Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trouble With Internet Connection Inconsistencies


  • Please log in to reply

#1
jbone

jbone

    Member

  • Member
  • PipPip
  • 22 posts
Hey folks,

I have been having trouble with my internet for roughly 2 weeks now. I have been downloading files through a (do I dare say?) P2P network and seem to be downloading more than the actual file size by quite a substantial amount. The actual files aren't corrupt as they aren't reporting any bad dropping of rubbish data. I am talking like an extra 200mb on a 300mb file.

I haven't had trouble with this before so it is quite puzzling that it has recently just started. I have run Malwarebytes, adaware, super anti-spyware and avast! but it hasn't solved the problem. I believe it could be caused by some sort of malicious program as the only other solution I can think of is my ISP doing the dodgy. Can anyone please assist me with this problem? Any help with this is greatly appreciated.

Here is the Rooter log:

Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:114431 Mo/Free:2940 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:305242 Mo/Free:2853 Mo)

01/05/2009|22:24

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
---------- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
---------- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
---------- C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
---------- C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
---------- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
---------- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
---------- C:\WINDOWS\system32\Tablet.exe
---------- C:\Program Files\Windows Media Player\WMPNetwk.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
---------- C:\Program Files\Logitech\iTouch\iTouch.exe
---------- C:\Program Files\DAEMON Tools\daemon.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
---------- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
---------- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
---------- C:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- C:\WINDOWS\system32\WTablet\TabUserW.exe
---------- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
---------- C:\Program Files\MagicDisc\MagicDisc.exe
---------- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
---------- C:\Program Files\Windows Live\Messenger\usnsvc.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - 01/05/2009|22:14
2 - "C:\Rooter$\Rooter_2.txt" - 01/05/2009|22:19
3 - "C:\Rooter$\Rooter_3.txt" - 01/05/2009|22:26

----------------------\\ Scan completed at 22:26

Here is the OTListIt logs:

OTListIt logfile created on: 01/05/2009 10:26:50 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.1 Folder = C:\Documents and Settings\Jbone\Desktop\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: dd/MM/yyyy

1023.48 Mb Total Physical Memory | 494.79 Mb Available Physical Memory | 48.34% Memory free
2.40 Gb Paging File | 1.92 Gb Available in Paging File | 80.02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 26.87 Gb Free Space | 24.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 298.09 Gb Total Space | 230.79 Gb Free Space | 77.42% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AMDXP3300
Current User Name: Jbone
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (Logitech, Inc.)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
PRC - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe ()
PRC - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe ()
PRC - C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe ()
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
PRC - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Jbone\Desktop\Downloads\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (Autodesk Licensing Service [Auto | Running]) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Stopped]) -- File not found
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LBTServ [Auto | Running]) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (Logitech, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
SRV - (Logitech Easy Synchronization [Auto | Running]) -- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe ()
SRV - (mi-raysat_3dsmax8 [Auto | Running]) -- C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe ()
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SbPF.Launcher [Auto | Running]) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
SRV - (SPF4 [Auto | Running]) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
SRV - (Symantec Core LC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (TabletService [Auto | Running]) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
SRV - (usnjsvc [On_Demand | Running]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (wampapache [On_Demand | Stopped]) -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe (Apache Software Foundation)
SRV - (wampmysqld [On_Demand | Stopped]) -- c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe ()
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ASPI [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ASPI32.sys (Adaptec)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (btwhid [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btwhid.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (DFUBTUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\frmupgr.sys (Broadcom Corporation.)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\dtscsi.sys ()
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Gmer [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER)
DRV - (itchfltr [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\itchfltr.sys (Logitech, Inc.)
DRV - (L8042Kbd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (L8042mou [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\L8042mou.Sys (Logitech, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (ndiscm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NetMotCM.sys (Motorola Inc.)
DRV - (nvatabus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (nvax [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\nvax.sys (NVIDIA Corporation)
DRV - (NVENET [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENET.sys (NVIDIA Corporation)
DRV - (nvidesm [Boot | Running]) -- C:\WINDOWS\system32\drivers\nvidesm.sys (NVIDIA Corporation)
DRV - (nvnforce [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\nvapu.sys (NVIDIA Corporation)
DRV - (nv_agp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys (NVIDIA Corporation)
DRV - (pavboot [Boot | Running]) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PenClass [Boot | Running]) -- C:\WINDOWS\system32\Drivers\PenClass.sys (Wacom Technology Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SbFw [System | Running]) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (SBFWIMCL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\sbfwim.sys (Sunbelt Software, Inc.)
DRV - (sbhips [System | Running]) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfdrv01 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfsync02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfsync04 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV - (sfvfs02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (vsbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\vsb.sys (ELTIMA Software)
DRV - (vserial [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\vserial.sys (ELTIMA Software)
DRV - (WBHWDOCT [Auto | Running]) -- C:\WINDOWS\System32\drivers\Wbhwdoct.sys (Winbond Electronics Corp.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.90
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}:1.2.211
FF - prefs.js..extensions.enabledItems: refspoof@mozdev.org:0.9.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10


FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\FIREFOX [2007/02/25 08:21:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/17 17:02:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 06:50:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 06:50:50 | 00,000,000 | ---D | M]

[2009/04/19 05:03:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Extensions
[2008/08/29 11:23:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/19 05:03:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Extensions\celtx@celtx.com
[2009/05/01 00:15:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions
[2008/08/29 11:24:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/11/30 13:20:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\{DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}
[2009/04/30 16:52:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2008/10/02 13:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jbone\Application Data\mozilla\Firefox\Profiles\iuxiycri.default\extensions\refspoof@mozdev.org
[2008/05/29 11:21:30 | 00,001,944 | ---- | M] () -- C:\Documents and Settings\Jbone\Application Data\Mozilla\FireFox\Profiles\iuxiycri.default\searchplugins\live-search.xml
[2009/05/01 00:15:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 06:50:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/04/17 20:53:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/18 09:35:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/17 18:55:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/17 17:05:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/11/17 17:45:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/17 17:02:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/11 16:17:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 06:50:43 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 06:50:43 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/08/29 11:22:41 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/08/29 11:22:41 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/08/29 11:22:41 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/13 15:31:35 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/08/29 11:22:41 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/08/29 11:22:41 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/08/29 11:22:41 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (698 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2E608F70-C430-4BC5-96F6-608E02EBA5B2} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz File not found
O4 - HKCU..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (Siber Systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\Jbone\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html File not found
O8 - Extra context menu item: Google AdSense Preview Tool - http://pagead2.googl...en/preview.html File not found
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html File not found
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - File not found
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - File not found
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - File not found
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - File not found
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - File not found
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 23 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1153292679000 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoft...free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} http://support.f-sec.../ols3/fscax.cab (F-Secure Online Scanner 3.0)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {FE24CD78-7C63-465D-8787-4EDF7FC79895} - C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/24 07:29:26 | 00,000,033 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0f6d0dc2-41a7-11da-86c6-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{0f6d0dc2-41a7-11da-86c6-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f6d0dc2-41a7-11da-86c6-806d6172696f}\Shell\AutoRun\command - "" = E:\Autorun.exe root.ini -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\DOCUME~1\Jbone\Desktop\CANU07N9.
[2009/05/01 22:12:29 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/01 17:41:06 | 00,001,523 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Vuze.lnk
[2009/05/01 17:40:32 | 00,000,000 | ---D | C] -- C:\Program Files\Vuze
[2009/05/01 00:48:21 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jbone\My Documents\Azureus Downloads
[2009/04/30 16:52:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/04/30 16:52:24 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/04/30 16:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jbone\Application Data\Azureus
[2009/04/29 20:44:17 | 00,000,714 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/29 20:44:16 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/29 20:44:08 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/29 20:44:05 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/28 23:04:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jbone\Desktop\HeadFirst Scripts
[2009/04/20 09:30:23 | 00,027,648 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\Need A Small Business Website Design.doc
[2009/04/19 05:07:38 | 00,000,656 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\Shortcut to celtx.exe.lnk
[2009/04/19 05:03:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jbone\Application Data\Greyfirst
[2009/04/19 05:03:37 | 00,001,510 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Celtx.lnk
[2009/04/19 05:03:31 | 00,000,000 | ---D | C] -- C:\Program Files\Celtx
[2009/04/19 04:58:43 | 15,532,310 | ---- | C] (Greyfirst) -- C:\DOCUME~1\Jbone\Desktop\CeltxSetup.exe
[2009/04/19 03:18:11 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFCANS32.DLL
[2009/04/19 03:18:10 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscal.ocx
[2009/04/19 03:18:10 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GAPI32.DLL
[2009/04/17 04:23:22 | 00,017,920 | -HS- | C] () -- C:\DOCUME~1\Jbone\Desktop\Thumbs.db
[2009/04/16 03:05:06 | 00,000,150 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/04/15 10:19:00 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 10:19:00 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 10:19:00 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 10:19:00 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 10:19:00 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 10:19:00 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 10:19:00 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 10:18:59 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 10:18:59 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/13 17:01:42 | 00,369,664 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\hlm.doc
[2009/04/12 19:02:14 | 00,005,436 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\vwap.cpp
[2009/04/12 18:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jbone\Application Data\PE Explorer
[2009/04/10 20:43:40 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/10 00:00:01 | 00,002,359 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\NinjaTrader 6.5.lnk
[2009/04/09 23:59:45 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jbone\My Documents\NinjaTrader Backup
[2009/04/09 23:59:44 | 00,000,000 | ---D | C] -- C:\Program Files\NinjaTrader 6.5
[2009/04/09 23:55:50 | 00,228,424 | ---- | C] (NinjaTrader, LLC) -- C:\DOCUME~1\Jbone\Desktop\setup.exe
[2009/04/06 17:18:07 | 00,000,437 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\webroot.lnk
[2009/04/06 16:57:49 | 00,000,507 | ---- | C] () -- C:\DOCUME~1\Jbone\Desktop\WampServer.lnk
[2009/04/06 16:55:19 | 00,000,000 | ---D | C] -- C:\wamp
[2009/04/05 17:36:01 | 16,953,377 | ---- | C] (Romain Bourdon (Roms) ) -- C:\DOCUME~1\Jbone\Desktop\WampServer2.0g-1.exe
[2009/04/05 17:23:54 | 00,000,000 | ---D | C] -- C:\Program Files\PHP
[2009/04/05 17:16:30 | 00,000,000 | ---D | C] -- C:\Program Files\Apache Software Foundation
[2009/03/19 06:11:44 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\NtDirect.dll
[2008/12/31 16:04:42 | 00,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/07/17 23:02:22 | 00,000,485 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/07/05 20:14:48 | 00,456,192 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/07/05 20:14:44 | 03,591,168 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/07/05 20:13:16 | 00,708,096 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/06/25 15:09:50 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/06/23 02:34:00 | 00,177,664 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/06/13 20:39:38 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/06/13 03:36:38 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/05/31 21:44:52 | 00,000,029 | ---- | C] () -- C:\WINDOWS\Battle.ini
[2008/05/22 16:59:15 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\lgbskin.dll
[2008/05/22 16:59:15 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\lgbTrace.dll
[2007/10/10 21:16:51 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\G32_rkey.dll
[2007/09/08 10:48:38 | 00,000,086 | ---- | C] () -- C:\WINDOWS\NavWin.INI
[2007/09/08 10:36:03 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\G32_TICK.DLL
[2007/09/08 04:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/08 04:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/07 04:04:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/07 04:01:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/09/04 16:49:35 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\proxydll.dll
[2007/09/04 16:49:35 | 00,000,511 | ---- | C] () -- C:\WINDOWS\winros.ini
[2007/09/04 16:49:35 | 00,000,144 | ---- | C] () -- C:\WINDOWS\reader.Ini
[2007/09/04 16:49:35 | 00,000,071 | ---- | C] () -- C:\WINDOWS\WinSig.Ini
[2007/07/26 13:05:54 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\Wbcdflsh.dll
[2007/07/11 01:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/06/21 11:32:31 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xcon.dll
[2007/02/01 12:33:59 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2006/11/29 22:24:10 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/09/23 11:03:57 | 00,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2006/09/23 11:03:57 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2006/09/23 11:03:57 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2006/07/11 18:49:03 | 00,000,666 | ---- | C] () -- C:\WINDOWS\Tcd_a579b07e.ini
[2006/07/04 21:14:20 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2006/07/04 11:11:15 | 00,001,200 | -HS- | C] () -- C:\WINDOWS\System32\qqtss.ini
[2006/07/03 19:13:42 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2006/04/20 12:39:02 | 00,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/04/20 12:36:04 | 00,000,041 | ---- | C] () -- C:\WINDOWS\CDE CX4700EC.ini
[2006/02/23 21:18:09 | 00,024,721 | ---- | C] () -- C:\WINDOWS\System32\lap20nh3l4dkszi4a.dll
[2006/02/23 21:18:09 | 00,024,702 | ---- | C] () -- C:\WINDOWS\System32\xkh1udoe84fkszi4a.dll
[2006/02/23 21:18:09 | 00,017,137 | ---- | C] () -- C:\WINDOWS\System32\qke3kixfeflkszi4a.dll
[2006/01/04 16:31:10 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/17 11:11:56 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005/12/08 14:42:47 | 00,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2005/12/08 14:40:54 | 00,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2005/12/08 14:40:54 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd1709.sys
[2005/11/25 19:56:21 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/10/24 15:52:34 | 00,015,744 | ---- | C] () -- C:\WINDOWS\System32\Wintab.dll
[2005/10/20 21:34:24 | 00,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2005/10/20 21:34:06 | 00,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/07/04 01:41:37 | 00,041,984 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2005/07/04 01:41:24 | 00,095,744 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2005/07/04 01:41:08 | 00,055,808 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2005/07/02 03:10:26 | 00,334,848 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2005/06/30 02:36:41 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005/06/30 02:28:39 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2005/06/30 02:28:00 | 00,074,240 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2005/06/30 02:27:21 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2005/06/30 02:27:17 | 00,162,816 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2005/06/30 02:26:55 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2005/06/30 02:25:36 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2005/06/30 02:25:22 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2005/06/30 02:19:32 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005/02/17 22:31:58 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/02/17 22:31:57 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005/02/17 11:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 11:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/12/20 21:08:28 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 21:03:26 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/12/10 15:34:15 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\cogslan.dll
[2004/11/25 04:25:52 | 00,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2004/10/04 02:50:54 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/09/24 19:10:48 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004/09/24 19:09:58 | 01,040,384 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2004/09/24 19:09:56 | 01,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2004/09/24 19:09:42 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2004/08/04 22:00:00 | 00,000,862 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 22:00:00 | 00,000,284 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/07/26 21:12:52 | 00,166,912 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004/04/26 09:03:44 | 00,229,376 | ---- | C] () -- C:\WINDOWS\System32\sdl.dll
[2003/02/02 19:06:02 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/07 05:42:58 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/05/18 08:18:30 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/03/06 00:00:00 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000/10/25 17:15:00 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll

========== Files - Modified Within 30 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
File not found -- C:\DOCUME~1\Jbone\Desktop\CANU07N9.
[2009/05/01 22:11:02 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\Jbone\My Documents\My Sharing Folders.lnk
[2009/05/01 20:52:44 | 00,012,669 | ---- | M] () -- C:\WINDOWS\System32\tablet.dat
[2009/05/01 20:52:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/01 20:52:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/01 20:52:14 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/01 20:50:44 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/01 20:50:11 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Jbone\Local Settings\desktop.ini
[2009/05/01 17:41:06 | 00,001,523 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Vuze.lnk
[2009/04/30 16:01:04 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/29 20:44:17 | 00,000,714 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/29 09:08:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/24 07:26:00 | 00,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/04/24 07:25:59 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/04/24 05:31:33 | 00,017,920 | -HS- | M] () -- C:\DOCUME~1\Jbone\Desktop\Thumbs.db
[2009/04/20 09:30:23 | 00,027,648 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\Need A Small Business Website Design.doc
[2009/04/19 15:39:22 | 00,002,137 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/04/19 05:07:38 | 00,000,656 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\Shortcut to celtx.exe.lnk
[2009/04/19 05:03:37 | 00,001,510 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Celtx.lnk
[2009/04/19 05:01:11 | 15,532,310 | ---- | M] (Greyfirst) -- C:\DOCUME~1\Jbone\Desktop\CeltxSetup.exe
[2009/04/16 18:33:08 | 00,369,664 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\hlm.doc
[2009/04/16 03:40:04 | 00,448,708 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/16 03:40:03 | 00,530,218 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/16 03:40:03 | 00,075,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/16 03:06:05 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 03:05:06 | 00,000,150 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/04/16 03:03:09 | 00,000,862 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/12 19:02:14 | 00,005,436 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\vwap.cpp
[2009/04/10 20:41:57 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/04/10 20:41:56 | 00,000,284 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/10 01:02:44 | 00,002,359 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\NinjaTrader 6.5.lnk
[2009/04/09 23:55:51 | 00,228,424 | ---- | M] (NinjaTrader, LLC) -- C:\DOCUME~1\Jbone\Desktop\setup.exe
[2009/04/08 23:36:02 | 00,000,512 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\Ensign Windows.lnk
[2009/04/07 00:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/06 17:19:22 | 00,000,437 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\webroot.lnk
[2009/04/06 16:57:49 | 00,000,507 | ---- | M] () -- C:\DOCUME~1\Jbone\Desktop\WampServer.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/05 17:36:25 | 16,953,377 | ---- | M] (Romain Bourdon (Roms) ) -- C:\DOCUME~1\Jbone\Desktop\WampServer2.0g-1.exe
< End of report >

OTListIt Extras logfile created on: 01/05/2009 10:26:50 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.1 Folder = C:\Documents and Settings\Jbone\Desktop\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: dd/MM/yyyy

1023.48 Mb Total Physical Memory | 494.79 Mb Available Physical Memory | 48.34% Memory free
2.40 Gb Paging File | 1.92 Gb Available in Paging File | 80.02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 26.87 Gb Free Space | 24.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 298.09 Gb Total Space | 230.79 Gb Free Space | 77.42% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AMDXP3300
Current User Name: Jbone
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Autodesk\backburner\monitor.exe:*:Enabled:backburner 2.3 monitor File not found
C:\Program Files\Autodesk\backburner\manager.exe:*:Enabled:backburner 2.3 manager File not found
C:\Program Files\Autodesk\backburner\server.exe:*:Enabled:backburner 2.3 server File not found
C:\Program Files\Autodesk\3dsMax8\3dsmax.exe:*:Enabled:Autodesk 3ds Max 8 (Autodesk, Inc.)
C:\Program Files\Telstra\Cable Login\bpcable.exe:*:Enabled:BigPond Cable Client File not found
C:\Program Files\Telstra\Cable Login\bpcService.exe:*:Enabled:BigPond Cable Client (running as a service) File not found
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox (Yahoo! Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{03EA3D6E-D92B-11D0-892B-00A0C91827B3}" = DM Client
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1116FD69-3C49-BE9A-C206-E8BA26CCA10F}" = CCC Help English
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{123D74B2-4F4F-4056-8313-5F1C9FEE332E}" = Xara Menu Maker 1.0
"{16FE2579-06B2-3E32-58F2-4B70B69A3070}" = ccc-core-preinstall
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EB21F28-E3AF-A317-4658-6C0C455C2F61}" = Catalyst Control Center Core Implementation
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 13
"{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3975CBD8-A8DF-4748-9350-8592DD9D67F6}" = Menu Maker Dreamweaver Extension 1.0.0
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{4539D65F-319C-416F-A17F-827110F4CE22}" = NinjaTrader 6.5
"{46D9C523-FABB-FFF1-321D-F493A68E2C3E}" = Catalyst Control Center Graphics Previews Common
"{47813E93-F2A0-484A-838E-47EC1B28D190}" = Adobe Stock Photos 1.0
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{57D32909-FCA8-A78B-2AD2-2A50F5E11858}" = ccc-core-static
"{57EA735B-4F1D-9FC5-6A36-B0C0F1D704FE}" = Catalyst Control Center Graphics Light
"{5EE65592-88FD-48AA-98CA-EE9BDB1FF518}" = LG PhoneManager
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6E524C61-42EC-11D5-98E1-0050BA0133AC}" = Hardware Doctor
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7ABAB858-8465-4E94-8D7A-8CE226E492D4}" = Xara Online Dreamweaver Extension
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EADB65C-70E8-4C94-AD0A-221462D41A85}" = Camtasia Studio 5
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82A26C9D-FB57-475E-88CC-7E44FC20CBE7}" = LG Internetkit
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{86844E31-42CC-49C8-B647-7213009F4719}" = Diagnostic Tool for the Microsoft VM
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0383B7D-81A2-49D3-BE06-C0FD9EFB9DFC}" = Corel Painter IX
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8C2ECC8-BB15-11D6-B91C-00C04F689AB6}" = Australian Phonedisc
"{AC134D03-97F1-45B9-B32A-52E885AFA895}" = Mobile Phone Suite Easy Synchronization
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life® 2
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}" = RssReader
"{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBB313D6-4B13-4961-BD5F-673CDA1793CC}" = Autodesk 3ds Max 8
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE31F8AA-B12D-3A38-E561-C657EED45465}" = Catalyst Control Center Graphics Full Existing
"{E0343A4C-2FFD-4CCB-B0EB-5DE9F0E2A083}" = LS_HSI
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6EB53D4-5AD0-07F0-2DAC-0A2D624DF39D}" = ccc-utility
"{E74CC47C-28D3-25E1-14D2-68EBC87C31BA}" = Skins
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E989FC1C-0643-4F54-A04E-828CC1D5BD73}" = TransActAT
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F251B61F-9D18-13C4-02EE-71A36343D442}" = Catalyst Control Center Graphics Full New
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FB3BE405-6BF0-490A-84B3-00611385EA0D}" = Common-Use Signing Interface
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD25152-1916-4744-BAAF-F2D2EBF38284}" = LG SyncManager
"Active@ ISO Burner v 1.1" = Active@ ISO Burner v 1.1
"ActiveScan 2.0" = Panda ActiveScan 2.0
"ActiveTouchMeetingClient" = WebEx
"Ad-Aware SE Professional" = Ad-Aware SE Professional
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"AI RoboForm" = AI RoboForm (All Users)
"All ATI Software" = ATI - Software Uninstall Utility
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast!" = avast! Antivirus
"BitLord" = BitLord 1.1
"CCleaner" = CCleaner (remove only)
"Celtx (2.0)" = Celtx (2.0)
"CleanUp!" = CleanUp!
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced)
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"Common-Use Signing Interface" = Common-Use Signing Interface
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.7
"DC++" = DC++ 0.699
"EDS_is1" = EDS 2.0
"Ensign Windows" = Ensign Windows
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ESCX4700_4100 User's Guide" = ESCX4700_4100 User's Guide
"Excel Key Demo" = Excel Key 7.9 Demo
"FinePrint" = FinePrint
"GameArena The Arena" = GameArena The Arena
"GENEUIDE" = USB Storage Driver
"getPlus®_dll" = getPlus®_dll
"GSpot" = GSpot Codec Information Appliance
"Icon Edit_is1" = Icon Edit 2.1.9
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"IQFeed Client" = IQFeed Client 4.4.0.3
"Live Bid Control Kit Setup" = Live Bid Control Kit Setup
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"MagicDisc 2.7.97" = MagicDisc 2.7.97
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MOV Booster Pack" = River Past MOV Booster Pack
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OEC Trader Demo_is1" = OEC Trader Demo 3.3
"oggcodecs" = oggcodecs 0.71.0946
"Panda ActiveScan" = Panda ActiveScan
"Passware Kit Enterprise" = Passware Kit Enterprise 7.5
"PDFCreator Toolbar" = PDFCreator Toolbar
"pdfFactory" = pdfFactory
"PIAFpu" = PIAFpu
"RealPlayer 6.0" = RealPlayer
"Screen Recorder Pro" = River Past Screen Recorder Pro
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype 2.5
"ST6UNST #1" = Calmlink
"SystemRequirementsLab" = System Requirements Lab
"Tablet Driver" = Tablet
"Tiks Texas Hold Em" = Tiks Texas Hold Em
"Video Cleaner" = River Past Video Cleaner
"Video Cleaner Pro" = River Past Video Cleaner Pro
"Vuze" = Vuze
"WampServer 2_is1" = WampServer 2.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 24/06/2008 2:07:27 AM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 24/06/2008 2:07:27 AM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

Error - 07/04/2009 4:04:36 PM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 09/04/2009 9:45:20 PM | Computer Name = AMDXP3300 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

[ Application Events ]
Error - 25/02/2009 3:10:15 AM | Computer Name = AMDXP3300 | Source = MsiInstaller | ID = 11316
Description = Product: Autodesk 3ds Max 8 -- Error 1316. A network error occurred
while attempting to read from the file: C:\WINDOWS\Installer\3dsMax8.msi

Error - 25/02/2009 3:10:52 AM | Computer Name = AMDXP3300 | Source = MsiInstaller | ID = 11316
Description = Product: Autodesk 3ds Max 8 -- Error 1316. A network error occurred
while attempting to read from the file: C:\WINDOWS\Installer\3dsMax8.msi

Error - 05/03/2009 12:00:32 PM | Computer Name = AMDXP3300 | Source = MsiInstaller | ID = 11316
Description = Product: Windows Live Sign-in Assistant -- Error 1316. A network error
occurred while attempting to read from the file: C:\WINDOWS\TEMP\IXP000.TMP\Install_{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}.msi

Error - 12/03/2009 8:54:00 AM | Computer Name = AMDXP3300 | Source = Application Error | ID = 1000
Description = Faulting application ensign.exe, version 2009.3.11.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 15/03/2009 12:04:04 PM | Computer Name = AMDXP3300 | Source = Application Hang | ID = 1002
Description = Hanging application ShowTime.exe, version 2.0.0.18, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 14/04/2009 12:04:49 PM | Computer Name = AMDXP3300 | Source = Application Error | ID = 1000
Description = Faulting application eds.exe, version 1.0.0.1, faulting module eds.exe,
version 1.0.0.1, fault address 0x0000181d.

Error - 28/04/2009 4:51:27 PM | Computer Name = AMDXP3300 | Source = Application Hang | ID = 1002
Description = Hanging application Dreamweaver.exe, version 9.0.0.3453, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 30/04/2009 3:55:36 AM | Computer Name = AMDXP3300 | Source = Application Error | ID = 1000
Description = Faulting application illustrator.exe, version 12.1.128.0, faulting
module illustrator.exe, version 12.1.128.0, fault address 0x0042203f.

Error - 30/04/2009 12:42:47 PM | Computer Name = AMDXP3300 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8217.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 30/04/2009 12:44:31 PM | Computer Name = AMDXP3300 | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.

[ System Events ]
Error - 01/05/2009 6:48:07 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 01/05/2009 6:48:07 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 01/05/2009 6:48:22 AM | Computer Name = AMDXP3300 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 01/05/2009 6:52:34 AM | Computer Name = AMDXP3300 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 01/05/2009 7:24:41 AM | Computer Name = AMDXP3300 | Source = Dhcp | ID = 1002
Description = The IP address lease 58.161.67.40 for the Network Card with network
address 00508D4C388E has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).

Error - 01/05/2009 7:25:03 AM | Computer Name = AMDXP3300 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.100.11 for the Network Card with network
address 00508D4C388E has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).

Error - 01/05/2009 8:10:50 AM | Computer Name = AMDXP3300 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type


< End of report >
  • 0

Advertisements


#2
jbone

jbone

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
So can no one help me out here or is there nothing to help?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP