I have been having trouble with my internet for roughly 2 weeks now. I have been downloading files through a (do I dare say?) P2P network and seem to be downloading more than the actual file size by quite a substantial amount. The actual files aren't corrupt as they aren't reporting any bad dropping of rubbish data. I am talking like an extra 200mb on a 300mb file.
I haven't had trouble with this before so it is quite puzzling that it has recently just started. I have run Malwarebytes, adaware, super anti-spyware and avast! but it hasn't solved the problem. I believe it could be caused by some sort of malicious program as the only other solution I can think of is my ISP doing the dodgy. Can anyone please assist me with this problem? Any help with this is greatly appreciated.
Here is the Rooter log:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:114431 Mo/Free:2940 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:305242 Mo/Free:2853 Mo)
01/05/2009|22:24
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
---------- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
---------- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
---------- C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
---------- C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
---------- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
---------- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
---------- C:\WINDOWS\system32\Tablet.exe
---------- C:\Program Files\Windows Media Player\WMPNetwk.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
---------- C:\Program Files\Logitech\iTouch\iTouch.exe
---------- C:\Program Files\DAEMON Tools\daemon.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
---------- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
---------- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
---------- C:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- C:\WINDOWS\system32\WTablet\TabUserW.exe
---------- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
---------- C:\Program Files\MagicDisc\MagicDisc.exe
---------- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
---------- C:\Program Files\Windows Live\Messenger\usnsvc.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - 01/05/2009|22:14
2 - "C:\Rooter$\Rooter_2.txt" - 01/05/2009|22:19
3 - "C:\Rooter$\Rooter_3.txt" - 01/05/2009|22:26
----------------------\\ Scan completed at 22:26
Here is the OTListIt logs:
OTListIt logfile created on: 01/05/2009 10:26:50 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.1 Folder = C:\Documents and Settings\Jbone\Desktop\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: dd/MM/yyyy
1023.48 Mb Total Physical Memory | 494.79 Mb Available Physical Memory | 48.34% Memory free
2.40 Gb Paging File | 1.92 Gb Available in Paging File | 80.02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 26.87 Gb Free Space | 24.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 298.09 Gb Total Space | 230.79 Gb Free Space | 77.42% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: AMDXP3300
Current User Name: Jbone
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (Logitech, Inc.)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
PRC - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe ()
PRC - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe ()
PRC - C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe ()
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
PRC - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Jbone\Desktop\Downloads\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (Autodesk Licensing Service [Auto | Running]) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Stopped]) -- File not found
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LBTServ [Auto | Running]) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (Logitech, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
SRV - (Logitech Easy Synchronization [Auto | Running]) -- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe ()
SRV - (mi-raysat_3dsmax8 [Auto | Running]) -- C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe ()
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SbPF.Launcher [Auto | Running]) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
SRV - (SPF4 [Auto | Running]) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
SRV - (Symantec Core LC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (TabletService [Auto | Running]) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
SRV - (usnjsvc [On_Demand | Running]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (wampapache [On_Demand | Stopped]) -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe (Apache Software Foundation)
SRV - (wampmysqld [On_Demand | Stopped]) -- c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe ()
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ASPI [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ASPI32.sys (Adaptec)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (btwhid [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btwhid.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (DFUBTUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\frmupgr.sys (Broadcom Corporation.)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\dtscsi.sys ()
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Gmer [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER)
DRV - (itchfltr [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\itchfltr.sys (Logitech, Inc.)
DRV - (L8042Kbd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (L8042mou [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\L8042mou.Sys (Logitech, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (ndiscm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NetMotCM.sys (Motorola Inc.)
DRV - (nvatabus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (nvax [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\nvax.sys (NVIDIA Corporation)
DRV - (NVENET [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENET.sys (NVIDIA Corporation)
DRV - (nvidesm [Boot | Running]) -- C:\WINDOWS\system32\drivers\nvidesm.sys (NVIDIA Corporation)
DRV - (nvnforce [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\nvapu.sys (NVIDIA Corporation)
DRV - (nv_agp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys (NVIDIA Corporation)
DRV - (pavboot [Boot | Running]) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PenClass [Boot | Running]) -- C:\WINDOWS\system32\Drivers\PenClass.sys (Wacom Technology Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SbFw [System | Running]) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (SBFWIMCL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\sbfwim.sys (Sunbelt Software, Inc.)
DRV - (sbhips [System | Running]) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfdrv01 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfsync02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfsync04 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV - (sfvfs02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (vsbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\vsb.sys (ELTIMA Software)
DRV - (vserial [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\vserial.sys (ELTIMA Software)
DRV - (WBHWDOCT [Auto | Running]) -- C:\WINDOWS\System32\drivers\Wbhwdoct.sys (Winbond Electronics Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.90
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}:1.2.211
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\FIREFOX [2007/02/25 08:21:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/17 17:02:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 06:50:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 06:50:50 | 00,000,000 | ---D | M]
[2009/04/19 05:03:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Extensions
[2008/08/29 11:23:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/19 05:03:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Extensions\[email protected]
[2009/05/01 00:15:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions
[2008/08/29 11:24:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/11/30 13:20:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\{DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}
[2009/04/30 16:52:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2008/10/02 13:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\[email protected]
[2008/05/29 11:21:30 | 00,001,944 | ---- | M] () -- C:\Documents and Settings\Jbone\Application Data\Mozilla\FireFox\Profiles\iuxiycri.default\searchplugins\live-search.xml
[2009/05/01 00:15:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 06:50:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/04/17 20:53:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/18 09:35:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/17 18:55:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/17 17:05:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/11/17 17:45:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/17 17:02:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/11 16:17:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 06:50:43 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 06:50:43 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/08/29 11:22:41 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/08/29 11:22:41 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/08/29 11:22:41 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/13 15:31:35 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/08/29 11:22:41 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/08/29 11:22:41 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/08/29 11:22:41 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (698 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2E608F70-C430-4BC5-96F6-608E02EBA5B2} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz File not found
O4 - HKCU..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (Siber Systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\Jbone\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html File not found
O8 - Extra context menu item: Google AdSense Preview Tool - http://pagead2.googl...en/preview.html File not found
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html File not found
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - File not found
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - File not found
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - File not found
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - File not found
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - File not found
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 23 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1153292679000 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoft...free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} http://support.f-sec.../ols3/fscax.cab (F-Secure Online Scanner 3.0)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {FE24CD78-7C63-465D-8787-4EDF7FC79895} - C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/24 07:29:26 | 00,000,033 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0f6d0dc2-41a7-11da-86c6-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{0f6d0dc2-41a7-11da-86c6-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f6d0dc2-41a7-11da-86c6-806d6172696f}\Shell\AutoRun\command - "" = E:\Autorun.exe root.ini -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\DOCUME~1\Jbone\Desktop\CANU07N9.
[2009/05/01 22:12:29 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/01 17:41:06 | 00,001,523 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Vuze.lnk
[2009/05/01 17:40:32 | 00,000,000 | ---D | C] -- C:\Program Files\Vuze
[2009/05/01 00:48:21 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jbone\My Documents\Azureus Downloads
[2009/04/30 16:52:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/04/30 16:52:24 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/04/30 16:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jbone\Application Data\Azureus
[2009/04/29 20:44:17 | 00,000,714 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/29 20:44:16 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/29 20:44:08 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/29 20:44:05 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/28 23:04:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jbone\Desktop\HeadFirst Scripts
[2009/04/20 09:30:23 | 00,027,648 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\Need A Small Business Website Design.doc
[2009/04/19 05:07:38 | 00,000,656 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\Shortcut to celtx.exe.lnk
[2009/04/19 05:03:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jbone\Application Data\Greyfirst
[2009/04/19 05:03:37 | 00,001,510 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Celtx.lnk
[2009/04/19 05:03:31 | 00,000,000 | ---D | C] -- C:\Program Files\Celtx
[2009/04/19 04:58:43 | 15,532,310 | ---- | C] (Greyfirst) -- C:\DOCUME~1\Jbone\Desktop\CeltxSetup.exe
[2009/04/19 03:18:11 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFCANS32.DLL
[2009/04/19 03:18:10 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscal.ocx
[2009/04/19 03:18:10 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GAPI32.DLL
[2009/04/17 04:23:22 | 00,017,920 | -HS- | C] () -- C:\DOCUME~1\Jbone\Desktop\Thumbs.db
[2009/04/16 03:05:06 | 00,000,150 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/04/15 10:19:00 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 10:19:00 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 10:19:00 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 10:19:00 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 10:19:00 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 10:19:00 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 10:19:00 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 10:18:59 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 10:18:59 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/13 17:01:42 | 00,369,664 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\hlm.doc
[2009/04/12 19:02:14 | 00,005,436 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\vwap.cpp
[2009/04/12 18:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jbone\Application Data\PE Explorer
[2009/04/10 20:43:40 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/10 00:00:01 | 00,002,359 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\NinjaTrader 6.5.lnk
[2009/04/09 23:59:45 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jbone\My Documents\NinjaTrader Backup
[2009/04/09 23:59:44 | 00,000,000 | ---D | C] -- C:\Program Files\NinjaTrader 6.5
[2009/04/09 23:55:50 | 00,228,424 | ---- | C] (NinjaTrader, LLC) -- C:\DOCUME~1\Jbone\Desktop\setup.exe
[2009/04/06 17:18:07 | 00,000,437 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\webroot.lnk
[2009/04/06 16:57:49 | 00,000,507 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\WampServer.lnk
[2009/04/06 16:55:19 | 00,000,000 | ---D | C] -- C:\wamp
[2009/04/05 17:36:01 | 16,953,377 | ---- | C] (Romain Bourdon (Roms) ) -- C:\DOCUME~1\Jbone\Desktop\WampServer2.0g-1.exe
[2009/04/05 17:23:54 | 00,000,000 | ---D | C] -- C:\Program Files\PHP
[2009/04/05 17:16:30 | 00,000,000 | ---D | C] -- C:\Program Files\Apache Software Foundation
[2009/03/19 06:11:44 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\NtDirect.dll
[2008/12/31 16:04:42 | 00,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/07/17 23:02:22 | 00,000,485 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/07/05 20:14:48 | 00,456,192 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/07/05 20:14:44 | 03,591,168 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/07/05 20:13:16 | 00,708,096 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/06/25 15:09:50 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/06/23 02:34:00 | 00,177,664 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/06/13 20:39:38 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/06/13 03:36:38 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/05/31 21:44:52 | 00,000,029 | ---- | C] () -- C:\WINDOWS\Battle.ini
[2008/05/22 16:59:15 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\lgbskin.dll
[2008/05/22 16:59:15 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\lgbTrace.dll
[2007/10/10 21:16:51 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\G32_rkey.dll
[2007/09/08 10:48:38 | 00,000,086 | ---- | C] () -- C:\WINDOWS\NavWin.INI
[2007/09/08 10:36:03 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\G32_TICK.DLL
[2007/09/08 04:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/08 04:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/07 04:04:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/07 04:01:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/09/04 16:49:35 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\proxydll.dll
[2007/09/04 16:49:35 | 00,000,511 | ---- | C] () -- C:\WINDOWS\winros.ini
[2007/09/04 16:49:35 | 00,000,144 | ---- | C] () -- C:\WINDOWS\reader.Ini
[2007/09/04 16:49:35 | 00,000,071 | ---- | C] () -- C:\WINDOWS\WinSig.Ini
[2007/07/26 13:05:54 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\Wbcdflsh.dll
[2007/07/11 01:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/06/21 11:32:31 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xcon.dll
[2007/02/01 12:33:59 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2006/11/29 22:24:10 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/09/23 11:03:57 | 00,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2006/09/23 11:03:57 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2006/09/23 11:03:57 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2006/07/11 18:49:03 | 00,000,666 | ---- | C] () -- C:\WINDOWS\Tcd_a579b07e.ini
[2006/07/04 21:14:20 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2006/07/04 11:11:15 | 00,001,200 | -HS- | C] () -- C:\WINDOWS\System32\qqtss.ini
[2006/07/03 19:13:42 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2006/04/20 12:39:02 | 00,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/04/20 12:36:04 | 00,000,041 | ---- | C] () -- C:\WINDOWS\CDE CX4700EC.ini
[2006/02/23 21:18:09 | 00,024,721 | ---- | C] () -- C:\WINDOWS\System32\lap20nh3l4dkszi4a.dll
[2006/02/23 21:18:09 | 00,024,702 | ---- | C] () -- C:\WINDOWS\System32\xkh1udoe84fkszi4a.dll
[2006/02/23 21:18:09 | 00,017,137 | ---- | C] () -- C:\WINDOWS\System32\qke3kixfeflkszi4a.dll
[2006/01/04 16:31:10 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/17 11:11:56 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005/12/08 14:42:47 | 00,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2005/12/08 14:40:54 | 00,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2005/12/08 14:40:54 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd1709.sys
[2005/11/25 19:56:21 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/10/24 15:52:34 | 00,015,744 | ---- | C] () -- C:\WINDOWS\System32\Wintab.dll
[2005/10/20 21:34:24 | 00,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2005/10/20 21:34:06 | 00,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/07/04 01:41:37 | 00,041,984 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2005/07/04 01:41:24 | 00,095,744 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2005/07/04 01:41:08 | 00,055,808 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2005/07/02 03:10:26 | 00,334,848 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2005/06/30 02:36:41 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005/06/30 02:28:39 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2005/06/30 02:28:00 | 00,074,240 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2005/06/30 02:27:21 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2005/06/30 02:27:17 | 00,162,816 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2005/06/30 02:26:55 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2005/06/30 02:25:36 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2005/06/30 02:25:22 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2005/06/30 02:19:32 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005/02/17 22:31:58 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/02/17 22:31:57 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005/02/17 11:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 11:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/12/20 21:08:28 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 21:03:26 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/12/10 15:34:15 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\cogslan.dll
[2004/11/25 04:25:52 | 00,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2004/10/04 02:50:54 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/09/24 19:10:48 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004/09/24 19:09:58 | 01,040,384 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2004/09/24 19:09:56 | 01,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2004/09/24 19:09:42 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2004/08/04 22:00:00 | 00,000,862 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 22:00:00 | 00,000,284 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/07/26 21:12:52 | 00,166,912 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004/04/26 09:03:44 | 00,229,376 | ---- | C] () -- C:\WINDOWS\System32\sdl.dll
[2003/02/02 19:06:02 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/07 05:42:58 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/05/18 08:18:30 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/03/06 00:00:00 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000/10/25 17:15:00 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll
========== Files - Modified Within 30 Days ==========
[2 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
File not found -- C:\DOCUME~1\Jbone\Desktop\CANU07N9.
[2009/05/01 22:11:02 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\Jbone\My Documents\My Sharing Folders.lnk
[2009/05/01 20:52:44 | 00,012,669 | ---- | M] () -- C:\WINDOWS\System32\tablet.dat
[2009/05/01 20:52:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/01 20:52:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/01 20:52:14 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/01 20:50:44 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/01 20:50:11 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Jbone\Local Settings\desktop.ini
[2009/05/01 17:41:06 | 00,001,523 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Vuze.lnk
[2009/04/30 16:01:04 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/29 20:44:17 | 00,000,714 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/29 09:08:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/24 07:26:00 | 00,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/04/24 07:25:59 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/04/24 05:31:33 | 00,017,920 | -HS- | M] () -- C:\DOCUME~1\Jbone\Desktop\Thumbs.db
[2009/04/20 09:30:23 | 00,027,648 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\Need A Small Business Website Design.doc
[2009/04/19 15:39:22 | 00,002,137 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/04/19 05:07:38 | 00,000,656 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\Shortcut to celtx.exe.lnk
[2009/04/19 05:03:37 | 00,001,510 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Celtx.lnk
[2009/04/19 05:01:11 | 15,532,310 | ---- | M] (Greyfirst) -- C:\DOCUME~1\Jbone\Desktop\CeltxSetup.exe
[2009/04/16 18:33:08 | 00,369,664 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\hlm.doc
[2009/04/16 03:40:04 | 00,448,708 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/16 03:40:03 | 00,530,218 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/16 03:40:03 | 00,075,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/16 03:06:05 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 03:05:06 | 00,000,150 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/04/16 03:03:09 | 00,000,862 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/12 19:02:14 | 00,005,436 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\vwap.cpp
[2009/04/10 20:41:57 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/04/10 20:41:56 | 00,000,284 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/10 01:02:44 | 00,002,359 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\NinjaTrader 6.5.lnk
[2009/04/09 23:55:51 | 00,228,424 | ---- | M] (NinjaTrader, LLC) -- C:\DOCUME~1\Jbone\Desktop\setup.exe
[2009/04/08 23:36:02 | 00,000,512 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\Ensign Windows.lnk
[2009/04/07 00:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/06 17:19:22 | 00,000,437 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\webroot.lnk
[2009/04/06 16:57:49 | 00,000,507 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\WampServer.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/05 17:36:25 | 16,953,377 | ---- | M] (Romain Bourdon (Roms) ) -- C:\DOCUME~1\Jbone\Desktop\WampServer2.0g-1.exe
< End of report >
OTListIt Extras logfile created on: 01/05/2009 10:26:50 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.1 Folder = C:\Documents and Settings\Jbone\Desktop\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: dd/MM/yyyy
1023.48 Mb Total Physical Memory | 494.79 Mb Available Physical Memory | 48.34% Memory free
2.40 Gb Paging File | 1.92 Gb Available in Paging File | 80.02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 26.87 Gb Free Space | 24.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 298.09 Gb Total Space | 230.79 Gb Free Space | 77.42% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: AMDXP3300
Current User Name: Jbone
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Autodesk\backburner\monitor.exe:*:Enabled:backburner 2.3 monitor File not found
C:\Program Files\Autodesk\backburner\manager.exe:*:Enabled:backburner 2.3 manager File not found
C:\Program Files\Autodesk\backburner\server.exe:*:Enabled:backburner 2.3 server File not found
C:\Program Files\Autodesk\3dsMax8\3dsmax.exe:*:Enabled:Autodesk 3ds Max 8 (Autodesk, Inc.)
C:\Program Files\Telstra\Cable Login\bpcable.exe:*:Enabled:BigPond Cable Client File not found
C:\Program Files\Telstra\Cable Login\bpcService.exe:*:Enabled:BigPond Cable Client (running as a service) File not found
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox (Yahoo! Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{03EA3D6E-D92B-11D0-892B-00A0C91827B3}" = DM Client
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1116FD69-3C49-BE9A-C206-E8BA26CCA10F}" = CCC Help English
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{123D74B2-4F4F-4056-8313-5F1C9FEE332E}" = Xara Menu Maker 1.0
"{16FE2579-06B2-3E32-58F2-4B70B69A3070}" = ccc-core-preinstall
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EB21F28-E3AF-A317-4658-6C0C455C2F61}" = Catalyst Control Center Core Implementation
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 13
"{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3975CBD8-A8DF-4748-9350-8592DD9D67F6}" = Menu Maker Dreamweaver Extension 1.0.0
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{4539D65F-319C-416F-A17F-827110F4CE22}" = NinjaTrader 6.5
"{46D9C523-FABB-FFF1-321D-F493A68E2C3E}" = Catalyst Control Center Graphics Previews Common
"{47813E93-F2A0-484A-838E-47EC1B28D190}" = Adobe Stock Photos 1.0
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{57D32909-FCA8-A78B-2AD2-2A50F5E11858}" = ccc-core-static
"{57EA735B-4F1D-9FC5-6A36-B0C0F1D704FE}" = Catalyst Control Center Graphics Light
"{5EE65592-88FD-48AA-98CA-EE9BDB1FF518}" = LG PhoneManager
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6E524C61-42EC-11D5-98E1-0050BA0133AC}" = Hardware Doctor
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7ABAB858-8465-4E94-8D7A-8CE226E492D4}" = Xara Online Dreamweaver Extension
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EADB65C-70E8-4C94-AD0A-221462D41A85}" = Camtasia Studio 5
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82A26C9D-FB57-475E-88CC-7E44FC20CBE7}" = LG Internetkit
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{86844E31-42CC-49C8-B647-7213009F4719}" = Diagnostic Tool for the Microsoft VM
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0383B7D-81A2-49D3-BE06-C0FD9EFB9DFC}" = Corel Painter IX
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8C2ECC8-BB15-11D6-B91C-00C04F689AB6}" = Australian Phonedisc
"{AC134D03-97F1-45B9-B32A-52E885AFA895}" = Mobile Phone Suite Easy Synchronization
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life® 2
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}" = RssReader
"{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBB313D6-4B13-4961-BD5F-673CDA1793CC}" = Autodesk 3ds Max 8
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE31F8AA-B12D-3A38-E561-C657EED45465}" = Catalyst Control Center Graphics Full Existing
"{E0343A4C-2FFD-4CCB-B0EB-5DE9F0E2A083}" = LS_HSI
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6EB53D4-5AD0-07F0-2DAC-0A2D624DF39D}" = ccc-utility
"{E74CC47C-28D3-25E1-14D2-68EBC87C31BA}" = Skins
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E989FC1C-0643-4F54-A04E-828CC1D5BD73}" = TransActAT
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F251B61F-9D18-13C4-02EE-71A36343D442}" = Catalyst Control Center Graphics Full New
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FB3BE405-6BF0-490A-84B3-00611385EA0D}" = Common-Use Signing Interface
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD25152-1916-4744-BAAF-F2D2EBF38284}" = LG SyncManager
"[email protected] ISO Burner v 1.1" = [email protected] ISO Burner v 1.1
"ActiveScan 2.0" = Panda ActiveScan 2.0
"ActiveTouchMeetingClient" = WebEx
"Ad-Aware SE Professional" = Ad-Aware SE Professional
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"AI RoboForm" = AI RoboForm (All Users)
"All ATI Software" = ATI - Software Uninstall Utility
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast!" = avast! Antivirus
"BitLord" = BitLord 1.1
"CCleaner" = CCleaner (remove only)
"Celtx (2.0)" = Celtx (2.0)
"CleanUp!" = CleanUp!
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced)
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"Common-Use Signing Interface" = Common-Use Signing Interface
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.7
"DC++" = DC++ 0.699
"EDS_is1" = EDS 2.0
"Ensign Windows" = Ensign Windows
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ESCX4700_4100 User's Guide" = ESCX4700_4100 User's Guide
"Excel Key Demo" = Excel Key 7.9 Demo
"FinePrint" = FinePrint
"GameArena The Arena" = GameArena The Arena
"GENEUIDE" = USB Storage Driver
"getPlus®_dll" = getPlus®_dll
"GSpot" = GSpot Codec Information Appliance
"Icon Edit_is1" = Icon Edit 2.1.9
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"IQFeed Client" = IQFeed Client 4.4.0.3
"Live Bid Control Kit Setup" = Live Bid Control Kit Setup
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"MagicDisc 2.7.97" = MagicDisc 2.7.97
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MOV Booster Pack" = River Past MOV Booster Pack
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OEC Trader Demo_is1" = OEC Trader Demo 3.3
"oggcodecs" = oggcodecs 0.71.0946
"Panda ActiveScan" = Panda ActiveScan
"Passware Kit Enterprise" = Passware Kit Enterprise 7.5
"PDFCreator Toolbar" = PDFCreator Toolbar
"pdfFactory" = pdfFactory
"PIAFpu" = PIAFpu
"RealPlayer 6.0" = RealPlayer
"Screen Recorder Pro" = River Past Screen Recorder Pro
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype 2.5
"ST6UNST #1" = Calmlink
"SystemRequirementsLab" = System Requirements Lab
"Tablet Driver" = Tablet
"Tiks Texas Hold Em" = Tiks Texas Hold Em
"Video Cleaner" = River Past Video Cleaner
"Video Cleaner Pro" = River Past Video Cleaner Pro
"Vuze" = Vuze
"WampServer 2_is1" = WampServer 2.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 24/06/2008 2:07:27 AM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 24/06/2008 2:07:27 AM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 07/04/2009 4:04:36 PM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.
Error - 09/04/2009 9:45:20 PM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.
[ Application Events ]
Error - 25/02/2009 3:10:15 AM | Computer Name = AMDXP3300 | Source = MsiInstaller | ID = 11316
Description = Product: Autodesk 3ds Max 8 -- Error 1316. A network error occurred
while attempting to read from the file: C:\WINDOWS\Installer\3dsMax8.msi
Error - 25/02/2009 3:10:52 AM | Computer Name = AMDXP3300 | Source = MsiInstaller | ID = 11316
Description = Product: Autodesk 3ds Max 8 -- Error 1316. A network error occurred
while attempting to read from the file: C:\WINDOWS\Installer\3dsMax8.msi
Error - 05/03/2009 12:00:32 PM | Computer Name = AMDXP3300 | Source = MsiInstaller | ID = 11316
Description = Product: Windows Live Sign-in Assistant -- Error 1316. A network error
occurred while attempting to read from the file: C:\WINDOWS\TEMP\IXP000.TMP\Install_{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}.msi
Error - 12/03/2009 8:54:00 AM | Computer Name = AMDXP3300 | Source = Application Error | ID = 1000
Description = Faulting application ensign.exe, version 2009.3.11.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.
Error - 15/03/2009 12:04:04 PM | Computer Name = AMDXP3300 | Source = Application Hang | ID = 1002
Description = Hanging application ShowTime.exe, version 2.0.0.18, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 14/04/2009 12:04:49 PM | Computer Name = AMDXP3300 | Source = Application Error | ID = 1000
Description = Faulting application eds.exe, version 1.0.0.1, faulting module eds.exe,
version 1.0.0.1, fault address 0x0000181d.
Error - 28/04/2009 4:51:27 PM | Computer Name = AMDXP3300 | Source = Application Hang | ID = 1002
Description = Hanging application Dreamweaver.exe, version 9.0.0.3453, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 30/04/2009 3:55:36 AM | Computer Name = AMDXP3300 | Source = Application Error | ID = 1000
Description = Faulting application illustrator.exe, version 12.1.128.0, faulting
module illustrator.exe, version 12.1.128.0, fault address 0x0042203f.
Error - 30/04/2009 12:42:47 PM | Computer Name = AMDXP3300 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8217.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 30/04/2009 12:44:31 PM | Computer Name = AMDXP3300 | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
[ System Events ]
Error - 01/05/2009 6:48:07 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 01/05/2009 6:48:07 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 01/05/2009 6:52:34 AM | Computer Name = AMDXP3300 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 01/05/2009 7:24:41 AM | Computer Name = AMDXP3300 | Source = Dhcp | ID = 1002
Description = The IP address lease 58.161.67.40 for the Network Card with network
address 00508D4C388E has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).
Error - 01/05/2009 7:25:03 AM | Computer Name = AMDXP3300 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.100.11 for the Network Card with network
address 00508D4C388E has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).
Error - 01/05/2009 8:10:50 AM | Computer Name = AMDXP3300 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
< End of report >
Sign In
Create Account
