today I picked up some form of malware. The most tell tale was the background screen on the computer became a blue screen with red green yellow squares and rectangles. I went through the steps outlined in the malware removal guide and things seem more or less back to normal.
The only noticable problem I seem to be having is during start up (once most icons load on the desktop) I get a box and an error.
The error:
-----------------------------------------------------------------
RUNDLL
Error Loading
C:\docume~\Tracy\Protect.dll
The specified module could not be found
-------------------------------------------------------------------
I am also showing two translucent Icons on the desk top.... desktop.ini and thumbs.db
Basically trying to solve the last few things listed above and have a more expert eye look at th e log files and see if I should remove other stuff too.
thanks
These are the Scan Log files:
Rooter Scan:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
C:\ [Fixed] - NTFS - (Total:73171 Mo/Free:3718 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Tue 04/28/2009|17:13
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\brsvc01a.exe
---------- C:\WINDOWS\system32\brss01a.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
---------- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
---------- C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
---------- C:\Program Files\Dell\Media Experience\PCMService.exe
---------- C:\WINDOWS\system32\dla\tfswctrl.exe
---------- C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
---------- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
---------- C:\Program Files\Common Files\Dell\EUSW\Support.exe
---------- C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\QuickTime\qttask.exe
---------- c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
---------- C:\WINDOWS\system32\hkcmd.exe
---------- C:\WINDOWS\system32\igfxpers.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
---------- C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
---------- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
---------- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\wscntfy.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - Tue 04/28/2009|17:15
----------------------\\ Scan completed at 17:15
--------------------------------------------------------------------------------------------
OTLisit Scan
OTListIt logfile created on: 4/28/2009 5:22:03 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Tracy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 124.51 Mb Available Physical Memory | 24.41% Memory free
1.22 Gb Paging File | 0.89 Gb Available in Paging File | 72.86% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 47.63 Gb Free Space | 66.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TALLENHOME
Current User Name: Tracy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
PRC - C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
PRC - C:\Program Files\Dell\Media Experience\PCMService.exe (CyberLink Corp.)
PRC - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
PRC - C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe (TODO: <Company name>)
PRC - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
PRC - C:\Program Files\Common Files\Dell\EUSW\Support.exe (Dell)
PRC - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
PRC - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
PRC - c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe ( )
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe ()
PRC - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe ()
PRC - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe ()
PRC - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Computer, Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Tracy\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Belkin Wireless USB Network Adapter Service [Auto | Running]) -- C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe ()
SRV - (Brother XP spl Service [Auto | Running]) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPodService [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Computer, Inc.)
SRV - (navapsvc [Auto | Stopped]) -- File not found
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (Norton AntiVirus Server [Auto | Running]) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (SymWSC [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (Eacfilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\eacfilt.sys (Nortel Networks)
DRV - (EL90XBC [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\el90xbc5.sys (3Com Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (i81x [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys (Intel® Corporation)
DRV - (iAimFP0 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys (Intel® Corporation)
DRV - (iAimFP1 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys (Intel® Corporation)
DRV - (iAimFP2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys (Intel® Corporation)
DRV - (iAimFP3 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys (Intel® Corporation)
DRV - (iAimFP4 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys (Intel® Corporation)
DRV - (iAimTV0 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys (Intel® Corporation)
DRV - (iAimTV1 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys (Intel® Corporation)
DRV - (iAimTV3 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys (Intel® Corporation)
DRV - (iAimTV4 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys (Intel® Corporation)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (IPSECEXT [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ipsecw2k.sys (Nortel Networks NA, Inc.)
DRV - (IPSECSHM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ipsecw2k.sys (Nortel Networks NA, Inc.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (MxlW2k [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (NAVAP [On_Demand | Running]) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys (Symantec Corporation)
DRV - (NAVAPEL [Auto | Running]) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS (Symantec Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090428.003\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090428.003\NAVEX15.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (omci [System | Running]) -- C:\WINDOWS\System32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (RT73 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt73.sys (Ralink Technology, Corp.)
DRV - (SbcpHid [System | Running]) -- C:\WINDOWS\system32\Drivers\SbcpHid.sys ()
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (292771 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 10107 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe (Dell)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Computer, Inc.)
O4 - HKLM..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
O4 - HKLM..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [autochk] rundll32.exe C:\DOCUME~1\Tracy\protect.dll,_IWMPEvents@16 File not found
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://download.yaho...s/yinst0401.cab (YInstStarter Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1240947212468 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (cspzh.exe) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21 - SSODL: tdomgafw - {F5D5E7D6-5247-496E-A53F-E08AE715CD69} - C:\WINDOWS\tdomgafw.dll File not found
O21 - SSODL: wetkadmr - {6CD51029-0465-4438-B38E-BA967D674894} - C:\WINDOWS\wetkadmr.dll File not found
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/04/28 17:19:31 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tracy\Desktop\OTListIt2.exe
[2009/04/28 17:13:31 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/28 17:05:07 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Tracy\Desktop\Rooter.exe
[2009/04/28 16:04:49 | 00,268,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/04/28 16:04:49 | 00,027,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/04/28 15:53:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/04/28 15:51:58 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/28 15:49:15 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/28 15:44:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/04/28 15:01:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracy\Application Data\Malwarebytes
[2009/04/28 15:00:55 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/28 15:00:55 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/28 15:00:52 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/28 15:00:51 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/28 15:00:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/28 14:59:40 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tracy\Desktop\mbam-setup.exe
[2009/04/28 14:54:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/28 14:53:45 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Tracy\Desktop\NTREGOPT.lnk
[2009/04/28 14:53:45 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Tracy\Desktop\ERUNT.lnk
[2009/04/28 14:53:43 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/28 14:53:14 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Tracy\Desktop\erunt_setup.exe
[2009/04/28 14:48:40 | 00,007,180 | ---- | C] () -- C:\Documents and Settings\Tracy\Desktop\SysRestorePoint_v12.zip
[2009/04/28 14:42:46 | 00,047,078 | ---- | C] () -- C:\Documents and Settings\Tracy\Desktop\ATF-Cleaner.zip
[2009/04/28 13:24:50 | 53,482,7008 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/28 12:36:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracy\Desktop\New Folder
[2009/04/28 11:21:43 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009/04/28 11:21:43 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009/04/28 11:21:21 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/04/28 11:21:21 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009/04/28 09:46:16 | 00,000,109 | -HS- | C] () -- C:\WINDOWS\System32\2691305272.dat
[2009/04/22 20:04:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracy\My Documents\wanakee logo
[2009/04/15 02:32:20 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 02:32:20 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 02:32:20 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/15 02:32:19 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 02:32:19 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 02:32:19 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 02:32:18 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 02:31:38 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 02:31:37 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/15 02:31:36 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/11 16:51:45 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/04/11 16:51:45 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/05/16 03:01:21 | 00,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/02/25 13:25:03 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\B11gUSB.dll
[2007/02/25 13:25:01 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2006/06/25 16:03:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\BROWNIE.INI
[2006/06/25 16:03:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/06/25 16:03:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\briwm04a.ini
[2006/06/25 16:02:48 | 00,000,459 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/06/25 16:02:48 | 00,000,012 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/06/25 16:02:46 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2006/05/02 23:42:31 | 00,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2006/04/02 18:09:56 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/04 10:38:43 | 00,090,112 | R--- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[2006/02/04 10:38:39 | 00,131,072 | R--- | C] () -- C:\WINDOWS\System32\SCCD3X01.DLL
[2006/01/30 03:20:44 | 00,000,026 | ---- | C] () -- C:\WINDOWS\UpdaterDVW58E.INI
[2006/01/04 03:46:51 | 00,000,308 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/03/20 01:07:21 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/12/30 02:40:33 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/11/22 05:22:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2004/07/22 03:28:15 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/07/22 03:16:48 | 00,000,677 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/07/22 03:03:54 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/07/22 03:03:39 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/07/22 02:48:58 | 00,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/11 11:02:24 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 17:59:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 09:59:58 | 00,000,613 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2002/09/03 09:50:58 | 00,000,231 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2002/08/29 06:00:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\rpcrt3.dll
[2002/07/30 12:33:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2001/08/23 15:00:00 | 00,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[1980/01/01 01:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== Files - Modified Within 30 Days ==========
[7 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/28 17:19:36 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tracy\Desktop\OTListIt2.exe
[2009/04/28 17:19:22 | 00,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/04/28 17:05:28 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/28 17:05:28 | 00,381,692 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/04/28 17:05:28 | 00,053,436 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/04/28 17:05:09 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Tracy\Desktop\Rooter.exe
[2009/04/28 17:03:54 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/28 17:00:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/28 17:00:47 | 53,482,7008 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/28 17:00:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/04/28 16:29:30 | 00,000,012 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2009/04/28 15:55:42 | 00,000,076 | -HS- | M] () -- C:\Documents and Settings\Tracy\My Documents\DESKTOP.INI
[2009/04/28 15:53:12 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/28 15:43:07 | 00,000,613 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/04/28 15:37:11 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/04/28 15:24:26 | 04,315,336 | -H-- | M] () -- C:\Documents and Settings\Tracy\Local Settings\Application Data\IconCache.db
[2009/04/28 15:00:55 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/28 14:59:40 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tracy\Desktop\mbam-setup.exe
[2009/04/28 14:53:45 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Tracy\Desktop\NTREGOPT.lnk
[2009/04/28 14:53:45 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Tracy\Desktop\ERUNT.lnk
[2009/04/28 14:53:16 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Tracy\Desktop\erunt_setup.exe
[2009/04/28 14:48:40 | 00,007,180 | ---- | M] () -- C:\Documents and Settings\Tracy\Desktop\SysRestorePoint_v12.zip
[2009/04/28 14:42:47 | 00,047,078 | ---- | M] () -- C:\Documents and Settings\Tracy\Desktop\ATF-Cleaner.zip
[2009/04/28 13:17:36 | 00,003,570 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/04/28 12:19:32 | 00,000,677 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/28 09:49:46 | 00,000,109 | -HS- | M] () -- C:\WINDOWS\System32\2691305272.dat
[2009/04/11 16:53:23 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/11 16:51:45 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/04/11 16:51:45 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >
-----------------------------------------------------------------
OTListIt Extras logfile created on: 4/28/2009 5:22:03 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Tracy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 124.51 Mb Available Physical Memory | 24.41% Memory free
1.22 Gb Paging File | 0.89 Gb Available in Paging File | 72.86% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 47.63 Gb Free Space | 66.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TALLENHOME
Current User Name: Tracy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"16856:TCP" = 16856:TCP:*:Enabled:PORT_16856
"41558:TCP" = 41558:TCP:*:Enabled:PORT_41558
"17469:TCP" = 17469:TCP:*:Enabled:PORT_17469
"28395:TCP" = 28395:TCP:*:Enabled:PORT_28395
"35836:TCP" = 35836:TCP:*:Enabled:PORT_35836
"32056:TCP" = 32056:TCP:*:Enabled:PORT_32056
"25974:TCP" = 25974:TCP:*:Enabled:PORT_25974
"28896:TCP" = 28896:TCP:*:Enabled:PORT_28896
"30469:TCP" = 30469:TCP:*:Enabled:PORT_30469
"21809:TCP" = 21809:TCP:*:Enabled:PORT_21809
"5116:TCP" = 5116:TCP:*:Enabled:PORT_5116
"16301:TCP" = 16301:TCP:*:Enabled:PORT_16301
"56290:TCP" = 56290:TCP:*:Enabled:PORT_56290
"35558:TCP" = 35558:TCP:*:Enabled:PORT_35558
"63804:TCP" = 63804:TCP:*:Enabled:PORT_63804
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 File not found
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer File not found
C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server (Yahoo! Inc.)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 File not found
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player Application (Apple Computer, Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Computer, Inc.)
C:\Program Files\Nortel Networks\Extranet.exe:*:Enabled:Contivity VPN Client (Nortel Networks NA, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}" = Symantec AntiVirus Client
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{17F6CD67-0E9D-4C4B-8F49-17F081092AE2}" = Better Homes and Gardens Interior Designer 7.0
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{38DFF723-C0B1-44AB-A927-62EDB033908F}" = Belkin 54g USB Network Adapter
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{59C4F14F-7590-45FC-BE9F-A67AB3590709}" = iTunes
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{EF964A78-078C-11D1-B7A7-0000C0134CE6}" = Nortel Networks Contivity VPN Client
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"AOL Instant Messenger" = AOL Instant Messenger
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{59C4F14F-7590-45FC-BE9F-A67AB3590709}" = iTunes
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"LiveUpdate" = LiveUpdate 2.5 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MPEG4 Direct Maker" = MPEG4 Direct Maker
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealVNC_is1" = VNC Free Edition 4.1.2
"Shockwave" = Shockwave
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/28/2009 9:58:43 AM | Computer Name = TALLENHOME | Source = Application Hang | ID = 1002
Description = Hanging application Rtvscan.exe, version 8.0.0.9374, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/28/2009 10:39:18 AM | Computer Name = TALLENHOME | Source = Application Hang | ID = 1002
Description = Hanging application TeaTimer.exe, version 1.6.3.25, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/28/2009 1:38:10 PM | Computer Name = TALLENHOME | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Trojan.ByteVerify in File: C:\Documents and
Settings\Tracy\Application Data\Sun\Java\Deployment\cache\6.0\22\74018dd6-535fec85>>OP.class
by: Manual scan. Action: Clean failed : Quarantine succeeded : Virus Found!Virus
name: in File: C:\Documents and Settings\Tracy\Application Data\Sun\Java\Deployment\cache\6.0\22\74018dd6-535fec85
by: Manual scan. Action: Clean failed : Quarantine succeeded : Virus Found!Virus
name: Trojan Horse in File: C:\Documents and Settings\Tracy\Application Data\Sun\Java\Deployment\cache\6.0\52\1c9644b4-631d21e0>>vmain.class
by: Manual scan. Action: Clean failed : Quarantine succeeded : Virus Found!Virus
name: in File: C:\Documents and Settings\Tracy\Application Data\Sun\Java\Deployment\cache\6.0\52\1c9644b4-631d21e0
by: Manual scan. Action: Clean failed : Quarantine succeeded :
Error - 4/28/2009 2:17:35 PM | Computer Name = TALLENHOME | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Trojan Horse in File: C:\Documents and Settings\Tracy\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d3811e3-509b5189.zip>>vmain.class
by: Manual scan. Action: Clean failed : Quarantine succeeded : Virus Found!Virus
name: in File: C:\Documents and Settings\Tracy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d3811e3-509b5189.zip
by: Manual scan. Action: Clean failed : Quarantine succeeded : Virus Found!Virus
name: Trojan.ByteVerify in File: C:\Documents and Settings\Tracy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\OP.jar-52b9c4dc-7eefba88.zip>>OP.class
by: Manual scan. Action: Clean failed : Quarantine succeeded : Virus Found!Virus
name: in File: C:\Documents and Settings\Tracy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\OP.jar-52b9c4dc-7eefba88.zip
by: Manual scan. Action: Clean failed : Quarantine succeeded :
Error - 4/28/2009 2:29:19 PM | Computer Name = TALLENHOME | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Trojan.Patchep!inf in File: C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
by: Manual scan. Action: Clean succeeded : Virus Found!Virus name: Trojan.Patchep!inf
in File: C:\WINDOWS\$NtServicePackUninstall$\lsass.exe by: Manual scan. Action:
Clean succeeded : Virus Found!Virus name: Trojan.Patchep!inf in File: C:\WINDOWS\$NtServicePackUninstall$\services.exe
by: Manual scan. Action: Clean succeeded : Virus Found!Virus name: Trojan.Patchep!inf
in File: C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe by: Manual scan. Action:
Clean succeeded : Virus Found!Virus name: Trojan.Patchep!inf in File: C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
by: Manual scan. Action: Clean succeeded :
Error - 4/28/2009 3:55:50 PM | Computer Name = TALLENHOME | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.
Error - 4/28/2009 4:14:23 PM | Computer Name = TALLENHOME | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.
Error - 4/28/2009 4:36:54 PM | Computer Name = TALLENHOME | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.
Error - 4/28/2009 5:01:01 PM | Computer Name = TALLENHOME | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.
Error - 4/28/2009 5:21:48 PM | Computer Name = TALLENHOME | Source = Application Hang | ID = 1002
Description = Hanging application OTListIt2.exe, version 2.0.14.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 4/28/2009 3:01:43 PM | Computer Name = TALLENHOME | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.
Error - 4/28/2009 3:25:45 PM | Computer Name = TALLENHOME | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.
Error - 4/28/2009 3:27:00 PM | Computer Name = TALLENHOME | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto Protect Service service failed to start
due to the following error: %%3
Error - 4/28/2009 3:27:00 PM | Computer Name = TALLENHOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
agp440
Error - 4/28/2009 3:56:23 PM | Computer Name = TALLENHOME | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto Protect Service service failed to start
due to the following error: %%3
Error - 4/28/2009 4:14:58 PM | Computer Name = TALLENHOME | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto Protect Service service failed to start
due to the following error: %%3
Error - 4/28/2009 4:37:32 PM | Computer Name = TALLENHOME | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto Protect Service service failed to start
due to the following error: %%3
Error - 4/28/2009 5:01:33 PM | Computer Name = TALLENHOME | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 4/28/2009 5:01:33 PM | Computer Name = TALLENHOME | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 4/28/2009 5:01:37 PM | Computer Name = TALLENHOME | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto Protect Service service failed to start
due to the following error: %%3
< End of report >
Edited by akabrek, 28 April 2009 - 05:44 PM.