Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Gooogle redirecting virus and Windows - No Disk Error


  • Please log in to reply

#1
paradox_

paradox_

    New Member

  • Member
  • Pip
  • 1 posts
I seem to have become infected with the dreaded google redirect virus. I'm not sure if it is related, but around the same time as getting the virus I started getting an error message on startup and randomly after being on the computer for a bit. Sometimes it pops up after starting a program. The message is "Windows - No Disk" "Exception Processing Message c0000013 Parameters 75b6bf9c 4 75b6bf9c 75b6bf9c"

I have to click cancel, try again, continue or X it out a bunch of times to get it to go away. Sometimes it will reboot my computer right after I X it out.

I tryed to run rooter but it does not show a text file after starting the program and I can't find the text file in my windows drive. Basically I double click the exe and nothing seems to happen. This has been happening with some other programs as well. I can't seem to get Malwarebytes' Anti Malware to work either.

Also I have an external harddrive which has stopped working since getting this error message. It still works on my laptop, though. I phoned technical support and they figure it is something to do with this virus.

OTListIt.txt:

OTListIt logfile created on: 03/04/2009 3:51:36 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.9.2 Folder = C:\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 130.33 Gb Total Space | 28.82 Gb Free Space | 22.11% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 2.95 Gb Free Space | 3.02% Space Free | Partition Type: NTFS
Drive E: | 4.89 Gb Total Space | 0.22 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 1.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: CHARLES
Current User Name: Malcolm
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - E:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avast!\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Avast!\ashServ.exe (ALWIL Software)
PRC - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - E:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)
PRC - E:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Seagate\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - C:\Program Files\Java\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - E:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
PRC - E:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Avast!\ashMaiSv.exe (ALWIL Software)
PRC - E:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Avast!\ashWebSv.exe (ALWIL Software)
PRC - E:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
PRC - E:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
PRC - E:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Avast!\ashDisp.exe (ALWIL Software)
PRC - C:\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Seagate\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
PRC - C:\Program Files\Java\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - E:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - E:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (Microsoft Corporation)
PRC - C:\Program Files\Avast!\setup\avast.setup ()
PRC - E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Downloads\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ANIWZCSdService [Auto | Stopped]) -- E:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Alpha Networks Inc.)
SRV - (Apple Mobile Device [Auto | Running]) -- E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Avast!\aswUpdSv.exe (ALWIL Software)
SRV - (ATKKeyboardService [Auto | Running]) -- E:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Avast!\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Avast!\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Avast!\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- E:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FreeAgentGoNext Service [Auto | Running]) -- C:\Seagate\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (helpsvc [Auto | Running]) -- E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- E:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (Macromedia Licensing Service [On_Demand | Stopped]) -- E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (McciCMService [Auto | Running]) -- E:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
SRV - (NVSvc [Auto | Running]) -- E:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- E:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (wampapache [On_Demand | Stopped]) -- File not found
SRV - (wampmysqld [On_Demand | Stopped]) -- File not found
SRV - (WLSetupSvc [On_Demand | Stopped]) -- E:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- E:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (A3AB [On_Demand | Running]) -- E:\WINDOWS\system32\DRIVERS\A3AB.sys (D-Link Corporation)
DRV - (Aavmker4 [System | Running]) -- E:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ALCXWDM [On_Demand | Running]) -- E:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AmdK8 [System | Running]) -- E:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (ANIO [Auto | Running]) -- E:\WINDOWS\system32\ANIO.SYS (Alpha Networks Inc.)
DRV - (asuskbnt [System | Running]) -- E:\WINDOWS\system32\drivers\atkkbnt.sys (ASUSTeK COMPUTER INC.)
DRV - (aswFsBlk [Auto | Running]) -- E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- E:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- E:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- E:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- E:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (EIO [Auto | Running]) -- E:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (gameenum [On_Demand | Running]) -- E:\WINDOWS\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- E:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Lbd [Boot | Running]) -- E:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (mcdbus [On_Demand | Running]) -- E:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (MREMP50 [On_Demand | Stopped]) -- E:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50 [On_Demand | Stopped]) -- E:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ms_mpu401 [On_Demand | Running]) -- E:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- E:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (pcouffin [On_Demand | Running]) -- E:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Point32 [On_Demand | Running]) -- E:\WINDOWS\system32\DRIVERS\point32.sys (Microsoft Corporation)
DRV - (Ptilink [On_Demand | Running]) -- E:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- E:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SCDEmu [System | Running]) -- E:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- E:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- E:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (USBAAPL [On_Demand | Stopped]) -- E:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- E:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\LIB\DEPLOY\JQS\FF [2008/12/05 16:21:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: E:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/27 20:09:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: E:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/27 20:09:46 | 00,000,000 | ---D | M]

[2008/09/15 12:31:05 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Malcolm\Application Data\mozilla\Extensions
[2008/09/15 12:31:05 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Malcolm\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/01 18:41:52 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Malcolm\Application Data\mozilla\Firefox\Profiles\t5e0q2jj.default\extensions
[2008/06/13 19:22:01 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Malcolm\Application Data\mozilla\Firefox\Profiles\t5e0q2jj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/04/01 18:41:52 | 00,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions
[2009/03/27 20:09:35 | 00,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/10/13 19:29:30 | 00,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/09/08 11:09:33 | 00,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/05 16:21:22 | 00,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/02/15 02:58:12 | 00,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/27 20:09:35 | 00,023,032 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/27 20:09:35 | 00,134,648 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/15 12:30:53 | 00,001,394 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/09/15 12:30:53 | 00,002,193 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/09/15 12:30:53 | 00,001,534 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/15 18:56:38 | 00,002,343 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/09/15 12:30:53 | 00,001,706 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/09/15 12:30:53 | 00,001,178 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/09/15 12:30:53 | 00,000,792 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - E:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Ad-Watch] E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [ANIWZCS2Service] E:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\Avast!\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [D-Link AirPlus G] E:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [IntelliPoint] "E:\Program Files\Microsoft IntelliPoint\ipoint.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] "C:\Seagate\FreeAgent Status\StxMenuMgr.exe" (Seagate LLC)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: E:\Documents and Settings\Malcolm\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - E:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.micr...01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{2EB24889-FD56-4366-890F-F5D33C79C175}\\NameServer = 75.154.133.68,75.154.133.100
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - E:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\Explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - M:\autorun.inf () - [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[12 E:\WINDOWS\System32\*.tmp files]
[3 E:\WINDOWS\*.tmp files]
[2009/04/03 15:33:49 | 00,000,000 | ---D | C] -- E:\Rooter$
[2009/04/03 15:20:33 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2009/04/03 15:20:31 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/03 15:18:55 | 00,000,000 | ---D | C] -- E:\WINDOWS\ERDNT
[2009/04/03 15:18:25 | 00,000,611 | ---- | C] () -- E:\Documents and Settings\Malcolm\Desktop\NTREGOPT.lnk
[2009/04/03 15:18:25 | 00,000,592 | ---- | C] () -- E:\Documents and Settings\Malcolm\Desktop\ERUNT.lnk
[2009/04/03 15:18:25 | 00,000,000 | ---D | C] -- E:\Program Files\ERUNT
[2009/04/03 14:48:50 | 00,000,472 | ---- | C] () -- E:\WINDOWS\tasks\Ad-Aware Update (Daily).job
[2009/04/03 14:41:59 | 00,064,160 | ---- | C] (Lavasoft AB) -- E:\WINDOWS\System32\drivers\Lbd.sys
[2009/04/03 14:39:59 | 00,000,000 | -H-D | C] -- E:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/04/03 14:39:57 | 00,000,867 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/04/03 14:39:38 | 00,000,000 | ---D | C] -- E:\Program Files\Lavasoft
[2009/04/03 14:39:38 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/04/03 14:32:35 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/04/03 04:44:23 | 00,000,000 | ---D | C] -- E:\WINDOWS\System32\NtmsData
[2009/03/31 14:38:27 | 00,258,082 | ---- | C] () -- E:\Documents and Settings\Malcolm\My Documents\MalcolmBrown07.stx
[2009/03/24 13:43:24 | 00,039,936 | ---- | C] () -- E:\Documents and Settings\Malcolm\My Documents\JillHarris.08t
[2009/03/24 13:17:31 | 00,034,816 | ---- | C] () -- E:\Documents and Settings\Malcolm\My Documents\2007taxesmalcolm.08t
[2009/03/20 22:15:16 | 00,012,160 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\drivers\mouhid.sys
[2009/03/20 22:15:11 | 00,021,504 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\hidserv.dll
[2009/03/20 22:15:06 | 00,009,600 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\drivers\hidusb.sys
[2009/03/16 00:36:20 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Malcolm\Application Data\Ventrilo
[2009/03/16 00:35:55 | 00,000,524 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2009/03/16 00:35:42 | 00,000,257 | ---- | C] () -- E:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/03/12 00:56:37 | 00,000,589 | ---- | C] () -- E:\Documents and Settings\Malcolm\Desktop\LEFT 4 DEAD.lnk
[2009/03/12 00:56:32 | 02,036,576 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\D3DCompiler_40.dll
[2009/03/12 00:56:32 | 00,452,440 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\d3dx10_40.dll
[2009/03/12 00:56:31 | 04,379,984 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\D3DX9_40.dll
[2009/03/12 00:56:31 | 00,070,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAPOFX1_2.dll
[2009/03/12 00:56:30 | 00,514,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAudio2_3.dll
[2009/03/12 00:56:30 | 00,235,856 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\xactengine3_3.dll
[2009/03/12 00:56:30 | 00,023,376 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\X3DAudio1_5.dll
[2009/03/12 00:56:29 | 00,509,448 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAudio2_2.dll
[2009/03/12 00:56:29 | 00,238,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\xactengine3_2.dll
[2009/03/12 00:56:29 | 00,068,616 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAPOFX1_1.dll
[2009/03/12 00:56:28 | 01,493,528 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\D3DCompiler_39.dll
[2009/03/12 00:56:28 | 00,467,984 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\d3dx10_39.dll
[2009/03/12 00:56:27 | 03,851,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\D3DX9_39.dll
[2009/03/12 00:56:27 | 00,507,400 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAudio2_1.dll
[2009/03/12 00:56:27 | 00,065,032 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAPOFX1_0.dll
[2009/03/12 00:56:26 | 00,238,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\xactengine3_1.dll
[2009/03/12 00:56:26 | 00,025,608 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\X3DAudio1_4.dll
[2009/03/12 00:56:25 | 00,479,752 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\XAudio2_0.dll
[2009/03/12 00:56:24 | 00,238,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\xactengine3_0.dll
[2009/03/12 00:56:24 | 00,025,608 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\X3DAudio1_3.dll
[2009/03/12 00:56:23 | 01,420,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\D3DCompiler_37.dll
[2009/03/12 00:56:23 | 00,462,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\d3dx10_37.dll
[2009/03/12 00:56:22 | 03,786,760 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\D3DX9_37.dll

========== Files - Modified Within 30 Days ==========

[12 E:\WINDOWS\System32\*.tmp files]
[3 E:\WINDOWS\*.tmp files]
[2009/04/03 15:49:36 | 00,003,284 | ---- | M] () -- E:\WINDOWS\System32\ANIWZCS{2EB24889-FD56-4366-890F-F5D33C79C175}
[2009/04/03 15:49:30 | 00,054,156 | -H-- | M] () -- E:\WINDOWS\QTFont.qfn
[2009/04/03 15:49:18 | 00,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2009/04/03 15:49:12 | 00,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2009/04/03 15:18:25 | 00,000,611 | ---- | M] () -- E:\Documents and Settings\Malcolm\Desktop\NTREGOPT.lnk
[2009/04/03 15:18:25 | 00,000,592 | ---- | M] () -- E:\Documents and Settings\Malcolm\Desktop\ERUNT.lnk
[2009/04/03 14:48:51 | 00,000,472 | ---- | M] () -- E:\WINDOWS\tasks\Ad-Aware Update (Daily).job
[2009/04/03 14:41:28 | 00,064,160 | ---- | M] (Lavasoft AB) -- E:\WINDOWS\System32\drivers\Lbd.sys
[2009/04/03 14:39:57 | 00,000,867 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/04/01 23:06:36 | 00,000,668 | ---- | M] () -- E:\Documents and Settings\Malcolm\Application Data\vso_ts_preview.xml
[2009/04/01 12:31:48 | 00,013,646 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2009/03/31 14:38:28 | 00,258,082 | ---- | M] () -- E:\Documents and Settings\Malcolm\My Documents\MalcolmBrown07.stx
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2009/03/24 13:43:28 | 00,039,936 | ---- | M] () -- E:\Documents and Settings\Malcolm\My Documents\JillHarris.08t
[2009/03/24 13:17:35 | 00,034,816 | ---- | M] () -- E:\Documents and Settings\Malcolm\My Documents\2007taxesmalcolm.08t
[2009/03/19 21:57:56 | 00,018,432 | ---- | M] () -- E:\Documents and Settings\Malcolm\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/16 00:35:56 | 00,000,257 | ---- | M] () -- E:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/03/16 00:35:55 | 00,000,524 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2009/03/12 00:56:37 | 00,000,589 | ---- | M] () -- E:\Documents and Settings\Malcolm\Desktop\LEFT 4 DEAD.lnk
[2009/03/08 22:51:28 | 00,464,860 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/08 22:51:28 | 00,397,560 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2009/03/08 22:51:28 | 00,059,780 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
< End of report >






Extras.txt:

OTListIt Extras logfile created on: 03/04/2009 3:51:36 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.9.2 Folder = C:\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 130.33 Gb Total Space | 28.82 Gb Free Space | 22.11% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 2.95 Gb Free Space | 3.02% Space Free | Partition Type: NTFS
Drive E: | 4.89 Gb Total Space | 0.22 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 1.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: CHARLES
Current User Name: Malcolm
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
E:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard (Microsoft Corporation)
C:\Program Files\Steam.exe:*:Enabled:Steam (Valve Corporation)
C:\Program Files\cod4\COD\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ ()
C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus File not found
E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\steamapps\paradox28491\source sdk base\hl2.exe:*:Enabled:hl2 ()
C:\Program Files\steamapps\paradox28491\counter-strike\hl.exe:*:Enabled:Half-Life Launcher (Valve)
C:\Program Files\steamapps\paradox28491\team fortress 2\hl2.exe:*:Enabled:hl2 ()
E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox (Mozilla Corporation)
C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III File not found
E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
E:\WINDOWS\system32\a.exe:*:Disabled:a File not found
E:\Documents and Settings\Malcolm\Local Settings\Temp\.tt7.tmp:*:Enabled:enable File not found
E:\WINDOWS\system32\sysrest32.exe:*:Enabled:enable File not found
N:\Programs\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server File not found
C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC (mIRC Co. Ltd.)
N:\Games\Left 4 Dead\left4dead.exe:*:Disabled:left4dead File not found
N:\Programs\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0650BB10-BCF4-400A-85EE-04097E3046C6}" = Adobe Setup
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{11F7CDC1-2E99-413E-BF08-CABDA5436448}" = EMS SQL Manager 2007 for MySQL
"{169E414A-37C7-434E-9021-27A03AE087CD}" = ASUS Video Security
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 11
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{6200E744-E10A-4F3F-9B41-4115424D6059}" = Driver Detective
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7148F0A8-6813-11D6-A77B-00B0D0142160}" = Java 2 Runtime Environment, SE v1.4.2_16
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{71AA4525-52F2-4841-93B6-8DF58C0CC0DA}" = DriverGuide Toolkit
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.2.3.81
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90CEF78B-F679-4382-9655-AA543F55E968}" = StudioTax 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B87ED12E-A95F-45AC-89E7-02CFD5BD2353}" = StudioTax 2008
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4026ECE-9F19-43EC-9FC8-474C2DB7D2BE}" = ASUS Utilities
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"abcavi_tag_editor_is1" = abcAVI
"AC3Filter" = AC3Filter (remove only)
"Ad-Aware" = Ad-Aware
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Adobe_7328fdfcb73660ec8b11d5a3d5c6232" = Adobe Dreamweaver CS3
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"AutoFLAC_is1" = AutoFLAC 1.2
"avast!" = avast! Antivirus
"Bogglev1" = Boggle
"Command_And_Conquer_Yuri's_Revenge_1.001_MPI" = Command And Conquer Red Alert 2 Yuri's Revenge 1.001
"Cucusoft DVD to iPod + iPod Video Converter Suite_is1" = Cucusoft DVD to iPod + iPod Video Converter Suite 5.25.5.8
"dBpoweramp Monkeys Audio Codec" = dBpoweramp Monkeys Audio Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"Effective File Search" = Effective File Search 5.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Exact Audio Copy" = Exact Audio Copy 0.99pb3
"FLAC" = FLAC 1.2.1b (remove only)
"InFlac" = InFlac 1.1.1
"InstallShield_{169E414A-37C7-434E-9021-27A03AE087CD}" = ASUS Video Security
"InstallShield_{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"InstallShield_{F4026ECE-9F19-43EC-9FC8-474C2DB7D2BE}" = ASUS Utilities
"InterActual Player" = InterActual Player
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"MagicDisc 2.5.79" = MagicDisc 2.5.79
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"mmswitch" = Morgan Stream Switcher
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"oggcodecs" = oggcodecs 0.71.0946
"Planescape - Torment" = Planescape - Torment
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"RegexBuddy 3" = JGsoft RegexBuddy 3 DEMO 3.2.1
"Ricochet Infinity_is1" = Ricochet Infinity
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SimCity2000CDv1" = SimCity 2000® Special Edition
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"TallStick TS-AudioToMIDI 3.20" = TallStick TS-AudioToMIDI 3.20 (remove only)
"Tiberian Sun" = Command & Conquer Tiberian Sun
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WampServer 2_is1" = WampServer 2.0
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOLAPI" = Westwood Shared Internet Components
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/04/2009 8:47:05 PM | Computer Name = CHARLES | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3372, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 02/04/2009 11:49:59 PM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3372, faulting module
unknown, version 0.0.0.0, fault address 0x10001e39.

Error - 03/04/2009 4:31:49 AM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application hl.exe, version 1.1.1.1, faulting module unknown,
version 0.0.0.0, fault address 0x10011e39.

Error - 03/04/2009 5:33:32 AM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application hl.exe, version 1.1.1.1, faulting module unknown,
version 0.0.0.0, fault address 0x10011e39.

Error - 03/04/2009 7:15:56 AM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3372, faulting module
unknown, version 0.0.0.0, fault address 0x10001e39.

Error - 03/04/2009 5:25:23 PM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3372, faulting module
unknown, version 0.0.0.0, fault address 0x10001e39.

Error - 03/04/2009 5:26:12 PM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3372, faulting module
unknown, version 0.0.0.0, fault address 0x10001e39.

Error - 03/04/2009 5:37:12 PM | Computer Name = CHARLES | Source = Application Error | ID = 1000
Description = Faulting application teatimer.exe, version 1.6.4.26, faulting module
teatimer.exe, version 1.6.4.26, fault address 0x0006e60e.

Error - 03/04/2009 5:40:11 PM | Computer Name = CHARLES | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 03/04/2009 5:51:53 PM | Computer Name = CHARLES | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3372, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 02/04/2009 11:47:45 PM | Computer Name = CHARLES | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the McciCMService service
to connect.

Error - 02/04/2009 11:47:45 PM | Computer Name = CHARLES | Source = Service Control Manager | ID = 7000
Description = The McciCMService service failed to start due to the following error:
%%1053

Error - 03/04/2009 5:59:52 AM | Computer Name = CHARLES | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the McciCMService service
to connect.

Error - 03/04/2009 5:59:52 AM | Computer Name = CHARLES | Source = Service Control Manager | ID = 7000
Description = The McciCMService service failed to start due to the following error:
%%1053

Error - 03/04/2009 6:53:59 AM | Computer Name = CHARLES | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the McciCMService service
to connect.

Error - 03/04/2009 6:53:59 AM | Computer Name = CHARLES | Source = Service Control Manager | ID = 7000
Description = The McciCMService service failed to start due to the following error:
%%1053

Error - 03/04/2009 7:43:23 AM | Computer Name = CHARLES | Source = LDMS | ID = 16780239
Description = The Logical Disk Manager Service failed while registering for device
handle notifications on device \\?\storage#removablemedia#7&182575ac&0&rm#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Win32 Error: 1381.

Error - 03/04/2009 7:43:23 AM | Computer Name = CHARLES | Source = LDMS | ID = 16780239
Description = The Logical Disk Manager Service failed while registering for device
handle notifications on device \\?\storage#removablemedia#7&2adf2651&0&rm#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Win32 Error: 1381.

Error - 03/04/2009 7:43:23 AM | Computer Name = CHARLES | Source = LDMS | ID = 16780239
Description = The Logical Disk Manager Service failed while registering for device
handle notifications on device \\?\storage#removablemedia#7&56bc507&0&rm#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Win32 Error: 1381.

Error - 03/04/2009 7:43:23 AM | Computer Name = CHARLES | Source = LDMS | ID = 16780239
Description = The Logical Disk Manager Service failed while registering for device
handle notifications on device \\?\storage#removablemedia#7&d4deb9e&0&rm#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Win32 Error: 1381.


< End of report >



Thanks in advance for any help. This is really frustrating...
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP