I have completed all the steps / scans in the topic "Malware and Spyware Cleaning Guide, Please read before starting a new topic"
Rooter log -----------------------------------------------------------------
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
C:\ [Fixed] - NTFS - (Total:183868 Mo/Free:2840 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Network] (Total:0 Mo/Free:0 Mo)
J:\ [Network] (Total:0 Mo/Free:0 Mo)
K:\ [Network] (Total:0 Mo/Free:0 Mo)
M:\ [Network] (Total:0 Mo/Free:0 Mo)
P:\ [Network] (Total:0 Mo/Free:0 Mo)
S:\ [Network] (Total:0 Mo/Free:0 Mo)
T:\ [Network] (Total:0 Mo/Free:0 Mo)
V:\ [Network] (Total:0 Mo/Free:0 Mo)
X:\ [Network] (Total:0 Mo/Free:0 Mo)
Y:\ [Network] (Total:0 Mo/Free:0 Mo)
Mon 04/13/2009|20:28
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
---------- C:\Program Files\ROC\Output Management\EasyClient\ezcserv.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
---------- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
---------- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
---------- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
---------- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\Program Files\Common Files\Objectif Lune\PlanetPress Suite 6\Messenger\MessengerService.exe
---------- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
---------- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
---------- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
---------- C:\WINDOWS\system32\STacSV.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Webroot\Client\commagent.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe
---------- C:\Program Files\Webroot\Client\spysweeper.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\WINDOWS\OEM02Mon.exe
---------- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Program Files\Dell\QuickSet\quickset.exe
---------- C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
---------- C:\WINDOWS\system32\WLTRAY.exe
---------- C:\WINDOWS\stsystra.exe
---------- C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
---------- C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
---------- C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
---------- C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
---------- C:\WINDOWS\system32\KADxMain.exe
---------- C:\Program Files\Dell\MediaDirect\PCMService.exe
---------- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
---------- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
---------- C:\Program Files\Webroot\Client\SpySweeperUI.exe
---------- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
---------- C:\Program Files\McAfee\Common Framework\udaterui.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\McAfee\Common Framework\McTray.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
---------- C:\Program Files\Symantec\Mobile Essentials\nme.exe
---------- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
---------- C:\Program Files\WinZip\WZQKPICK.EXE
---------- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
---------- C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
---------- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
---------- C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - Mon 04/13/2009|20:28
----------------------\\ Scan completed at 20:28
OTListIt ----------------------------------------------------------------------------
OTListIt logfile created on: 4/13/2009 8:42:24 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\mas.MIS\My Documents\My Received Files
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.14% Memory free
3.85 Gb Paging File | 3.21 Gb Available in Paging File | 83.34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.56 Gb Total Space | 54.77 Gb Free Space | 30.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MASLAPTOPXPS
Current User Name: MAS
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\ROC\Output Management\EasyClient\ezcserv.exe ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Dell Inc.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Objectif Lune\PlanetPress Suite 6\Messenger\MessengerService.exe (Objectif Lune Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\STacSV.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Webroot\Client\commagent.exe (Webroot Software, Inc.)
PRC - C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe (VERITAS Software Corporation)
PRC - C:\Program Files\Webroot\Client\spysweeper.exe (Webroot Software, Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\WINDOWS\system32\WLTRAY.exe (Dell Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe (Logitech Inc.)
PRC - C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Webroot\Client\SpySweeperUI.exe (Webroot Software, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Symantec\Mobile Essentials\nme.exe ()
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe (Sprint)
PRC - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe (PCTEL)
PRC - C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe (Sierra Wireless, Inc.)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\mas.MIS\My Documents\My Received Files\OTListIt2.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (BackupExecAgentAccelerator [Auto | Running]) -- C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe (VERITAS Software Corporation)
SRV - (BcmSqlStartupSvc [Auto | Running]) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EasyClientPrintService [Auto | Running]) -- C:\Program Files\ROC\Output Management\EasyClient\ezcserv.exe ()
SRV - (FLEXnet Licensing Service [On_Demand | Running]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (FTPPut6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\FTPPutService.exe (Objectif Lune Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (HTTP6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\HTTPService.exe (Objectif Lune Inc.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (McAfeeFramework [Unknown | Running]) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe (McAfee, Inc.)
SRV - (McTaskManager [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ [On_Demand | Stopped]) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [Disabled | Stopped]) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NICCONFIGSVC [Auto | Running]) -- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Dell Inc.)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PPFax6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Fax\PPFaxService.exe (Objectif Lune Inc.)
SRV - (PPImage6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Image\PPImageService.exe (Objectif Lune Inc.)
SRV - (PPLpd6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\LPDService.exe (Objectif Lune Inc.)
SRV - (PPLpr6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\LPRService.exe (Objectif Lune Inc.)
SRV - (PPMessenger5 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Objectif Lune\PlanetPress Suite 5\Messenger\MessengerService.exe (Objectif Lune Inc.)
SRV - (PPMessenger6 [Auto | Running]) -- C:\Program Files\Common Files\Objectif Lune\PlanetPress Suite 6\Messenger\MessengerService.exe (Objectif Lune Inc.)
SRV - (PPSerial6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\SerialService.exe (Objectif Lune Inc.)
SRV - (PPTelnet6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\TelnetService.exe (Objectif Lune Inc.)
SRV - (PPWatch6 [On_Demand | Stopped]) -- C:\Program Files\PlanetPress Suite 6\PlanetPress Watch\Bin\PPWatchService.exe (Objectif Lune Inc.)
SRV - (RampartSvc [On_Demand | Stopped]) -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\RampartSvc.exe (SonicWALL, Inc.)
SRV - (RCConnector [On_Demand | Stopped]) -- C:\Program Files\TVNCPro\bin\connector.exe (Tridia Corporation)
SRV - (RCController [On_Demand | Stopped]) -- C:\Program Files\TVNCPro\bin\processor.exe (Tridia Corporation)
SRV - (SprintRcAppSvc [On_Demand | Running]) -- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe (PCTEL)
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (SQLBrowser [Auto | Running]) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (SQLWriter [Auto | Running]) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (STacSV [Auto | Running]) -- C:\WINDOWS\system32\STacSV.exe (SigmaTel, Inc.)
SRV - (stllssvr [On_Demand | Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (WebrootCommAgentService [Auto | Running]) -- C:\Program Files\Webroot\Client\commagent.exe (Webroot Software, Inc.)
SRV - (WebrootSpySweeperService [On_Demand | Running]) -- C:\Program Files\Webroot\Client\spysweeper.exe (Webroot Software, Inc.)
SRV - (winvnc [On_Demand | Stopped]) -- C:\Program Files\TVNCPro\bin\WinVNC.exe (Tridia Corporation)
SRV - (wltrysvc [Auto | Stopped]) -- C:\WINDOWS\System32\WLTRYSVC.EXE ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (APPDRV [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (BCM43XX [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\bcmwl5.sys (Broadcom Corp.)
DRV - (btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (BTSERIAL [Auto | Running]) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTWDNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwhid.sys (Broadcom Corporation.)
DRV - (btwmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (DXEC02 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\dxec02.sys (Knowles Acoustics)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (mfeapfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [System | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys (McAfee, Inc.)
DRV - (mfetdik [System | Running]) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (mircap [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mircap.sys (Matsushita Electric Industrial Co., Ltd.)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (mtpaudio [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mtpaudio.sys (Matsushita Electric Industrial Co., Ltd.)
DRV - (Nbf [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nbf.sys (Microsoft Corporation)
DRV - (Nmea [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\pctnullport.sys (PCTEL Inc.)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NWADI [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NWADIenum.sys (Novatel Wireless Inc)
DRV - (OEM02Afx [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\OEM02Afx.sys (Creative Technology Ltd.)
DRV - (OEM02Dev [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (OEM02Vfx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (PCASp50 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCTINDIS5 [On_Demand | Running]) -- C:\WINDOWS\system32\PCTINDIS5.SYS (PCTEL Inc.)
DRV - (physX32 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\physX32.sys (AGEIA Technologies, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (RCFOX [System | Running]) -- C:\WINDOWS\system32\Drivers\RCFOX.sys (SonicWALL, Inc.)
DRV - (rcvpn [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rcvpn.sys (SonicWALL, Inc.)
DRV - (rimmptsk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (REDC)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (rismxdp [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (REDC)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (seccap [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\seccap.sys (Matsushita Electric Industrial Co., Ltd.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (SSFS0BB9 [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSFS0BB9.SYS (Webroot Software Inc (www.webroot.com))
DRV - (SSHRMD [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSHRMD.SYS (Webroot Software Inc (www.webroot.com))
DRV - (SSIDRV [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSIDRV.SYS (Webroot Software Inc (www.webroot.com))
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (swmsflt [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\swmsflt.sys ()
DRV - (swmx00 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\swmx00.sys (Sierra Wireless Inc.)
DRV - (SWNC5E00 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys (Sierra Wireless Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080409
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...?channel=us-smb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080409
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...?channel=us-smb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/06 10:22:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/10 10:58:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/13 17:34:15 | 00,000,000 | ---D | M]
[2009/04/10 10:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mas.MIS\Application Data\mozilla\Extensions
[2009/04/10 10:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mas.MIS\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/10 10:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mas.MIS\Application Data\mozilla\Firefox\Profiles\cdm2hnxc.default\extensions
[2009/04/13 17:52:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/10 10:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/12/02 10:06:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/03/06 10:22:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/31 16:46:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/26 15:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 15:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 14:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 14:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 14:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 14:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 14:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 14:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 14:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (1063 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 205.34.101.70 Robox3.robertsoxygen.com
O1 - Hosts: 205.34.101.99 Robox1.robertsoxygen.com
O1 - Hosts: 205.34.101.14 Robox2.robertsoxygen.com
O1 - Hosts: 205.34.101.2 Commercial
O1 - Hosts: 205.34.101.3 RHM
O1 - Hosts: 205.34.101.5 Kronos
O1 - Hosts: 205.34.101.6 Robox6
O1 - Hosts: 205.34.101.7 Robox7
O1 - Hosts: 205.34.101.8 onramp
O1 - Hosts: 205.34.101.12 Imageserver2
O1 - Hosts: 205.34.120.180 Germserver
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
O4 - HKLM..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (Macrovision Corporation)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe" (Logitech Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet ()
O4 - HKLM..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE (McAfee, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a (Sprint)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WebrootClientUI] "C:\Program Files\Webroot\Client\SpySweeperUI.exe" (Webroot Software, Inc.)
O4 - HKCU..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (Macrovision Corporation)
O4 - HKCU..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (Macrovision Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Symantec Mobile Essentials.lnk = C:\Program Files\Symantec\Mobile Essentials\nme.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O4 - Startup: C:\Documents and Settings\mas.MIS\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {0C5CF442-582B-4357-B116-765DA99CAA8C} http://205.34.101.12...t/IrcViewer.cab (CompositeView Control)
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://download.micr...20/pmupd806.exe (MSN Money Charting)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1208347017534 (MUWebControl Class)
O16 - DPF: {89F1C7A1-B54C-406D-8CD6-901D277F6388} http://205.34.101.12...rcResultSet.cab (Interactive Client Result Set Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://idsdocs.webe...bex/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = robertsoxygen.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 205.34.101.14,209.130.136.2,205.34.120.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{52910206-6FD1-4CEE-8314-2D5BF2ED1A95}\\NameServer = 205.34.101.14,209.130.136.2,205.34.120.180
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APITRAP.DLL) - C:\WINDOWS\system32\APITRAP.DLL (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\WINDOWS\system32\nmegina.dll) - C:\WINDOWS\system32\nmegina.dll ()
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNtf.DLL - C:\WINDOWS\system32\WRLogonNtf.DLL (Webroot Software, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O33 - MountPoints2\{8f885e8e-4eaa-11dd-88c7-001e4ce40060}\Shell - "" = AutoRun
O33 - MountPoints2\{8f885e8e-4eaa-11dd-88c7-001e4ce40060}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/04/13 20:32:15 | 00,193,075 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document (4).docx
[2009/04/13 20:26:11 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/13 18:02:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\mas.MIS\Application Data\Malwarebytes
[2009/04/13 18:02:21 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/13 18:02:21 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/13 18:02:18 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/13 18:02:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/13 18:02:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/13 17:58:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/13 17:57:43 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\mas.MIS\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/04/13 17:57:29 | 00,000,611 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\NTREGOPT.lnk
[2009/04/13 17:57:29 | 00,000,592 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\ERUNT.lnk
[2009/04/13 17:57:29 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/13 13:48:32 | 00,037,281 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\DENIAL OF PRIMARY CHARGES.pdf
[2009/04/13 13:46:32 | 00,037,270 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\DENIAL OF SECONDARY CHARGES.pdf
[2009/04/13 12:59:34 | 00,042,509 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\UNDERPAYMENT.pdf
[2009/04/10 13:46:20 | 00,046,080 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Issues from Demo 2009-09.doc
[2009/04/10 12:58:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\SchCache
[2009/04/10 12:40:37 | 00,000,000 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document (3).docx
[2009/04/10 12:16:06 | 00,000,035 | ---- | C] () -- C:\WINDOWS\md.sec
[2009/04/10 12:15:25 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexch35.dll
[2009/04/10 12:15:24 | 01,238,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjt4jlt.dll
[2009/04/10 12:15:24 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxbse35.dll
[2009/04/10 12:15:24 | 00,252,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexcl35.dll
[2009/04/10 12:15:24 | 00,250,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspdox35.dll
[2009/04/10 12:15:24 | 00,170,865 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2009/04/10 12:15:24 | 00,168,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msltus35.dll
[2009/04/10 12:15:24 | 00,166,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstext35.dll
[2009/04/10 12:15:24 | 00,006,902 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2009/04/10 12:15:23 | 00,415,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl35.dll
[2009/04/10 12:15:23 | 00,044,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrpfs35.dll
[2009/04/10 12:15:23 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\JETCOMP.exe
[2009/04/10 12:15:22 | 00,438,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSHFLXGD.OCX
[2009/04/10 12:15:22 | 00,238,512 | ---- | C] (ComponenetOne) -- C:\WINDOWS\System32\SizerOne.ocx
[2009/04/10 12:15:22 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX
[2009/04/10 12:15:22 | 00,103,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMM32.OCX
[2009/04/10 12:15:20 | 00,237,620 | ---- | C] (Boston Software Systems, Inc.) -- C:\WINDOWS\System32\Bss6h.dll
[2009/04/10 12:15:20 | 00,098,816 | ---- | C] () -- C:\WINDOWS\System32\MRWScript.dll
[2009/04/10 12:15:20 | 00,086,016 | ---- | C] (Sun Microsystems) -- C:\WINDOWS\System32\bss6j.dll
[2009/04/10 12:15:20 | 00,077,824 | ---- | C] (Boston Software Systems, Inc.) -- C:\WINDOWS\System32\Bss6ix.dll
[2009/04/10 12:15:20 | 00,077,824 | ---- | C] (Boston Software Systems, Inc.) -- C:\WINDOWS\System32\Bss6i.dll
[2009/04/10 12:15:20 | 00,073,728 | ---- | C] (Boston Software Systems, Inc.) -- C:\WINDOWS\System32\Bss6h1.dll
[2009/04/10 12:15:20 | 00,053,248 | ---- | C] (Boston Software Systems, Inc.) -- C:\WINDOWS\System32\Bss6s.dll
[2009/04/10 12:15:20 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\Bss6k.dll
[2009/04/10 12:15:20 | 00,003,808 | ---- | C] () -- C:\WINDOWS\System32\BSS616.DLL
[2009/04/10 12:15:18 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2009/04/10 12:15:16 | 00,000,457 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Assistant.lnk
[2009/04/10 12:15:16 | 00,000,000 | ---D | C] -- C:\MfaxProg
[2009/04/10 10:58:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\mas.MIS\Application Data\Mozilla
[2009/04/10 10:58:31 | 00,001,602 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/09 15:05:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\mas.MIS\Application Data\Reallusion
[2009/04/09 15:04:09 | 00,202,827 | ---- | C] (WebEx Communications, Inc) -- C:\WINDOWS\System32\atasnt40.dll
[2009/04/09 09:53:36 | 00,330,645 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document (2).docx
[2009/04/08 14:22:41 | 00,039,424 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\POLICY_HISTORY_CONVERSION_EXCEPTION_REPORT_OIOI_20090408.xls
[2009/04/08 14:21:41 | 00,083,968 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History Conversion Exception Report-OIOI.doc
[2009/04/08 13:38:46 | 00,162,816 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History Conversion Exception Report.doc
[2009/04/08 13:31:59 | 01,935,872 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\POLICY_HISTORY_CONVERSION_EXCEPTION_REPORT_20090408.xls
[2009/04/07 15:13:37 | 01,710,701 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\CMNS_ALL_EMDEON.pp6
[2009/04/06 12:57:45 | 00,001,734 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\HijackThis.lnk
[2009/04/06 12:57:45 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/04 14:37:17 | 00,068,608 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\dso inst revenue.xls
[2009/04/04 14:35:50 | 00,022,016 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\dsoinstar.xls
[2009/04/04 04:00:19 | 00,206,602 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\BEX04961.htm
[2009/04/03 16:19:35 | 00,000,000 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document.docx
[2009/04/03 15:15:08 | 00,008,714 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Excel Worksheet (2).xlsx
[2009/04/03 10:35:19 | 00,294,584 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\VA_INVOICE_20090403.pdf
[2009/04/02 14:24:18 | 00,122,368 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month Cap & 60 Month Useful Life 2009-04-02_raw.xls
[2009/04/02 14:13:24 | 00,104,960 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month Cap & 60 Month Useful Life 2009-04-02.xls
[2009/04/01 14:40:38 | 00,025,535 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\cmn report detail.xmod
[2009/04/01 14:24:46 | 00,049,773 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\REV008.pdf
[2009/03/31 17:36:53 | 00,000,797 | ---- | C] () -- C:\Documents and Settings\mas.MIS\Application Data\Launch Internet Explorer Browser.lnk
[2009/03/31 15:30:53 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/03/31 11:44:54 | 00,299,008 | ---- | C] (American Systems) -- C:\WINDOWS\amuninst.exe
[2009/03/30 17:53:00 | 00,105,233 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\732.pdf
[2009/03/30 17:26:37 | 00,060,810 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\job00Z8I5A7WPK7T5E6C49E9B1.pdf
[2009/03/30 17:23:49 | 00,093,047 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\job00Z8I59CIIT137F6C47042D.pdf
[2009/03/30 17:15:21 | 00,019,260 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\ARUMNEWSTART!01066635.pdf
[2009/03/30 15:22:08 | 00,020,226 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\INTAKE1.pdf
[2009/03/30 12:56:55 | 00,000,000 | ---D | C] -- C:\Program Files\American Systems
[2009/03/30 10:57:18 | 00,033,808 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\RESP_T00000320090330_104821_0._01
[2009/03/30 09:02:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/03/30 08:55:59 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/03/27 09:25:47 | 00,140,480 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Dana Newsletter 2009-03-27.pdf
[2009/03/27 07:40:41 | 06,016,000 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History 3.ppt
[2009/03/26 18:33:06 | 00,057,856 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month Cap & 60 Month Useful Life 2009-03-23.xls
[2009/03/26 18:27:37 | 02,764,288 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month HMA Documentation - Revised 20090326.doc
[2009/03/26 15:10:07 | 00,051,207 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\22.pdf
[2009/03/25 09:40:56 | 00,093,905 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\C__Documents and Settings_mas.MIS_Local Settings_Tempora.pdf
[2009/03/24 17:33:45 | 05,633,536 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History_MARKS_EDITS-COMMENTS.ppt
[2009/03/24 13:00:45 | 00,146,913 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\DEL_TICK_LC_SAMPLE.pdf
[2009/03/24 12:47:53 | 00,015,671 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\cheats-2.docx
[2009/03/23 17:27:40 | 00,064,455 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\ABN_BLANK_FILL_IN.pdf
[2009/03/23 13:46:15 | 00,045,869 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\ABN_BLANK.pdf
[2009/03/20 09:03:03 | 07,263,103 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\doc cleanup.xlsx
[2009/03/16 15:43:06 | 00,518,656 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\Copy of 2009-03-16.xls
[2009/03/16 11:01:32 | 00,018,432 | ---- | C] () -- C:\DOCUME~1\mas.MIS\Desktop\cylinder count-o2 exception report.xls
[2008/09/19 10:33:43 | 00,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[2008/09/19 10:33:41 | 00,000,709 | ---- | C] () -- C:\WINDOWS\LMAAX2DD.ini
[2008/07/17 08:50:28 | 00,002,131 | ---- | C] () -- C:\WINDOWS\pw5.ini
[2008/05/27 11:25:48 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\ezmonitor.dll
[2008/04/23 14:20:33 | 00,000,227 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/23 14:18:13 | 01,626,112 | ---- | C] () -- C:\WINDOWS\System32\myodbc5S.dll
[2008/04/22 07:28:14 | 00,000,156 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2008/04/18 17:46:36 | 01,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2008/04/16 12:03:56 | 00,052,736 | ---- | C] () -- C:\WINDOWS\System32\nmeginaalt.dll
[2008/04/16 12:03:56 | 00,052,736 | ---- | C] () -- C:\WINDOWS\System32\nmegina.dll
[2008/04/16 07:28:42 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\omnithread_rt.dll
[2008/04/09 05:39:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/04/09 05:24:23 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2008/04/09 05:10:19 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/04/09 05:10:18 | 00,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/04/09 04:40:20 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/04/09 04:40:20 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/04/09 04:40:19 | 01,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/04/09 04:40:19 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/04/09 04:40:04 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/04/09 04:38:37 | 00,001,116 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/03/05 15:41:58 | 00,024,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/06/19 09:59:36 | 00,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/04/20 08:57:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 08:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006/05/24 19:16:22 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/02/17 13:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 13:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/08/11 18:24:19 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:11:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:00:37 | 00,000,582 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/11 18:00:35 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/11/14 14:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/13 20:32:39 | 00,193,075 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document (4).docx
[2009/04/13 20:32:12 | 00,065,173 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/04/13 20:18:51 | 00,623,690 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/13 20:18:51 | 00,514,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/13 20:18:51 | 00,097,802 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/13 20:16:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/13 20:13:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/13 20:13:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/13 20:13:56 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\nmegina.test
[2009/04/13 18:02:21 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/13 17:57:43 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\mas.MIS\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/04/13 17:57:29 | 00,000,611 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\NTREGOPT.lnk
[2009/04/13 17:57:29 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\ERUNT.lnk
[2009/04/13 16:41:50 | 00,015,671 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\cheats-2.docx
[2009/04/13 13:48:32 | 00,037,281 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\DENIAL OF PRIMARY CHARGES.pdf
[2009/04/13 13:46:32 | 00,037,270 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\DENIAL OF SECONDARY CHARGES.pdf
[2009/04/13 13:28:34 | 00,002,475 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\PlanetPress Design 6.lnk
[2009/04/13 13:04:17 | 00,042,509 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\UNDERPAYMENT.pdf
[2009/04/12 16:52:49 | 00,002,521 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Microsoft Office Outlook 2007.lnk
[2009/04/10 13:54:46 | 00,046,080 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Issues from Demo 2009-09.doc
[2009/04/10 12:40:37 | 00,000,000 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document (3).docx
[2009/04/10 12:16:06 | 00,000,035 | ---- | M] () -- C:\WINDOWS\md.sec
[2009/04/10 12:15:16 | 00,000,457 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Assistant.lnk
[2009/04/10 11:43:27 | 00,330,645 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document (2).docx
[2009/04/10 10:58:31 | 00,001,602 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/09 15:04:09 | 00,202,827 | ---- | M] (WebEx Communications, Inc) -- C:\WINDOWS\System32\atasnt40.dll
[2009/04/08 14:22:42 | 00,039,424 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\POLICY_HISTORY_CONVERSION_EXCEPTION_REPORT_OIOI_20090408.xls
[2009/04/08 14:21:42 | 00,083,968 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History Conversion Exception Report-OIOI.doc
[2009/04/08 14:18:24 | 00,162,816 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History Conversion Exception Report.doc
[2009/04/08 13:31:59 | 01,935,872 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\POLICY_HISTORY_CONVERSION_EXCEPTION_REPORT_20090408.xls
[2009/04/07 20:37:10 | 06,016,000 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History 3.ppt
[2009/04/07 15:13:44 | 01,710,701 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\CMNS_ALL_EMDEON.pp6
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 12:57:45 | 00,001,734 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\HijackThis.lnk
[2009/04/04 14:37:17 | 00,068,608 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\dso inst revenue.xls
[2009/04/04 14:35:50 | 00,022,016 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\dsoinstar.xls
[2009/04/04 04:00:19 | 00,206,602 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\BEX04961.htm
[2009/04/03 16:19:35 | 00,000,000 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Word Document.docx
[2009/04/03 15:15:08 | 00,008,714 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\New Microsoft Office Excel Worksheet (2).xlsx
[2009/04/03 13:35:05 | 00,040,960 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\ME Js ME Partition.xls
[2009/04/03 10:35:19 | 00,294,584 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\VA_INVOICE_20090403.pdf
[2009/04/02 17:18:45 | 02,764,288 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month HMA Documentation - Revised 20090326.doc
[2009/04/02 17:13:57 | 00,104,960 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month Cap & 60 Month Useful Life 2009-04-02.xls
[2009/04/02 14:24:18 | 00,122,368 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month Cap & 60 Month Useful Life 2009-04-02_raw.xls
[2009/04/02 13:23:21 | 00,060,690 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\cap36b.xmod
[2009/04/01 14:24:46 | 00,049,773 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\REV008.pdf
[2009/04/01 09:53:42 | 00,002,267 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Active Directory Users and Computers.lnk
[2009/03/31 17:36:53 | 00,000,797 | ---- | M] () -- C:\Documents and Settings\mas.MIS\Application Data\Launch Internet Explorer Browser.lnk
[2009/03/31 17:31:15 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/31 15:37:43 | 00,000,074 | -HS- | M] () -- C:\DOCUME~1\mas.MIS\My Documents\desktop.ini
[2009/03/30 17:53:00 | 00,105,233 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\732.pdf
[2009/03/30 17:26:37 | 00,060,810 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\job00Z8I5A7WPK7T5E6C49E9B1.pdf
[2009/03/30 17:23:49 | 00,093,047 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\job00Z8I59CIIT137F6C47042D.pdf
[2009/03/30 17:15:21 | 00,019,260 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\ARUMNEWSTART!01066635.pdf
[2009/03/30 15:22:08 | 00,020,226 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\INTAKE1.pdf
[2009/03/30 10:57:18 | 00,033,808 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\RESP_T00000320090330_104821_0._01
[2009/03/27 09:25:47 | 00,140,480 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Dana Newsletter 2009-03-27.pdf
[2009/03/26 18:41:09 | 00,057,856 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month Cap & 60 Month Useful Life 2009-03-23.xls
[2009/03/26 16:26:53 | 02,613,760 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\36 Month HMA Documentation 2.doc
[2009/03/26 15:10:07 | 00,051,207 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\22.pdf
[2009/03/26 11:44:31 | 00,065,173 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/03/25 09:42:59 | 00,063,647 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\GERM SERVER BACK UP.xlsx
[2009/03/25 09:40:56 | 00,093,905 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\C__Documents and Settings_mas.MIS_Local Settings_Tempora.pdf
[2009/03/24 18:03:01 | 00,168,448 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\testing 2009-20-23_WHOS_DOIN_UPDATE.xls
[2009/03/24 18:02:38 | 07,263,103 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\doc cleanup.xlsx
[2009/03/24 17:33:46 | 05,633,536 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Policy History_MARKS_EDITS-COMMENTS.ppt
[2009/03/24 13:00:46 | 00,146,913 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\DEL_TICK_LC_SAMPLE.pdf
[2009/03/23 17:32:43 | 00,064,455 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\ABN_BLANK_FILL_IN.pdf
[2009/03/23 13:46:15 | 00,045,869 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\ABN_BLANK.pdf
[2009/03/20 11:58:09 | 00,062,452 | ---- | M] () -- C:\WINDOWS\System32\tsmmc.msc
[2009/03/20 11:57:47 | 00,001,730 | -H-- | M] () -- C:\DOCUME~1\mas.MIS\My Documents\Default.rdp
[2009/03/20 11:41:50 | 00,002,185 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Remote Desktops.lnk
[2009/03/19 09:25:13 | 00,007,893 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\germserver_data.xmod
[2009/03/17 13:52:26 | 00,026,112 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\WBM instructions.xls
[2009/03/17 11:37:53 | 00,518,656 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\Copy of 2009-03-16.xls
[2009/03/16 11:01:33 | 00,018,432 | ---- | M] () -- C:\DOCUME~1\mas.MIS\Desktop\cylinder count-o2 exception report.xls
[2009/03/16 08:59:31 | 00,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
< End of report >
Extras log ---------------------------------------------------------
OTListIt Extras logfile created on: 4/13/2009 8:44:14 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\mas.MIS\My Documents\My Received Files
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.14% Memory free
3.85 Gb Paging File | 3.21 Gb Available in Paging File | 83.34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.56 Gb Total Space | 54.77 Gb Free Space | 30.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MASLAPTOPXPS
Current User Name: MAS
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\FacetCorp\FacetWin\fwagent.exe:*:Enabled:FacetWin Agent (FacetCorp)
C:\Program Files\FacetCorp\FacetWin\fwt.exe:*:Enabled:fwt ()
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe:*:Enabled:beremote.exe (VERITAS Software Corporation)
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server (Yahoo! Inc.)
C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVpnClient.exe:*:Enabled:SonicWALL Global VPN Client (SonicWALL, Inc.)
C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console (Microsoft Corporation)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Panasonic\Wireless Manager ME3\WM.exe:*:Enabled:Wireless Manager GUI (Matsushita Electric Industrial Co.,LTD.)
C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer (Microsoft Corporation)
C:\ePOAgent\FrameworkService.exe:*:Enabled:McAfee Framework Service File not found
C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service (McAfee, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program (CyberLink Corp.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\FacetCorp\FacetWin\fwt.exe:*:Enabled:fwt ()
C:\Program Files\Panasonic\Wireless Manager ME3\WM.exe:*:Enabled:Wireless Manager GUI (Matsushita Electric Industrial Co.,LTD.)
C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVpnClient.exe:*:Enabled:SonicWALL Global VPN Client (SonicWALL, Inc.)
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Sprint\Sprint SmartView\SwiApiMux.exe:*:Enabled:SwiApiMux (Sierra Wireless, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0DE78325-A3DD-42CD-AF53-DF5CC35D4BFE}" = PlanetPress 5 Documentation
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
"{0FFD55FA-40CE-4B7F-9001-A06930C63FA2}" = Sprint SmartView
"{15CC2798-0A39-409C-8DD6-8B2F310EF713}" = PlanetPress Suite 6
"{177D1318-3E4B-4A7C-A300-AC4E21BE090B}" = Broadcom Management Programs
"{1AEAEC27-EA5B-11D5-9F66-0002E31CFDCB}" = TridiaVNC
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2083C8AB-1CBB-4885-A197-7F0D0145AE55}" = Assistant
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 13
"{27B3563C-561C-4924-8C0E-EA102264873F}" = Windows Server 2003 Service Pack 1 Administration Tools Pack
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0150130}" = J2SE Runtime Environment 5.0 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise
"{3BD37A69-4FA2-11D5-9F21-0001031E06E2}" = TridiaVNC Pro
"{3E33367C-4B87-4286-9E98-EDCF2F26CBE8}" = Monarch Pro 9.01
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53648F92-1CC5-22D2-A6DF-00A0C9A23BCD}" = SonicWALL Global VPN Client 4.0.0.830
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5E98EE22-F59B-4ED0-82BE-010A6F886C3E}" = VERITAS Backup Exec Remote Agent for Windows Servers
"{64658686-0CD4-4CF6-983D-0A6BE32007DB}" = Business Complete Care Services Agreement
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67F67B6C-B3F9-4853-AE5C-0AC372DDEBF1}" = Wireless Manager mobile edition 3.0
"{6E2D57A4-E70E-4117-9046-3A1B4F2949E1}" = PlanetPress Suite 6 English Documentation
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7FC021F5-EA46-4B31-A23A-30C38433E2AD}" = PlanetPress 5
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9D4B411F-42F9-4566-9621-13D3A969F871}" = Redistributable_MM
"{A638557B-1F13-40A0-9627-C892FBCA6960}" = McAfee Agent
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC434EC8-B3CC-4003-92C1-0AE751CCFEB5}" = AGEIA PhysX v7.06.26
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Professional 2007
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP1
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B53D7D6B-9BB0-4EA8-82B9-9293CB41FCE1}" = MySQL Connector/ODBC 3.51
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD53CCA4-83BA-4D0E-96E2-AF559B0AFF92}" = Documentation de PlanetPress Suite 6
"{D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370}" = IntelliSonic Speech Enhancement
"{DDD66BB0-7C9F-4030-84DB-435E5B6C7457}" = EasyClient
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F02B977E-F031-406A-A624-B8EF87BBDE45}" = PlanetPress Suite 6 Dokumentationen
"{F7511FE7-BA89-4939-B2EF-A3F287B0F298}" = Logitech Gaming LCD Software 1.04
"{FE7D7E78-B9FD-4CAE-B223-10C6E5B307E7}" = Webroot® Client
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.3 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP1
"CodeWright Libraries" = CodeWright Libraries
"CodeWright70" = CodeWright 7.0
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"EditPlus 3" = EditPlus 3
"ERUNT_is1" = ERUNT 1.1j
"FacetWinV1" = FacetWin
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{67F67B6C-B3F9-4853-AE5C-0AC372DDEBF1}" = Wireless Manager mobile edition 3.0
"InstallShield_{DDD66BB0-7C9F-4030-84DB-435E5B6C7457}" = EasyClient
"Lexmark_HostCD" = Lexmark Software Uninstall
"LiveAdvisor" = LiveAdvisor (Symantec Corporation)
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mobile Essentials" = Symantec Mobile Essentials
"Money2006a" = MSN Money Investment Toolbox
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton CleanSweep" = Norton CleanSweep
"NVIDIA Drivers" = NVIDIA Drivers
"odbcdL4" = odbcdL4 1.2
"PremiumSoft Navicat 8.0 Lite for MySQL_is1" = PremiumSoft Navicat 8.0 Lite for MySQL
"PremiumSoft Navicat_is1" = PremiumSoft Navicat
"Procomm Plus" = Symantec Procomm Plus
"PROHYBRIDR" = 2007 Microsoft Office system
"PuTTY_is1" = PuTTY version 0.60
"SearchAssist" = SearchAssist
"Snapshot Viewer" = Snapshot Viewer
"SynTPDeinstKey" = Dell Touchpad
"U.S. Robotics V.92 USB Modem" = U.S. Robotics V.92 USB Modem
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winscp3_is1" = WinSCP 4.0.7
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/13/2009 5:54:54 PM | Computer Name = MASLAPTOPXPS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16791, faulting
module msvcrt.dll, version 7.0.2600.5512, fault address 0x00037168.
Error - 4/13/2009 5:54:57 PM | Computer Name = MASLAPTOPXPS | Source = Application Error | ID = 1001
Description = Fault bucket 1138675279.
Error - 4/13/2009 6:08:15 PM | Computer Name = MASLAPTOPXPS | Source = nview_info | ID = 11141121
Description =
Error - 4/13/2009 6:14:00 PM | Computer Name = MASLAPTOPXPS | Source = Userenv | ID = 1097
Description = Windows cannot find the machine account, No authority could be contacted
for authentication. .
Error - 4/13/2009 6:14:00 PM | Computer Name = MASLAPTOPXPS | Source = Userenv | ID = 1030
Description = Windows cannot query for the list of Group Policy objects. A message
that describes the reason for this was previously logged by the policy engine.
Error - 4/13/2009 6:14:52 PM | Computer Name = MASLAPTOPXPS | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007003a). The specified server cannot perform the requested
operation. Enrollment will not be performed.
Error - 4/13/2009 6:18:14 PM | Computer Name = MASLAPTOPXPS | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (The RPC server
is unavailable. ). Group Policy processing aborted.
Error - 4/13/2009 8:14:17 PM | Computer Name = MASLAPTOPXPS | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 4/13/2009 8:14:23 PM | Computer Name = MASLAPTOPXPS | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 4/13/2009 8:15:57 PM | Computer Name = MASLAPTOPXPS | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
[ OSession Events ]
Error - 5/5/2008 9:50:24 AM | Computer Name = MASLAPTOPXPS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2245
seconds with 600 seconds of active time. This session ended with a crash.
Error - 10/15/2008 9:56:39 AM | Computer Name = MASLAPTOPXPS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2211
seconds with 360 seconds of active time. This session ended with a crash.
Error - 11/21/2008 1:41:05 PM | Computer Name = MASLAPTOPXPS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 142
seconds with 120 seconds of active time. This session ended with a crash.
Error - 3/19/2009 5:09:59 PM | Computer Name = MASLAPTOPXPS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1275
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 4/12/2009 5:44:36 PM | Computer Name = MASLAPTOPXPS | Source = NetBT | ID = 4321
Description = The name "MIS :1d" could not be registered on the Interface
with IP address 205.34.101.153. The machine with the IP address 205.34.101.14 did
not allow the name to be claimed by this machine.
Error - 4/12/2009 5:49:46 PM | Computer Name = MASLAPTOPXPS | Source = NetBT | ID = 4321
Description = The name "MIS :1d" could not be registered on the Interface
with IP address 205.34.101.153. The machine with the IP address 205.34.101.14 did
not allow the name to be claimed by this machine.
Error - 4/12/2009 6:45:20 PM | Computer Name = MASLAPTOPXPS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 4/12/2009 7:01:06 PM | Computer Name = MASLAPTOPXPS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 4/13/2009 6:12:19 PM | Computer Name = MASLAPTOPXPS | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain MIS due to the following:
%%1722. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 4/13/2009 6:12:19 PM | Computer Name = MASLAPTOPXPS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 4/13/2009 6:12:19 PM | Computer Name = MASLAPTOPXPS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 4/13/2009 6:13:59 PM | Computer Name = MASLAPTOPXPS | Source = Kerberos | ID = 7
Description = The kerberos subsystem encountered a PAC verification failure. This
indicates that the PAC from the client MASLAPTOPXPS$ in realm ROBERTSOXYGEN.COM
had a PAC which failed to verify or was modified. Contact your system administrator.
Error - 4/13/2009 8:14:16 PM | Computer Name = MASLAPTOPXPS | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain MIS due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 4/13/2009 8:20:37 PM | Computer Name = MASLAPTOPXPS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
< End of report >
Thanks in advance.