First the good. I found a bunch of malware on my computer after a month of someone else using it. I removed a bunch of stuff but could not get rid of Win32.Delf.rtk. I came here and did some reading and followed the instructions on the Malware and Spyware Cleaning Guide. When I ran Malwarebytes it found a bunch more malware that my tools did not show at all. I had to run Malwarebytes' Anti-Malware three times but it seems to have done the job. I ran everything else in the guide and am posting the logs below here. I will just post the first and last Malwarebytes logs. My system now seems to be clean. I am using AVG as antivirus and Adaware and Spybot search and Distroy to check for nasties and they all show my system as clean now. Malwarebytes also shows nothing.
The bad. This machine is still very slow. It's a 3Gig P4 with Asus motherboard. I have two 2.4Gig P4s that are way faster then this one. Anyway this was the first step in trying to find out why this computer is so slow. I will now post a message in the hardware group to see if we can figure out why this computer is so slow.
I will also check back here to see if anyone sees anything else in the logs that could slow this machine down.
================Malwarebytes' Anti-Malware 1.38 log file 1
Database version: 2372
Windows 5.1.2600 Service Pack 3
04/07/2009 12:00:39 PM
mbam-log-2009-07-04 (12-00-39).txt
Scan type: Quick Scan
Objects scanned: 95377
Time elapsed: 7 minute(s), 24 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 7
Registry Values Infected: 10
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\msncache.dll (Backdoor.Bot) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msncache (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\msncache (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msncache (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f3d0c92a-2063-2a0d-9256-05e3846d38b0} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dailybucks_install.exe (Security.Hijack) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\FirstInstallFlag (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mms (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\msncache.dll (Backdoor.Bot) -> Delete on reboot.
c:\WINDOWS\system32\sopidkc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\comsa32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wiwow64.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wiawow32.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
================Malwarebytes' Anti-Malware 1.38 log file 3
Database version: 2373
Windows 5.1.2600 Service Pack 3
04/07/2009 12:23:53 PM
mbam-log-2009-07-04 (12-23-53).txt
Scan type: Quick Scan
Objects scanned: 95406
Time elapsed: 3 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
================Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 4 Stepping 1, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] STOPPED (state:1) : Windows Firewall -> Disabled !
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.11 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:95 Go - Free:36 Go )
D:\ [Fixed-NTFS] .. ( Total:370 Go - Free:151 Go )
E:\ [Fixed-NTFS] .. ( Total:465 Go - Free:0 Go )
F:\ [Removable]
G:\ [CD_Rom]
.
Scan : 17:29.13
Path : C:\Documents and Settings\Johnnie\Desktop\Maintence\GEEKS to GO\! ! Malware Tools\Rooter.exe
User : Johnnie ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (804)
______ \??\C:\WINDOWS\system32\csrss.exe (872)
______ \??\C:\WINDOWS\system32\winlogon.exe (904)
______ C:\WINDOWS\system32\services.exe (948)
______ C:\WINDOWS\system32\lsass.exe (960)
______ C:\WINDOWS\system32\Ati2evxx.exe (1132)
______ C:\WINDOWS\system32\svchost.exe (1164)
______ C:\WINDOWS\system32\svchost.exe (1240)
______ C:\WINDOWS\system32\svchost.exe (1360)
______ C:\WINDOWS\system32\svchost.exe (1376)
______ C:\WINDOWS\system32\Ati2evxx.exe (1396)
______ C:\WINDOWS\system32\svchost.exe (1524)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1576)
______ C:\WINDOWS\system32\spoolsv.exe (1656)
______ C:\WINDOWS\system32\svchost.exe (1860)
______ C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (1908)
______ C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (1940)
______ C:\Program Files\Java\jre6\bin\jqs.exe (2040)
______ C:\WINDOWS\system32\oodag.exe (396)
______ C:\PROGRA~1\AVG\AVG8\avgrsx.exe (536)
______ C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (664)
______ C:\WINDOWS\system32\svchost.exe (688)
______ C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe (1324)
______ C:\Program Files\UPHClean\uphclean.exe (1880)
______ C:\WINDOWS\system32\wbem\unsecapp.exe (2140)
______ C:\WINDOWS\system32\wbem\wmiprvse.exe (2204)
______ C:\WINDOWS\Explorer.EXE (2660)
______ C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (2928)
______ C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (2956)
______ C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (2972)
______ C:\PROGRA~1\AVG\AVG8\avgtray.exe (3012)
______ C:\Program Files\Microsoft IntelliPoint\ipoint.exe (3064)
______ C:\WINDOWS\system32\ctfmon.exe (3184)
______ C:\WINDOWS\System32\svchost.exe (3252)
______ C:\WINDOWS\explorer.exe (3368)
______ C:\Program Files\Mozilla Firefox\firefox.exe (1556)
______ C:\Documents and Settings\Johnnie\Desktop\Maintence\GEEKS to GO\! ! Malware Tools\Rooter.exe (1808)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:102396510720 | Length:397708738560)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:32256 | Length:102396478464)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\Tasks\Norton Security Scan for Johnnie.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 17:31.48
.
C:\Rooter$\Rooter_1.txt - (04/07/2009 | 17:31.48)
================OTL logfile created on: 05/07/2009 9:20:06 AM - Run 1
OTL by OldTimer - Version 3.0.6.4 Folder = C:\Documents and Settings\Johnnie\Desktop\Maintence\GEEKS to GO\! ! Malware Tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 99.87% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 95.36 Gb Total Space | 36.02 Gb Free Space | 37.77% Space Free | Partition Type: NTFS
Drive D: | 370.40 Gb Total Space | 157.69 Gb Free Space | 42.57% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 0.63 Gb Free Space | 0.14% Space Free | Partition Type: NTFS
Drive F: | 1.86 Gb Total Space | 1.84 Gb Free Space | 98.54% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LIVINGROOM
Current User Name: Johnnie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\System32\oodag.exe (O&O Software GmbH)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Johnnie\Desktop\Maintence\GEEKS to GO\! ! Malware Tools\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (AcrSch2Svc [Auto | Running]) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\System32\ati2sgag.exe ()
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (brmfrmps [Disabled | Stopped]) -- File not found
SRV - (Brother XP spl Service [Disabled | Stopped]) -- C:\WINDOWS\System32\brsvc01a.exe (brother Industries Ltd)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (O&O Defrag [Auto | Running]) -- C:\WINDOWS\System32\oodag.exe (O&O Software GmbH)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (rpcapd [On_Demand | Stopped]) -- C:\Program Files\WinPcap\rpcapd.exe ()
SRV - (sdAuxService [On_Demand | Stopped]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (sdCoreService [On_Demand | Stopped]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (TomTomHOMEService [On_Demand | Stopped]) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (TryAndDecideService [Auto | Running]) -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
SRV - (UPHClean [Auto | Running]) -- C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (UplinkService [Disabled | Stopped]) -- C:\Program Files\NCH Swift Sound\Uplink\uplink.exe ()
========== Driver Services (SafeList) ==========
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AnyDVD [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ASPI32 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (ati2mtaa [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ati2mtaa.sys (ATI Technologies Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (brfilt [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\Brfilt.sys (Brother Industries Ltd.)
DRV - (BrSerWDM [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbScn [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrUsbScn.sys (Brother Industries Ltd.)
DRV - (cpuz132 [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider)
DRV - (DgiVecp [Auto | Stopped]) -- C:\WINDOWS\System32\Drivers\DgiVecp.sys (DeviceGuys, Inc.)
DRV - (EL2000 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\EL2K_XP.sys (3Com Corporation)
DRV - (ElbyCDIO [System | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (m4cxw2k3 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\m4cxw2k3.sys (D-Link Corporation)
DRV - (mf [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mf.sys (Microsoft Corporation)
DRV - (MidiSyn [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\MidiSyn.sys (Analog Devices Inc)
DRV - (MPE [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (NPF [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\npf.sys (Politecnico di Torino)
DRV - (pcouffin [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (PCTCore [Boot | Running]) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (Point32 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\point32.sys (Microsoft Corporation)
DRV - (PQNTDrv [System | Running]) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (SABProcEnum [On_Demand | Stopped]) -- C:\WINDOWS\System32\sabprocenum.sys (SuperAdBlocker.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (snapman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (tdrpman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis)
DRV - (tifsfilter [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (timounter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (Uplink [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\Uplink.sys (NCH Swift Sound)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (WmBEnum [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmVirHid [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmXlCore [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (yukonwxp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\yk51x86.sys (Marvell)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://mirariver.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/29 08:58:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/04 16:40:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/12 19:54:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/19 12:32:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/06/16 08:21:03 | 00,000,000 | ---D | M]
[2009/01/19 15:32:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Johnnie\Application Data\mozilla\Extensions
[2008/07/01 12:48:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Johnnie\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/19 15:32:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Johnnie\Application Data\mozilla\Extensions\[email protected]
[2009/07/05 08:11:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Johnnie\Application Data\mozilla\Firefox\Profiles\2zi1h6xu.default\extensions
[2009/07/04 16:50:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Johnnie\Application Data\mozilla\Firefox\Profiles\2zi1h6xu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/01 21:43:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Johnnie\Application Data\mozilla\Firefox\Profiles\2zi1h6xu.default\extensions\[email protected]
[2009/07/05 08:11:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/16 08:21:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/07/02 19:20:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[2009/04/05 23:18:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/16 08:20:18 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/16 08:20:18 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2005/12/05 23:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2009/06/16 08:20:26 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2006/02/02 16:56:00 | 00,225,280 | ---- | M] (Virtools SA) -- C:\Program Files\mozilla firefox\plugins\npvirtools.dll
[2009/04/24 21:44:31 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/24 21:44:31 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/24 21:44:31 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/24 21:44:31 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/24 21:44:31 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/24 21:44:31 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/24 21:44:31 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (292053 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10057 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {73C7D5B0-7B03-444A-84C7-CE1BA03B5573} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [DynAdvance Notifier] C:\Program Files\DynAdvance Notifier\MailNotifier.Exe (Catalin Stavaru)
O4 - HKCU..\Run: [Mailbell] C:\Program Files\MailBell\mailbell.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownWithoutLogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: Add to Vbuzzer RSS list - C:\Program Files\vbuzzer\addurl.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: SmartWhois - {FD9DE2B4-C926-4460-81C4-FC58C6F1062E} - C:\Program Files\SmartWhois\swmsie.exe (TamoSoft)
O9 - Extra 'Tools' menuitem : SmartWhois - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe (TamoSoft)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1182302094468 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1182565904640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} http://10.0.0.240/xplugLiteAL.cab (Gif89 Lite Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...5/installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220 206.248.154.22
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\Qualcomm\Eudora\EuShlExt.dll (Qualcomm Inc.)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/19 20:43:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (oodbs) - C:\WINDOWS\System32\oodbs.exe (O&O Software GmbH)
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/07/05 07:26:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\My Documents\DVDFab
[2009/07/04 19:06:38 | 00,000,099 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\Info What is AGP aperture size and what should I set mine to - Overclock.net - Overclocking.net.URL
[2009/07/04 17:31:48 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/07/04 16:33:12 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/07/04 16:32:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/07/04 16:32:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/07/04 16:32:05 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/07/04 16:29:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/07/04 11:45:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Application Data\Malwarebytes
[2009/07/04 11:45:52 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/04 11:45:50 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/04 11:45:50 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/04 11:45:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/07/04 11:43:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/04 11:41:05 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/03 23:23:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/07/03 21:49:40 | 00,000,752 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\SpywareBlaster.lnk
[2009/07/03 21:29:34 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/07/03 21:29:16 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/07/03 21:29:16 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/07/03 21:28:54 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/07/03 21:28:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/07/03 21:28:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/07/03 20:59:52 | 00,000,053 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\How To Videos on Wonder How To - Video Tutorials, DIY Lessons & Tips.URL
[2009/07/03 14:02:14 | 00,000,552 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\address.rtf
[2009/07/03 11:25:44 | 00,000,669 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\Shortcut to UnrealTournament.exe.lnk
[2009/07/02 20:24:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Local Settings\Application Data\Thinstall
[2009/07/02 20:24:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Application Data\Thinstall
[2009/07/02 11:51:34 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\Tibiet Cafe .doc
[2009/07/01 22:46:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\Lynda.com - Photoshop One On One MASTERY with Deke McLelland
[2009/06/29 07:12:31 | 00,000,243 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\The Star.url
[2009/06/27 14:13:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\09. Text
[2009/06/27 12:48:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\08. App links
[2009/06/27 12:48:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\07. PDF
[2009/06/27 12:47:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\06. WORDPAD
[2009/06/27 12:46:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\05. Word
[2009/06/27 12:46:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\04.Excel
[2009/06/27 12:43:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\03. WEB LINKS
[2009/06/27 12:42:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\02. ICONS
[2009/06/27 12:40:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\01. FOLDER
[2009/06/27 09:49:30 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Johnnie\Desktop\PERSONAL
[2009/06/27 09:49:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\FIX XP
[2009/06/27 09:48:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\WORK
[2009/06/25 21:04:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\My Invoices
[2009/06/25 12:54:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\ALL pass and info from Chetan
[2009/06/24 10:43:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\Posh new site demo
[2009/06/20 12:46:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Local Settings\Application Data\ATI
[2009/06/20 12:46:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Application Data\ATI
[2009/06/20 12:46:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009/06/20 12:26:09 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/06/20 12:24:14 | 00,000,000 | ---D | C] -- C:\ATI
[2009/06/20 12:18:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\New ATI Driver and software
[2009/06/15 12:34:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\VOIP Ebooks
[2009/06/15 12:08:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Johnnie\Desktop\VICIDIAL
[2009/06/14 21:11:34 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Johnnie\Desktop\VICIDIAL - Google Search.URL
[2009/06/07 10:08:28 | 00,000,000 | ---D | C] -- C:\! VTC Assembly Language Programing
[2009/06/07 00:29:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\Rarlab WinRAR v3.80
[2009/06/07 00:29:29 | 00,000,000 | ---D | C] -- C:\Program Files\Rarlab WinRAR v3.80
[2008/12/21 20:37:19 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008/12/21 20:37:19 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008/12/21 20:37:19 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008/12/21 20:37:19 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2008/07/19 19:02:50 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008/07/19 19:02:29 | 00,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/06/29 12:02:39 | 01,216,512 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/06/29 12:02:39 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/05/26 11:35:35 | 00,000,089 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/04/28 15:58:38 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/02/27 23:02:35 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/12/27 10:37:10 | 00,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2007/11/07 19:01:25 | 00,000,145 | ---- | C] () -- C:\WINDOWS\StarryNight.ini
[2007/10/17 09:42:49 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/10/16 17:24:40 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/10/16 14:50:00 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2007/10/16 14:49:46 | 00,002,189 | ---- | C] () -- C:\WINDOWS\BRMFBIDI.INI
[2007/10/16 14:49:36 | 00,000,267 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini
[2007/10/16 14:49:30 | 00,000,419 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007/10/16 14:49:30 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/09/11 21:57:37 | 00,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/08/26 22:01:27 | 00,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/08/19 22:00:58 | 00,000,042 | ---- | C] () -- C:\WINDOWS\AlchemyMindworksUpdateList.INI
[2007/06/21 08:14:55 | 00,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/06/20 20:12:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2007/06/20 10:35:31 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2007/06/20 10:24:09 | 00,002,781 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/06/20 10:24:07 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006/11/06 18:49:36 | 00,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2004/08/04 08:00:00 | 00,000,622 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/19 17:30:00 | 00,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll
[2002/03/02 04:10:02 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/07/05 07:50:00 | 00,012,796 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/07/05 07:49:59 | 37,774,500 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/07/04 21:40:58 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/04 21:39:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/04 21:39:42 | 01,048,459 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2009/07/04 21:31:49 | 02,737,920 | -H-- | M] () -- C:\Documents and Settings\Johnnie\Local Settings\Application Data\IconCache.db
[2009/07/04 19:06:38 | 00,000,099 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\Info What is AGP aperture size and what should I set mine to - Overclock.net - Overclocking.net.URL
[2009/07/04 16:39:27 | 00,000,063 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/07/04 09:15:05 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/07/03 21:49:40 | 00,000,752 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\SpywareBlaster.lnk
[2009/07/03 21:27:03 | 00,525,946 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/03 21:27:03 | 00,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/07/03 21:27:03 | 00,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/07/03 20:59:52 | 00,000,053 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\How To Videos on Wonder How To - Video Tutorials, DIY Lessons & Tips.URL
[2009/07/03 14:12:51 | 00,000,552 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\address.rtf
[2009/07/03 11:25:44 | 00,000,669 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\Shortcut to UnrealTournament.exe.lnk
[2009/07/02 21:20:45 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/07/02 21:20:29 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/07/02 13:20:56 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\Tibiet Cafe .doc
[2009/06/30 11:34:23 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2009/06/30 09:26:54 | 00,000,428 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\Shortcut to FTP.lnk
[2009/06/30 08:50:54 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/06/29 08:56:16 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/06/29 08:56:15 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/06/27 09:52:15 | 00,205,824 | ---- | M] () -- C:\Documents and Settings\Johnnie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/16 08:09:02 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Johnnie\My Documents\JohnFerguson.08t
[2009/06/16 08:07:47 | 00,000,243 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\The Star.url
[2009/06/15 17:39:27 | 00,000,237 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\Google.url
[2009/06/14 21:55:46 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Johnnie\My Documents\JohnFerguson.08t.backup
[2009/06/14 21:11:34 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Johnnie\Desktop\VICIDIAL - Google Search.URL
[2009/06/13 18:36:44 | 00,000,622 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/13 05:47:34 | 01,498,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== Alternate Data Streams ==========
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
< End of report >
================OTL Extras logfile created on: 05/07/2009 9:20:06 AM - Run 1
OTL by OldTimer - Version 3.0.6.4 Folder = C:\Documents and Settings\Johnnie\Desktop\Maintence\GEEKS to GO\! ! Malware Tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 99.87% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 95.36 Gb Total Space | 36.02 Gb Free Space | 37.77% Space Free | Partition Type: NTFS
Drive D: | 370.40 Gb Total Space | 157.69 Gb Free Space | 42.57% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 0.63 Gb Free Space | 0.14% Space Free | Partition Type: NTFS
Drive F: | 1.86 Gb Total Space | 1.84 Gb Free Space | 98.54% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LIVINGROOM
Current User Name: Johnnie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\VoipStunt.com\VoipStunt\voipstunt.exe:*:Enabled:VoipStunt (VoipStunt)
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent File not found
C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:BitTorrent DNA File not found
C:\Program Files\SmartWhois\sw.exe:*:Enabled:SmartWhois (TamoSoft)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\vbuzzer\VBuzzer.exe:*:Enabled:VBuzzer Messenger (Softroute Corporation)
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{20585CDC-114E-4372-986A-0686B1A37A30}" = Business Plan Pro 2007
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{263CB4CF-8EC8-4FD0-99CD-3741657CDC4F}" = Microsoft Date and Phone XML Smart Tags
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 13
"{27E9B845-5E9B-41CE-8C50-7F6BDC019308}" = Microsoft Captions Language Interface Pack
"{29622F4A-245C-4126-8764-897E21E888D1}" = Google Earth Pro
"{2D456CE5-01E4-4DBE-9797-77003A7C8271}" = Microsoft® Measurement Smart Tag Converter
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{3294DF7D-9A5B-443E-85D3-A00486AA0A92}" = DGE-530T
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36B98FCD-557C-48B0-98B8-60F8435D8492}" = Microsoft Office Word 2003 Redaction Add-in
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static
"{45EA11B5-874D-480E-89B9-2545505BBE3E}" = Microsoft OpenType Font File Properties Extension
"{4C4FC279-588A-46C9-88AA-1D62876F5F61}" = Microsoft Convert Number Smart Tag
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{545E0CDC-4373-4315-9553-BA1025AF9D06}" = XML4
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}" = Acronis True Image Home
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.0.96
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7E819CE5-2C41-4C8D-BAF0-B49CC65C5562}" = Norton Security Scan
"{8436DD2B-CED5-4B88-992C-25E2D24172FE}" = Microsoft Captions Language Interface Culture Pack (Alsace)
"{84F1DAC1-E1BF-4A21-9D2B-DD3E12686A2C}" = Read in Microsoft Reader Add-in for Microsoft Word
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{885744A4-1A01-44B0-858A-0AE6738CBCF7}" = PrimoPDF Redistribution Package
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DB2C22D-A23A-4C0E-9A56-7D10440B9B40}" = Microsoft Office Outlook 2003 Calendar Views Add-in
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{905D0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio IFilter 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{90F80409-6000-11D3-8CFE-0150048383C9}" = Remove Hidden Data Tool
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{A99C1048-A569-4B65-A3DD-3584B0A4AA69}" = Microsoft MSN MoneyCentral Stock Quotes Add-In for Excel
"{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 8.0 Professional Edition
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADFBC522-0E15-4E35-B932-8CE2EE0DDEA3}" = Microsoft Office 2003 Desktop Language Settings
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6828215-1469-43A2-8BEE-F5A970F98161}" = Microsoft Office 2003 International Character Toolbar
"{B87ED12E-A95F-45AC-89E7-02CFD5BD2353}" = StudioTax 2008
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD63976C-1EB5-4D85-8070-79506818C9C8}" = Microsoft® Stock Actions for the Research Task Pane
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}" = WinZip 11.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F251B999-08A9-4704-999C-9962F0DFD88E}" = Virtual Desktop Manager Powertoy for Windows XP
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5
"All ATI Software" = ATI - Software Uninstall Utility
"AnyDVD" = AnyDVD
"Ashampoo Burning Studio 2008_is1" = Ashampoo Burning Studio 2008
"Ashampoo WinOptimizer 4_is1" = Ashampoo WinOptimizer 4.40
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG Free 8.5
"AVS Video Tools 5.1_is1" = AVS Video Tools 5.1
"AVSDiscCreator_is1" = AVS Disc Creator version 2.1
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.51
"Defraggler" = Defraggler (remove only)
"Dexpot" = Dexpot
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVDFab Platinum_is1" = DVDFab Platinum 3.2.1.0
"dvdSanta 4.50 - Make your own DVD movies!_is1" = dvdSanta 4.50
"ERUNT_is1" = ERUNT 1.1j
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{3294DF7D-9A5B-443E-85D3-A00486AA0A92}" = DGE-530T
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"IrfanView" = IrfanView (remove only)
"MailBell" = MailBell
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"MasterSplitter" = MasterSplitter Program
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MPEG Video Wizard DVD" = MPEG Video Wizard DVD 4.0.4.108 (03/2008)
"NetTools_is1" = NetTools 5.0
"NewzToolz_is1" = NewzToolz v2.0.2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{7E819CE5-2C41-4C8D-BAF0-B49CC65C5562}" = Norton Security Scan (Symantec Corporation)
"PC Wizard 2008_is1" = PC Wizard 2008.1.82
"QuickPar" = QuickPar 0.9
"Recuva" = Recuva (remove only)
"Samsung ML-2010 Series" = Samsung ML-2010 Series
"SereneScreen Marine Aquarium 2_is1" = SereneScreen Marine Aquarium 2
"SmartWhois" = SmartWhois
"Spyware Doctor" = Spyware Doctor 6.0
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Starry Night Pro 5" = Starry Night Pro 5
"TeamViewer 3" = TeamViewer 3
"TomTom HOME" = TomTom HOME 2.6.4.1641
"Uplink" = Uplink Skype2Sip Uninstall
"Vbuzzer" = Vbuzzer Messenger
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 0.9.4
"VoipStunt_is1" = VoipStunt
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 3.0
"WinRAR archiver" = WinRAR archiver
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Pikto ROES" = Pikto ROES
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24/06/2009 11:07:42 AM | Computer Name = LIVINGROOM | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.8217.0, stamp 480f95d9,
faulting module kernel32.dll, version 5.1.2600.5781, stamp 49c4f482, debug? 0,
fault address 0x0000980f.
Error - 24/06/2009 8:07:29 PM | Computer Name = LIVINGROOM | Source = Defrag | ID = 131078
Description = Not enough space on volume D: (NTFS). COMPLETE/Modified defragmentation
has been aborted.
Error - 25/06/2009 1:01:04 AM | Computer Name = LIVINGROOM | Source = Defrag | ID = 131078
Description = Not enough space on volume E: (NTFS). COMPLETE/Modified defragmentation
has been aborted.
Error - 29/06/2009 9:18:51 AM | Computer Name = LIVINGROOM | Source = Outlook Calendar Views | ID = 0
Description = Object reference not set to an instance of an object.... at OCV.Connect.Explorers_NewExplorer(Explorer
Explorer) at OCV.Connect.OnConnection(Object application, ext_ConnectMode connectMode,
Object addInInst, Array& custom)
Error - 29/06/2009 9:19:09 AM | Computer Name = LIVINGROOM | Source = Outlook Calendar Views | ID = 0
Description = Object reference not set to an instance of an object.... at OCV.Connect.Explorers_NewExplorer(Explorer
Explorer) at OCV.Connect.OnConnection(Object application, ext_ConnectMode connectMode,
Object addInInst, Array& custom)
Error - 30/06/2009 5:53:48 PM | Computer Name = LIVINGROOM | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3439, faulting module
xul.dll, version 1.9.0.3439, fault address 0x00093691.
Error - 03/07/2009 4:57:59 AM | Computer Name = LIVINGROOM | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 03/07/2009 4:57:59 AM | Computer Name = LIVINGROOM | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 05/07/2009 7:19:53 AM | Computer Name = LIVINGROOM | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 05/07/2009 9:00:49 AM | Computer Name = LIVINGROOM | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3439, faulting module
msvcr80.dll, version 8.0.50727.3053, fault address 0x0001500a.
[ System Events ]
Error - 28/06/2009 11:10:58 AM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7000
Description = The TLRecAgent service failed to start due to the following error:
%%2
Error - 28/06/2009 11:53:27 AM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7000
Description = The TLRecAgent service failed to start due to the following error:
%%2
Error - 28/06/2009 12:03:12 PM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7000
Description = The TLRecAgent service failed to start due to the following error:
%%2
Error - 28/06/2009 12:30:10 PM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7000
Description = The TLRecAgent service failed to start due to the following error:
%%2
Error - 03/07/2009 9:11:43 AM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7034
Description = The sopidkc Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 03/07/2009 8:58:29 PM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7034
Description = The sopidkc Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 04/07/2009 12:05:15 PM | Computer Name = LIVINGROOM | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.
Error - 04/07/2009 12:05:28 PM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde
Error - 04/07/2009 12:15:26 PM | Computer Name = LIVINGROOM | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.
Error - 04/07/2009 12:15:56 PM | Computer Name = LIVINGROOM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde
< End of report >