 07:47 PM | 00,014,543 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\tzitsis.jpg
[08/18/2008 08:05 PM | 01,029,440 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\hurra13.wmv
[08/18/2008 08:06 PM | 01,429,591 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Heinzad.wmv
[08/18/2008 08:16 PM | 03,816,283 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\___________ __________.wmv
[08/19/2008 10:04 PM | 00,555,008 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Nursing_Home_Plan.pps
[08/21/2008 01:56 PM | 00,062,533 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\n52600200_30524087_249[1].jpg
[08/22/2008 06:22 PM | 00,048,091 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\GossipGirlMainTheme.mp3
[08/22/2008 06:31 PM | 00,133,956 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\HebrewEyalGolan-YafaSheli.mp3
[08/25/2008 10:53 AM | 00,185,783 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Handlebars-Flobots.mp3
[08/25/2008 11:35 AM | 00,007,369 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\GYMANNOUNCEMENT8-25-08.zip
[08/25/2008 11:35 AM | ---D | C] - C:\Documents and Settings\Smadar\My Documents\GYMANNOUNCEMENT8-25-08
[08/26/2008 07:31 PM | 00,487,486 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\HeinzMicrowave.wmv
[08/26/2008 10:05 PM | 04,744,547 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\AmerGotTalent9.wmv
[08/26/2008 10:44 AM | 00,024,003 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\bat yam classes form schedule 1.docm
[08/26/2008 10:45 AM | 00,023,993 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\bat yam classes form schedule 1.docx
[08/28/2008 04:32 PM | 00,793,208 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Hallock_Bedrm2.zip
[08/28/2008 04:32 PM | ---D | C] - C:\Documents and Settings\Smadar\My Documents\Hallock_Bedrm2
[08/28/2008 04:54 PM | 00,060,479 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\DRlightsdimensions.jpg
[08/28/2008 06:38 PM | 00,000,932 | ---- | C] () - C:\Documents and Settings\Smadar\My Documents\Fix.reg
[08/28/2008 10:31 AM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/17/2008 04:04 PM | 12,969,464 | ---- | C] (Creative Technology Ltd) - C:\Documents and Settings\Smadar\Desktop\LCNP_0400_PCAVFX_US_1_02_02.exe
[08/17/2008 04:16 PM | 13,082,560 | ---- | C] (Creative Technology Ltd) - C:\Documents and Settings\Smadar\Desktop\LCNU_0130_PCAVFX_US_1_03_03.exe
[08/18/2008 10:31 PM | 02,240,178 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\Nikkfurie - Thé à la menthe.mp3
[08/19/2008 11:02 AM | 00,114,416 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\AMillie.mp3
[08/19/2008 11:11 AM | 00,185,992 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\IPutOn.mp3
[08/19/2008 11:15 AM | 00,114,416 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\LollipopPart4.mp3
[08/22/2008 10:47 PM | 00,051,630 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\tali zack.jpg
[08/22/2008 10:55 PM | 00,094,789 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\michali.jpg
[08/22/2008 10:56 PM | 00,063,831 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\mich tali.jpg
[08/22/2008 10:57 PM | 00,083,596 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\michruthie.jpg
[08/24/2008 03:30 PM | 15,083,520 | ---- | C] (Safer Networking Limited ) - C:\Documents and Settings\Smadar\Desktop\spybotsd160.exe
[08/24/2008 03:31 PM | 00,000,933 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\Spybot - Search & Destroy.lnk
[08/25/2008 10:52 AM | 00,000,919 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\Shortcut to Handlebars-Flobots.lnk
[08/26/2008 10:45 AM | 00,024,005 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\bat yam classes form schedule 1-1.docm
[08/28/2008 06:33 PM | 00,791,393 | ---- | C] (Lars Hederer ) - C:\Documents and Settings\Smadar\Desktop\erunt-setup.exe
[08/28/2008 06:34 PM | 00,000,592 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\ERUNT.lnk
[08/28/2008 06:34 PM | 00,000,611 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\NTREGOPT.lnk
[08/28/2008 06:47 PM | 00,304,189 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\RSIT.exe
[08/28/2008 09:59 PM | 00,078,686 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\bfu.zip
[08/28/2008 09:59 PM | ---D | C] - C:\Documents and Settings\Smadar\Desktop\bfu
[08/28/2008 11:17 AM | 00,001,734 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\HijackThis.lnk
[08/29/2008 11:12 AM | 00,086,760 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\0829081107.jpg
[08/29/2008 11:18 AM | 00,000,164 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\Fix.reg
[08/29/2008 12:15 AM | 03,200,836 | ---- | C] () - C:\Documents and Settings\Smadar\Desktop\63 Boyz-Bama Anthem.mp3
[08/17/2008 04:17 PM | ---D | C] - C:\Program Files\Common Files\InstallShield
[08/17/2008 04:17 PM | ---D | C] - C:\Program Files\Creative
[08/24/2008 03:31 PM | ---D | C] - C:\Program Files\Spybot - Search & Destroy
[08/28/2008 06:34 PM | ---D | C] - C:\Program Files\ERUNT
[08/28/2008 10:31 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
[08/28/2008 11:17 AM | ---D | C] - C:\Program Files\Trend Micro

========== Files/Folders - Modified Within 30 days ==========

[08/28/2008 10:58 AM | 21,454,27456 | -HS- | M] () - C:\hiberfil.sys
[1 C:\WINDOWS\System32\*.tmp files]
[08/28/2008 10:58 AM | 00,162,728 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[08/28/2008 10:59 AM | 00,041,382 | ---- | M] () - C:\WINDOWS\System32\nvModes.001
[1 C:\WINDOWS\*.tmp files]
[08/28/2008 10:58 AM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[08/28/2008 10:59 AM | 00,000,582 | ---- | M] () - C:\WINDOWS\win.ini
[08/28/2008 10:59 AM | 00,054,156 | -H-- | M] () - C:\WINDOWS\QTFont.qfn
[08/25/2008 09:18 PM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/28/2008 10:58 AM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[08/26/2008 10:45 AM | 00,001,908 | ---- | M] () - C:\Documents and Settings\Smadar\Application Data\wklnhst.dat
[08/26/2008 10:43 AM | 00,034,192 | ---- | M] () - C:\Documents and Settings\Smadar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[08/29/2008 11:09 AM | 00,058,368 | ---- | M] () - C:\Documents and Settings\Smadar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07/31/2008 10:43 PM | 00,113,210 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\AlmostLikeBeingThere.bmp
[08/01/2008 01:20 AM | 04,148,975 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\ponte.wmv
[08/01/2008 12:49 PM | 01,511,880 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\whenulove-ushareeverything.wmv
[08/02/2008 08:19 PM | 00,042,128 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\0621081106.jpg
[08/02/2008 08:20 PM | 00,044,294 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\0621081304.jpg
[08/03/2008 08:22 PM | 06,845,858 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Cãoaovolante.wmv
[08/03/2008 08:28 PM | 00,979,326 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\blamethetv.wmv
[08/05/2008 06:52 PM | 02,374,144 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\crackedpot.pps
[08/05/2008 08:32 PM | 00,196,289 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\IMG_9603.zip
[08/05/2008 08:33 PM | 00,507,497 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\IMG_9808.zip
[08/05/2008 10:26 PM | 07,061,870 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Theadventuresofseniors.wmv
[08/08/2008 06:06 PM | 03,303,936 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\GazaSynagogues.pps
[08/11/2008 10:56 PM | 00,047,784 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\image001.jpg
[08/12/2008 05:18 PM | 00,054,696 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\0812081646.jpg
[08/13/2008 08:59 PM | 05,307,250 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\allesgehtschief.wmv
[08/14/2008 09:00 PM | 02,948,899 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\080723_WEB_PornoPhone.mp3
[08/14/2008 10:05 AM | 00,572,838 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\JEWISHFO.zip
[08/14/2008 10:34 PM | 00,041,722 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\0814082232.jpg
[08/14/2008 10:34 PM | 00,054,594 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\0814082231.jpg
[08/14/2008 10:35 PM | 00,055,856 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\0814082233.jpg
[08/18/2008 02:04 PM | 00,068,452 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Inv_1520_from_HALLOCK_DESIG.pdf
[08/18/2008 04:00 PM | 00,140,989 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\MedicalFormC-PhysicalExam.pdf
[08/18/2008 06:59 PM | 00,315,946 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\ATT000221.zip
[08/18/2008 07:47 PM | 00,014,543 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\tzitsis.jpg
[08/18/2008 08:05 PM | 01,029,440 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\hurra13.wmv
[08/18/2008 08:06 PM | 01,429,591 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Heinzad.wmv
[08/18/2008 08:16 PM | 03,816,283 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\___________ __________.wmv
[08/19/2008 10:04 PM | 00,555,008 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Nursing_Home_Plan.pps
[08/21/2008 01:56 PM | 00,062,533 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\n52600200_30524087_249[1].jpg
[08/22/2008 06:17 PM | 00,048,091 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\GossipGirlMainTheme.mp3
[08/22/2008 06:31 PM | 00,133,956 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\HebrewEyalGolan-YafaSheli.mp3
[08/25/2008 10:51 AM | 00,185,783 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Handlebars-Flobots.mp3
[08/25/2008 11:35 AM | 00,007,369 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\GYMANNOUNCEMENT8-25-08.zip
[08/26/2008 07:31 PM | 00,487,486 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\HeinzMicrowave.wmv
[08/26/2008 10:06 PM | 04,744,547 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\AmerGotTalent9.wmv
[08/26/2008 10:44 AM | 00,024,003 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\bat yam classes form schedule 1.docm
[08/26/2008 10:45 AM | 00,023,993 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\bat yam classes form schedule 1.docx
[08/28/2008 04:32 PM | 00,793,208 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Hallock_Bedrm2.zip
[08/28/2008 04:54 PM | 00,060,479 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\DRlightsdimensions.jpg
[08/28/2008 06:38 PM | 00,000,932 | ---- | M] () - C:\Documents and Settings\Smadar\My Documents\Fix.reg
[08/28/2008 10:31 AM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/17/2008 04:04 PM | 12,969,464 | ---- | M] (Creative Technology Ltd) - C:\Documents and Settings\Smadar\Desktop\LCNP_0400_PCAVFX_US_1_02_02.exe
[08/17/2008 04:16 PM | 13,082,560 | ---- | M] (Creative Technology Ltd) - C:\Documents and Settings\Smadar\Desktop\LCNU_0130_PCAVFX_US_1_03_03.exe
[08/18/2008 10:31 PM | 02,240,178 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\Nikkfurie - Thé à la menthe.mp3
[08/19/2008 11:02 AM | 00,114,416 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\AMillie.mp3
[08/19/2008 11:11 AM | 00,185,992 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\IPutOn.mp3
[08/19/2008 11:15 AM | 00,114,416 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\LollipopPart4.mp3
[08/22/2008 10:47 PM | 00,051,630 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\tali zack.jpg
[08/22/2008 10:55 PM | 00,094,789 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\michali.jpg
[08/22/2008 10:56 PM | 00,063,831 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\mich tali.jpg
[08/22/2008 10:57 PM | 00,083,596 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\michruthie.jpg
[08/24/2008 03:30 PM | 15,083,520 | ---- | M] (Safer Networking Limited ) - C:\Documents and Settings\Smadar\Desktop\spybotsd160.exe
[08/24/2008 03:31 PM | 00,000,933 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\Spybot - Search & Destroy.lnk
[08/25/2008 10:52 AM | 00,000,919 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\Shortcut to Handlebars-Flobots.lnk
[08/26/2008 10:45 AM | 00,024,005 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\bat yam classes form schedule 1-1.docm
[08/28/2008 06:33 PM | 00,791,393 | ---- | M] (Lars Hederer ) - C:\Documents and Settings\Smadar\Desktop\erunt-setup.exe
[08/28/2008 06:34 PM | 00,000,592 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\ERUNT.lnk
[08/28/2008 06:34 PM | 00,000,611 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\NTREGOPT.lnk
[08/28/2008 06:47 PM | 00,304,189 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\RSIT.exe
[08/28/2008 09:59 PM | 00,078,686 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\bfu.zip
[08/28/2008 11:17 AM | 00,001,734 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\HijackThis.lnk
[08/29/2008 11:12 AM | 00,086,760 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\0829081107.jpg
[08/29/2008 11:18 AM | 00,000,164 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\Fix.reg
[08/29/2008 12:15 AM | 03,200,836 | ---- | M] () - C:\Documents and Settings\Smadar\Desktop\63 Boyz-Bama Anthem.mp3
[08/28/2008 10:59 AM | 00,002,333 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk

< End of report >

OTViewIt Extras logfile created on: 8/29/2008 11:19:59 AM - Run 1
OTViewIt by OldTimer - Version 1.0.1.1 Folder = C:\Documents and Settings\Smadar\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.45% Memory free
3.85 Gb Paging File | 3.34 Gb Available in Paging File | 86.86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.95 Gb Total Space | 54.13 Gb Free Space | 75.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 06:00 AM | 00,140,800 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 06:00 AM | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Dell\MediaDirect\PCMService.exe" = C:\Program Files\Dell\MediaDirect\PCMService.exe [11/01/2007 04:39 PM | 00,189,736 | ---- | M] (CyberLink Corp.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe [08/01/2006 03:35 PM | 00,067,112 | ---- | M] (America Online, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [08/30/2007 05:43 PM | 04,670,704 | ---- | M] (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe [08/30/2007 05:43 PM | 00,091,376 | ---- | M] (Yahoo! Inc.)
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe [10/23/2006 08:50 AM | 00,071,216 | R--- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe [10/23/2006 08:50 AM | 00,046,640 | R--- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\1209522247\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1209522247\ee\aolsoftware.exe [09/25/2006 08:52 PM | 00,050,736 | ---- | M] (America Online, Inc.)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe [04/18/2007 02:49 AM | 00,039,472 | ---- | M] (AOL, LLC.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe [04/02/2007 08:33 AM | 00,063,120 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe [07/11/2005 05:35 PM | 00,011,352 | ---- | M] (America Online, Inc.)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe [01/10/2007 04:40 PM | 00,161,328 | ---- | M] (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe [07/24/2007 03:17 PM | 00,229,376 | ---- | M] (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe [03/30/2008 10:36 AM | 20,638,504 | ---- | M] (Apple Inc.)
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe [05/25/2007 12:39 PM | 00,964,144 | ---- | M] (SingleClick Systems)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - File not found -
.cmd [@ = cmdfile] - File not found -
.com [@ = comfile] - File not found -
.exe [@ = exefile] - File not found -
.pif [@ = piffile] - File not found -
.scr [@ = scrfile] - File not found -

========== Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - [07/24/2007 03:17 PM | 00,147,456 | ---- | M] (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


========== HKEY_CURRENT_USER Protocol Defaults ==========


========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0240BDFB-2995-4A3F-8C96-18D41282B716}" = Dell Network Assistant
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}" = MSXML 6.0 Parser (KB933579)
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3663F2-A699-4295-90E7-3644B667E587}" = SHG Installation
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B3076A28-345A-4d89-90A3-B68866C0DFB8}" = eFax Messenger 4.3
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370}" = IntelliSonic Speech Enhancement
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced Video FX Engine" = Advanced Video FX Engine
"AIM Ad Hack_is1" = AIM Ad Hack
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AolCoach" = AOL Coach Version 1.0(Build:20020929.1)
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative VC0130" = Creative Live! Cam Notebook Ultra Driver (1.03.03.00)
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"KB835221WXP" = High Definition Audio Driver Package - KB835221
"KB873339" = Windows XP Hotfix - KB873339
"KB885250" = Windows XP Hotfix - KB885250
"KB885835" = Windows XP Hotfix - KB885835
"KB885855" = Windows XP Hotfix - KB885855
"KB887472" = Windows XP Hotfix - KB887472
"KB889673" = Windows XP Hotfix - KB889673
"KB891781" = Windows XP Hotfix - KB891781
"KB893803v2" = Windows Installer 3.1 (KB893803)
"KB896256" = Update for Windows XP (KB896256)
"KB896358" = Security Update for Windows XP (KB896358)
"KB896423" = Security Update for Windows XP (KB896423)
"KB899588" = Security Update for Windows XP (KB899588)
"KB899591" = Security Update for Windows XP (KB899591)
"KB901214" = Security Update for Windows XP (KB901214)
"KB904706" = Security Update for Windows XP (KB904706)
"KB906569" = Hotfix for Windows XP (KB906569)
"KB908519" = Security Update for Windows XP (KB908519)
"KB908531" = Security Update for Windows XP (KB908531)
"KB908673" = Hotfix for Windows XP (KB908673)
"KB909095" = Hotfix for Windows XP (KB909095)
"KB911562" = Security Update for Windows XP (KB911562)
"KB911564" = Security Update for Windows Media Player (KB911564)
"KB912945" = Update for Windows XP (KB912945)
"KB914388" = Security Update for Windows XP (KB914388)
"KB915865" = Hotfix for Windows XP (KB915865)
"KB917344" = Security Update for Windows XP (KB917344)
"KB917422" = Security Update for Windows XP (KB917422)
"KB918118" = Security Update for Windows XP (KB918118)
"KB918439" = Security Update for Windows XP (KB918439)
"KB919007" = Security Update for Windows XP (KB919007)
"KB920213" = Security Update for Windows XP (KB920213)
"KB920670" = Security Update for Windows XP (KB920670)
"KB920683" = Security Update for Windows XP (KB920683)
"KB920685" = Security Update for Windows XP (KB920685)
"KB921503" = Security Update for Windows XP (KB921503)
"KB923191" = Security Update for Windows XP (KB923191)
"KB923414" = Security Update for Windows XP (KB923414)
"KB923689" = Security Update for Windows XP (KB923689)
"KB924191" = Security Update for Windows XP (KB924191)
"KB924270" = Security Update for Windows XP (KB924270)
"KB924496" = Security Update for Windows XP (KB924496)
"KB924667" = Security Update for Windows XP (KB924667)
"KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
"KB925902" = Security Update for Windows XP (KB925902)
"KB926255" = Security Update for Windows XP (KB926255)
"KB926436" = Security Update for Windows XP (KB926436)
"KB927802" = Security Update for Windows XP (KB927802)
"KB928255" = Security Update for Windows XP (KB928255)
"KB928843" = Security Update for Windows XP (KB928843)
"KB929123" = Security Update for Windows XP (KB929123)
"KB930178" = Security Update for Windows XP (KB930178)
"KB931261" = Security Update for Windows XP (KB931261)
"KB931784" = Security Update for Windows XP (KB931784)
"KB932168" = Security Update for Windows XP (KB932168)
"KB933360" = Update for Windows XP (KB933360)
"KB933729" = Security Update for Windows XP (KB933729)
"KB934428-v2" = Hotfix for Windows XP (KB934428-v2)
"KB935448" = Hotfix for Windows XP (KB935448)
"KB935839" = Security Update for Windows XP (KB935839)
"KB935840" = Security Update for Windows XP (KB935840)
"KB936021" = Security Update for Windows XP (KB936021)
"KB936357" = Update for Windows XP (KB936357)
"KB936782_WMP9" = Security Update for Windows Media Player 9 (KB936782)
"KB937930" = Hotfix for Windows XP (KB937930)
"KB938127" = Security Update for Windows XP (KB938127)
"KB938828" = Update for Windows XP (KB938828)
"KB938829" = Security Update for Windows XP (KB938829)
"KB941202" = Security Update for Windows XP (KB941202)
"KB941568" = Security Update for Windows XP (KB941568)
"KB941644" = Security Update for Windows XP (KB941644)
"KB942615" = Security Update for Windows XP (KB942615)
"KB942763" = Update for Windows XP (KB942763)
"KB943460" = Security Update for Windows XP (KB943460)
"KB943485" = Security Update for Windows XP (KB943485)
"KB944653" = Security Update for Windows XP (KB944653)
"KB946627" = Update for Windows XP (KB946627)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (2.0.0.16)" = Mozilla Firefox (2.0.0.16)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"RealPlayer 6.0" = RealPlayer Basic
"SearchAssist" = SearchAssist
"SynTPDeinstKey" = Dell Touchpad
"World Gaming Center_is1" = World Gaming Center Version 2.1.2
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========


========== Event Log Errors ==========

[ Application Events ]

[ System Events ]

System - Error - 8/24/2008 1:38:44 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 1:53:33 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 1:53:34 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 1:53:34 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:08:24 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:08:25 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:08:25 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:23:08 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:23:09 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:23:09 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:37:53 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:37:54 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:37:54 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:52:38 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:52:39 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 2:52:39 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:07:22 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:07:23 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:07:23 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:22:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:22:07 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:22:07 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:36:52 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:36:53 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:36:53 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:51:38 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:51:39 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 3:51:39 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:06:30 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:06:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:06:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:21:20 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:21:21 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:21:21 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:36:09 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:36:10 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:36:10 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:51:00 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:51:02 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 4:51:02 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:05:51 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:05:53 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:05:53 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:07:56 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/24/2008 5:20:42 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:20:44 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:20:44 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:35:29 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:35:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:35:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:50:16 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:50:18 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 5:50:18 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:05:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:05:08 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:05:08 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:20:04 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:20:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:20:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:34:49 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:34:51 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:34:51 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:49:40 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:49:42 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 6:49:42 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:04:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:04:33 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:04:33 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:19:21 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:19:23 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:34:13 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:34:15 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:49:05 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 7:49:07 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:03:51 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:03:53 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:18:43 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:18:45 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:18:45 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:33:29 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:33:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:33:31 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:48:14 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:48:16 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 8:48:16 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:03:05 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:03:07 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:03:07 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:17:55 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:17:57 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:17:57 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:32:46 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:32:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:32:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:47:36 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:47:38 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 9:47:38 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:02:27 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:02:29 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:02:29 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:17:18 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:17:20 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:17:20 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:32:10 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:32:12 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:32:12 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:46:56 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:46:58 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 10:46:58 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:01:46 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:01:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:01:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:16:32 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:16:34 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:16:34 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:31:24 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:31:26 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:31:27 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:46:13 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:46:16 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/24/2008 11:46:16 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:01:02 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:01:04 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:01:04 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:15:47 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:15:49 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:15:49 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:30:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:30:36 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:30:36 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:45:20 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:45:22 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:45:22 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:54:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 1:00:14 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:00:16 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:00:16 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:15:00 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:15:02 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:15:02 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:29:54 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:29:54 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:44:43 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:44:45 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:44:45 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:58:16 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 1223Your computer will continue to try and obtain an address on i
ts own fromthe network address (DHCP) server

System - Error - 8/25/2008 1:59:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:59:36 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:59:36 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:12:18 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 2:14:30 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:14:32 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:14:32 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:24:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 1223Your computer will continue to try and obtain an address on i
ts own fromthe network address (DHCP) server

System - Error - 8/25/2008 2:26:41 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 2:29:23 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:29:25 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:29:25 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:39:23 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 2:44:10 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:44:12 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:44:12 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:59:02 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:59:04 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:59:04 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:13:48 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:13:50 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:13:50 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:23:19 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 3:28:42 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:28:44 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:28:44 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:43:32 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:43:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:43:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:58:17 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:58:19 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:58:19 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:13:07 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:13:09 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:13:09 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:27:52 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:27:54 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:27:54 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:40:26 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 4:42:44 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:42:46 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:42:46 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:57:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:57:36 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 4:57:36 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:12:25 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:12:27 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:12:27 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:27:16 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:27:18 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:27:18 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:42:06 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:42:08 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:42:08 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:56:56 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:56:58 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 5:56:58 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:11:46 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:11:48 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:11:48 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:19:54 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = Dhcp
Description = Your computer was not assigned an address from the network (by the
DHCPServer) for the Network Card with network address 001644BD3063 The following
erroroccurred 121Your computer will continue to try and obtain an address on its
own fromthe network address (DHCP) server

System - Error - 8/25/2008 6:26:31 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:26:33 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:26:33 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:41:16 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:41:18 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:41:18 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:56:01 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:56:03 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 6:56:03 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:10:47 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:10:49 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:10:49 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:25:32 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:25:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:25:34 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:40:17 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:40:19 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:40:20 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:55:02 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:55:04 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 7:55:05 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:09:49 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:09:51 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:09:51 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:24:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:24:37 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:24:37 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:39:22 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:39:24 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:39:24 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:54:11 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:54:13 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 8:54:13 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:09:07 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:09:09 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:09:09 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:23:54 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:23:56 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:23:56 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:38:41 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:38:43 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:38:43 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:53:33 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:53:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 9:53:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:08:24 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:08:26 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:08:26 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:23:21 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:23:23 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:23:23 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:38:12 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:38:14 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:38:14 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:53:04 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:53:06 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 10:53:06 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:07:56 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:07:58 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:07:58 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:22:42 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:22:44 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:22:44 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:37:33 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:37:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:37:35 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:52:23 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:52:25 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 11:52:25 AM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:07:13 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:07:15 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:07:15 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:22:04 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:22:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:22:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:36:55 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:36:57 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:36:57 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:51:46 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:51:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 12:51:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:06:37 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:06:39 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:06:39 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:21:25 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:21:27 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:21:27 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:36:12 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:36:14 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:36:14 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:51:04 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:51:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 1:51:06 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:05:55 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:05:57 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:05:57 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:20:46 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:20:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:20:48 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:35:36 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:35:38 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:35:38 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:50:28 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:50:30 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 2:50:30 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:05:20 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:05:22 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:05:22 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

System - Error - 8/25/2008 3:20:11 PM - Computer Name = SHERRYBROOKLYN - User Name = (blank) - Source = NetBT
Description =

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:28:53 AM, on 8/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
C:\WINDOWS\C0130Mon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\Common Files\AOL\1209522247\ee\aolsoftware.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080415
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1209522247\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [eFax 4.3] "C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [C0130Mon.exe] C:\WINDOWS\C0130Mon.exe
O4 - HKLM\..\RunOnce: [OTScanIt] C:\Documents and Settings\Smadar\Desktop\OTMoveIt2.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - http://fpdownload2.m...ash/swflash.cab
O18 - Filter hijack: text/html - {687bf2ff-b79f-495b-a2b1-74a587cb09e0} - C:\WINDOWS\system32\iehlpr32.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8466 bytes

Hi there

While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.

• Open Spybot Search & Destroy.
• In the Mode menu click "Advanced mode" if not already selected.
• Choose "Yes" at the Warning prompt.
• Expand the "Tools" menu.
• Click "Resident".
• Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
• In the File menu click "Exit" to exit Spybot Search & Destroy.

Now,

Uninstall Hijack This v2.00.2 from add or remove programs.

Please download this version of Hijack This https://ssl.perfora..../HijackThis.exe

Please open HijackThis again and choose "Do a system scan only". Please put a check next to each of the following entries (if still present):

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\RunOnce: [OTScanIt] C:\Documents and Settings\Smadar\Desktop\OTMoveIt2.exe
O18 - Filter hijack: text/html - {687bf2ff-b79f-495b-a2b1-74a587cb09e0} - C:\WINDOWS\system32\iehlpr32.dll

Now please close all open windows except HJT and press "Fix checked".

Also, please look in C:\windows\system32 and tell me if the file iehlpr32.dll is present, if so see if you can delete it.
You may need to show hidden files, which you can do by following the instructions found here.

Then,

Download the latest version of Java Runtime Environment (JRE) 6 Update 7. Once done, uninstall any older versions of Java through add or remove programs.

Go to Kaspersky website and perform an online antivirus scan.

• Read through the requirements and privacy statement and click on Accept button.
• It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
• When the downloads have finished, click on Settings.
• Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
  • Spyware, Adware, Dialers, and other potentially dangerous programs
    Archives
    Mail databases
• Click on My Computer under Scan.
• Once the scan is complete, it will display the results. Click on View Scan Report.
• You will see a list of infected items there. Click on Save Report As....
• Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

Post back with the kaspersky log along with a new Hijack This log please

One more thing

Can you open MalwareByte's anti-malware and look under the Quarantine tab, is a file by the name of _helper.dll present (note the underscore "_")?

Edited by Mike, 29 August 2008 - 10:37 AM.

Can you open MalwareByte's anti-malware and look under the Quarantine tab, is a file by the name of _helper.dll present (note the underscore "_")?


Yes there is.

Also, please look in C:\windows\system32 and tell me if the file iehlpr32.dll is present

not present