Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't bring up McAfee,ThreatFire, System Restor, Word...


  • Please log in to reply

#1
malwarekiller

malwarekiller

    Member

  • Member
  • PipPip
  • 17 posts
Hi. I believe I've got some unknown and undetected infection going on.
I was on my computer the other day and my ThreatFire popped up as stopping something from starting and from then on I can't bring up ThreatFire or McAfee. If I click on the icon for either one the interface comes up and blinks off right away. I did scans with Ad-Aware, Malwarebytes, Spybot Search and Destroy,Windows Defender and Windows Malicious Software Removal Tool and nothing was found. I can't use my SUPERAntiSpyware either. It says it's downloading new updates when I click on it and shows the splash screen after the progress bar is done and then nothing. It won't bring up the interface.

I can't click on System Restore either it gives me this message, "Windows cannot access the specified devise, path or file. You may not have the appropriate permissions to access the item".

I also cannot brink up Word. It also shows then disappears right away.

So, I followed you instructions and when I did the TFC and reboot I was able to bring up those programs that would show a flash of the interface and disappear and do the scan with McAfee and ThreatFire to which they did not detect anything but the second time I tried to use TFC and reboot so I can bring those programs up I was not able to.

Several days earlier I was in my Spybot Search and destroy program and went into "Tools" and ran somekind of registry check that I never tried before in the program. It found some things that had wrong path names etc. I clicked on the fix button and I was a little unsure of what was going on when things kept coming up for me to click on so I closed the program. Perhaps I may have deleted somethings before doing so. I'm not sure if that might be anything to do with this or not. I can post a screenshot of what that program is saying is wrong in the registry as of now if you'd like. Is there a way to check the registry to see if it has missing .dll files or whatever as well?

Let me know if you want post from any of the other anti-spyware scans I did.

Here are my results log post for what was asked in the sticky.

Malwarebytes' Anti-Malware 1.37
Database version: 2192
Windows 5.1.2600 Service Pack 3

5/29/2009 9:00:10 AM
mbam-log-2009-05-29 (09-00-10).txt

Scan type: Quick Scan
Objects scanned: 86986
Time elapsed: 4 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Rooter Log:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:238464 Mo/Free:3888 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:238472 Mo/Free:2258 Mo)
G:\ [Fixed] - NTFS - (Total:238472 Mo/Free:215 Mo)
H:\ [Fixed] - NTFS - (Total:305243 Mo/Free:35 Mo)

Fri 05/29/2009|17:49

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\WINDOWS\system32\LEXBCES.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\LEXPPS.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
---------- C:\Program Files\LSI SoftModem\agrsmsvc.exe
---------- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
---------- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
---------- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
---------- C:\Program Files\McAfee\MPF\MPFSrv.exe
---------- C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\IoctlSvc.exe
---------- C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\ThreatFire\TFService.exe
---------- C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- c:\WINDOWS\system32\ZuneBusEnum.exe
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- c:\PROGRA~1\mcafee.com\agent\mcagent.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\ASUS\Ai Nap\AiNap.exe
---------- C:\Program Files\ThreatFire\TFTray.exe
---------- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
---------- C:\WINDOWS\AGRSMMSG.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\Program Files\Analog Devices\Core\smax4pnp.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
---------- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
---------- C:\WINDOWS\system32\SearchProtocolHost.exe
---------- C:\WINDOWS\system32\SearchFilterHost.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Fri 05/29/2009|17:50

----------------------\\ Scan completed at 17:50




OTListIT Log:
OTListIt logfile created on: 5/29/2009 5:56:09 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\C. Duke\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 139.80 Gb Free Space | 60.03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.88 Gb Total Space | 70.21 Gb Free Space | 30.15% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 36.21 Gb Free Space | 15.55% Space Free | Partition Type: NTFS
Drive H: | 298.09 Gb Total Space | 64.03 Gb Free Space | 21.48% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: OFFICE
Current User Name: C. Duke
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\Speed Disk\NOPDB.exe (Symantec Corporation)
PRC - C:\Program Files\ThreatFire\TFService.exe (PC Tools)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
PRC - c:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe (Speedbit Ltd.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\ASUS\Ai Nap\AiNap.exe ()
PRC - C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
PRC - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\C. Duke\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (0101621241885690mcinstcleanup [Auto | Stopped]) -- File not found
SRV - (AcrSch2Svc [Auto | Running]) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (AgereModemAudio [Auto | Running]) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems)
SRV - (ASKUpgrade [Auto | Stopped]) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c9d0bd82e688b4 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (HauppaugeTVServer [Disabled | Stopped]) -- C:\Program Files\WinTV\HCWTVServer.exe (Hauppauge Computer Works)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (LiveUpdate [On_Demand | Running]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (MA_CMIDI_InstallerService [Auto | Running]) -- C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McNASvc [Auto | Running]) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (McODS [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy [Auto | Running]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NProtectService [Auto | Running]) -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service [Auto | Running]) -- C:\WINDOWS\system32\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (Sony SCSI Helper Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (Speed Disk service [Auto | Running]) -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\Speed Disk\NOPDB.exe (Symantec Corporation)
SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (ThreatFire [Auto | Running]) -- C:\Program Files\ThreatFire\TFService.exe (PC Tools)
SRV - (VideoAcceleratorService [Auto | Running]) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [Disabled | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (ZuneBusEnum [Auto | Running]) -- c:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc [Disabled | Stopped]) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc [On_Demand | Stopped]) -- c:\WINDOWS\system32\ZuneWlanCfgSvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (AsIO [System | Running]) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (CLEDX [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\cledx.sys (Team H2O)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elagopro [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\elagopro.sys (Gteko Ltd.)
DRV - (elaunidr [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\elaunidr.sys (Gteko Ltd.)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (giveio [Boot | Running]) -- C:\WINDOWS\system32\giveio.sys ()
DRV - (hcwPP2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hcwPP2.sys (Hauppauge Computer Works, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (imagedrv [Boot | Running]) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (imagesrv [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (MagicTune [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MTiCtwl.sys ()
DRV - (MA_CMIDI [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ma_cmidi.sys (M-Audio)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfesmfk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (MI4AUDIO [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MI4Audio.sys (usb-audio.de)
DRV - (MI4MIDEV01 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mi4midi.sys (Steinberg Media Technologies)
DRV - (MI4USB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\MI4USB.sys (Steinberg)
DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (NPDriver [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\NPDRIVER.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvata [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (pcouffin [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SDdriver [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\sddriver.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SenFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Senfilt.sys (Sensaura)
DRV - (snapman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (SONYPVU1 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (speedfan [Boot | Running]) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (TfFsMon [Boot | Running]) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)
DRV - (TfNetMon [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)
DRV - (TfSysMon [Boot | Running]) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)
DRV - (tifsfilter [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (timounter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (WinUSB [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\WinUSB.sys (Microsoft Corporation)
DRV - (zumbus [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\zumbus.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...rchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.10
FF - prefs.js..extensions.enabledItems: {62760FD6-B943-48C9-AB09-F99C6FE96088}:1.6.11
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:1.5.41.0
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.12
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.2.0.0
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:0.9945
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.1
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.1
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {ab1c90b8-303d-3736-a28e-0433853da20b}:2.0.1
FF - prefs.js..extensions.enabledItems: {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090325
FF - prefs.js..extensions.enabledItems: youplayer@addons.mozilla.org:0.9.8
FF - prefs.js..extensions.enabledItems: {7ef7f4d6-947d-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.5.2
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:2.95
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/16 08:20:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/20 01:50:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/04/29 01:48:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/05/22 11:29:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 00:12:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 00:12:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/04/29 01:48:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2009/04/29 01:48:50 | 00,000,000 | ---D | M]

[2009/04/29 04:42:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions
[2009/04/29 04:42:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
[2009/04/15 23:19:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/16 03:49:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions\uploadr@flickr.com
[2009/05/28 11:20:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions
[2009/04/16 16:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/04/17 01:45:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/04/16 00:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2009/04/29 07:00:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2009/05/06 13:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/04/16 16:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009/05/07 15:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/04/16 16:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009/04/16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3}
[2009/05/07 15:15:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/04/16 00:36:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/04/23 21:01:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2009/04/16 00:37:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/04/16 16:16:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/04/16 00:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
[2009/04/16 00:05:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/04/16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{ab1c90b8-303d-3736-a28e-0433853da20b}
[2009/04/16 16:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2009/04/16 01:11:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2009/04/29 06:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/05/07 15:15:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\isreaditlater@ideashower.com
[2009/04/16 16:16:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\max@subfighter.com
[2009/04/20 10:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\piclens@cooliris.com
[2009/04/16 00:29:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\redshift_V2@shift-themes.com
[2009/04/16 16:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\smartbookmarksbar@remy.juteau
[2009/04/16 16:16:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\youplayer@addons.mozilla.org
[2009/05/28 09:59:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 00:12:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/20 01:50:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 00:12:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 00:12:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 13:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 13:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/05/27 16:45:02 | 00,000,912 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\conduit.xml
[2009/03/26 13:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 13:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 13:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 13:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 13:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - Reg Error: Key error. File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Nap\AiNap.exe" ()
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NSWosCheck] "C:\Program Files\Norton SystemWorks Basic Edition\osCheck.exe" (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()
O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1239853994804 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1239911772593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{1A49707C-E340-4BAA-AEF9-C22DCA01EDF8}\\NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/16 03:47:42 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/15 16:58:30 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{153f650a-29ee-11de-b5ee-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{153f650a-29ee-11de-b5ee-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{153f650a-29ee-11de-b5ee-806d6172696f}\Shell\AutoRun\command - "" = E:\Bin\Assetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/29 17:53:42 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[2009/05/29 17:49:19 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/29 17:40:12 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/29 08:24:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/29 08:21:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\RegBack
[2009/05/29 08:12:05 | 00,000,624 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\NTREGOPT.lnk
[2009/05/29 08:12:05 | 00,000,605 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\ERUNT.lnk
[2009/05/29 08:11:49 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/29 07:58:22 | 00,358,072 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Malware and Spyware Cleanin...pdf
[2009/05/28 23:49:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Desktop\Geeks To Go
[2009/05/28 23:48:24 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\C. Duke\Desktop\OTListIt2.exe
[2009/05/28 22:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\Scan Logs
[2009/05/28 11:13:21 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\BitPim.lnk
[2009/05/28 11:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\bitpim
[2009/05/28 11:12:07 | 00,000,000 | ---D | C] -- C:\Program Files\BitPim
[2009/05/28 09:10:15 | 00,000,631 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\DVDFab 6.lnk
[2009/05/28 09:10:06 | 00,000,000 | ---D | C] -- C:\Program Files\DVDFab 6
[2009/05/28 03:35:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\TMPGEnc MPEG Editor
[2009/05/28 03:35:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\Pegasys Inc
[2009/05/28 03:26:13 | 00,000,889 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\TMPGEnc DVD Author 1.6.lnk
[2009/05/28 03:19:47 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/28 03:11:30 | 00,000,000 | ---D | C] -- C:\Program Files\Pegasys Inc
[2009/05/24 11:57:39 | 00,000,294 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/05/24 10:42:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Desktop\Toby & Tigger
[2009/05/22 14:09:38 | 00,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2009/05/21 01:51:26 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/18 15:30:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\Cobra
[2009/05/14 13:59:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\FXpansion
[2009/05/14 12:30:09 | 00,001,671 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\BFD2.lnk
[2009/05/14 12:19:04 | 00,000,000 | ---D | C] -- C:\Program Files\FXpansion
[2009/05/14 12:17:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\FXpansion
[2009/05/14 02:22:35 | 00,001,841 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Lightroom.lnk
[2009/05/13 21:32:47 | 00,013,040 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\To Do.rtf
[2009/05/13 21:02:03 | 00,000,643 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Audacity.lnk
[2009/05/13 21:02:01 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2009/05/13 18:02:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\iZotope
[2009/05/13 18:02:24 | 00,000,000 | ---D | C] -- C:\Program Files\iZotope
[2009/05/13 16:22:27 | 00,000,000 | ---D | C] -- C:\Program Files\Toontrack
[2009/05/09 22:57:50 | 00,001,777 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\SpeedBit Video Accelerator.lnk
[2009/05/09 22:57:41 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedBit Video Accelerator
[2009/05/09 22:38:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/05/09 22:38:31 | 00,479,298 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbocx.ocx
[2009/05/09 22:38:31 | 00,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2009/05/09 22:38:31 | 00,050,688 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2009/05/09 15:16:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\gtk-2.0
[2009/05/09 15:06:11 | 00,000,803 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2009/05/09 15:05:29 | 00,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2009/05/09 13:41:23 | 00,000,713 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Inkscape.lnk
[2009/05/09 13:40:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\Inkscape
[2009/05/09 13:34:44 | 00,000,000 | ---D | C] -- C:\Program Files\Inkscape
[2009/05/09 13:31:05 | 00,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2009/05/09 13:30:42 | 00,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2009/05/09 11:16:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Local Settings\Apps
[2009/05/09 10:49:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\Google
[2009/05/09 10:48:50 | 00,001,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/05/09 10:43:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2009/05/09 10:43:07 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/05/09 10:40:54 | 01,223,168 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\RapidUploader.exe
[2009/05/05 02:58:36 | 00,012,295 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/05 02:58:29 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2009/05/05 02:58:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/05/05 02:58:26 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/05/05 02:56:01 | 00,033,832 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2009/05/05 02:56:00 | 00,201,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2009/05/05 02:56:00 | 00,079,304 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/05/05 02:56:00 | 00,040,488 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2009/05/05 02:56:00 | 00,035,240 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/05/05 02:55:56 | 00,113,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2009/05/05 02:55:47 | 00,000,344 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/05/05 02:55:46 | 00,000,336 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/05/05 02:55:37 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2009/05/05 02:55:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/05/05 02:55:29 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/05/05 02:35:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/05/05 02:22:03 | 00,125,252 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2009/05/04 03:18:46 | 00,000,723 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Scanner and Camera Wizard.lnk
[2009/04/29 01:49:46 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/04/18 21:17:02 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/04/17 07:27:44 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/04/17 07:27:40 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/17 07:27:40 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/04/17 06:29:42 | 00,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast_sav.ini
[2009/04/17 06:29:42 | 00,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast.ini
[2009/04/17 06:27:36 | 00,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/04/17 06:27:21 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2009/04/17 06:26:22 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2009/04/17 06:25:48 | 00,007,225 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2009/04/17 06:25:28 | 00,066,048 | R--- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2009/04/16 17:37:09 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/16 05:53:28 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\eautil.dll
[2009/04/16 05:30:09 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/04/16 04:04:28 | 00,000,483 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/16 03:44:05 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/04/16 03:41:35 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/04/16 03:31:00 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/04/16 02:52:18 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2009/04/16 02:52:18 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2009/04/16 02:49:04 | 00,000,418 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/04/16 02:48:51 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbvvs.dll
[2009/04/16 02:48:30 | 00,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbvcoin.ini
[2009/04/16 01:59:46 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2009/04/16 01:58:42 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2009/04/16 00:52:51 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/04/16 00:52:51 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/04/16 00:52:51 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/04/16 00:52:51 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/04/16 00:51:36 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/04/15 22:36:54 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/04/15 22:36:54 | 00,005,685 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/04/15 22:30:11 | 00,027,347 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/04/15 22:14:04 | 00,000,402 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2009/04/15 22:14:03 | 00,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2009/04/15 22:12:07 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/04/15 22:11:38 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/01/25 16:10:48 | 00,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 00,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/02/28 07:00:00 | 00,000,643 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/02/28 07:00:00 | 00,000,435 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/05/08 16:08:10 | 00,000,068 | ---- | C] () -- C:\WINDOWS\System32\eyeQ Screen Saver.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 17:54:04 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[1996/04/03 14:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Files - Modified Within 30 Days ==========

[2009/05/29 17:45:25 | 00,193,207 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/29 17:45:10 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/29 17:45:09 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\C. Duke\Local Settings\desktop.ini
[2009/05/29 17:40:13 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/29 17:37:44 | 00,012,295 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/29 17:37:20 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/29 17:37:02 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/29 17:36:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/29 17:36:53 | 32,196,40320 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/29 13:42:33 | 00,000,418 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/05/29 09:56:42 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Microsoft Office Word 2003.lnk
[2009/05/29 08:12:05 | 00,000,624 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\NTREGOPT.lnk
[2009/05/29 08:12:05 | 00,000,605 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\ERUNT.lnk
[2009/05/29 07:58:26 | 00,358,072 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Malware and Spyware Cleanin...pdf
[2009/05/29 00:57:14 | 00,000,976 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Spybot - Search & Destroy.lnk
[2009/05/28 23:48:35 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\C. Duke\Desktop\OTListIt2.exe
[2009/05/28 11:28:19 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/05/28 11:13:21 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\BitPim.lnk
[2009/05/28 09:10:15 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\DVDFab 6.lnk
[2009/05/28 06:43:10 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/28 03:26:13 | 00,000,889 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\TMPGEnc DVD Author 1.6.lnk
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/24 19:45:49 | 00,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/05/23 05:30:54 | 00,013,040 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\To Do.rtf
[2009/05/23 04:19:22 | 00,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/05/23 04:19:22 | 00,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2009/05/23 04:17:47 | 00,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[2009/05/22 14:09:39 | 00,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE
[2009/05/21 01:51:26 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/15 01:27:43 | 00,000,344 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/05/14 13:41:24 | 00,000,643 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/14 13:41:24 | 00,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/14 13:41:24 | 00,000,223 | RHS- | M] () -- C:\boot.ini
[2009/05/14 13:03:05 | 00,001,671 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\BFD2.lnk
[2009/05/14 02:22:35 | 00,001,841 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Lightroom.lnk
[2009/05/13 21:02:03 | 00,000,643 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Audacity.lnk
[2009/05/09 22:57:50 | 00,001,777 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\SpeedBit Video Accelerator.lnk
[2009/05/09 22:38:31 | 00,479,298 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbocx.ocx
[2009/05/09 22:38:31 | 00,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2009/05/09 22:38:31 | 00,050,688 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2009/05/09 17:06:17 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/05/09 15:06:11 | 00,000,803 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2009/05/09 13:41:23 | 00,000,713 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Inkscape.lnk
[2009/05/09 13:31:05 | 00,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2009/05/09 10:48:50 | 00,001,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/05/09 10:40:57 | 01,223,168 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\RapidUploader.exe
[2009/05/07 02:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/05 02:58:29 | 00,000,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2009/05/05 02:58:26 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/05/05 02:55:46 | 00,000,336 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/05/05 02:22:07 | 00,125,252 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2009/05/04 03:18:46 | 00,000,723 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Scanner and Camera Wizard.lnk
[2009/05/01 05:43:34 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\C. Duke\Application Data\AutoGK.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >



OTListIT Extras Log:
OTListIt Extras logfile created on: 5/29/2009 5:56:09 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\C. Duke\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 139.80 Gb Free Space | 60.03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.88 Gb Total Space | 70.21 Gb Free Space | 30.15% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 36.21 Gb Free Space | 15.55% Space Free | Partition Type: NTFS
Drive H: | 298.09 Gb Total Space | 64.03 Gb Free Space | 21.48% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: OFFICE
Current User Name: C. Duke
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent (McAfee, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{147567F0-8575-4BE0-B5B3-62706C67FA5A}" = EZXCocktail
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29D3773E-54F4-23C2-D523-236A4453B844}_is1" = FileAlyzer
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{379BD39E-F13E-458F-96D8-56BD7F2CC516}" = M-Audio Series II MIDI
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}" = EZdrummer
"{4B9B1B84-FEC0-46D5-BDB9-832565779422}" = CheckIt Diagnostics
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = AsusUpdate
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5EC786D5-C0CA-42E0-AF88-5379EF9D91EC}" = First Step Guide
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}" = Norton Utilities
"{6B568B64-0BDE-4FB2-A1AB-8A41DF033C57}" = Ai Gear
"{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks Basic Edition
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A819E7-4146-B9EA-1292-C4A77F657B4E}" = eBay Desktop
"{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Lexmark Fax Solutions
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77364F85-6219-4CB8-AAA0-6D53368D683D}" = Connection Keep Alive
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{777A3891-D6D4-4C83-9367-FA45D40D40F3}" = Mavis Beacon Teaches Typing Deluxe 17
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Seagate DiscWizard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92948172-2857-44BA-B254-5E23AE251C86}" = MT4.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95264530-5A22-8E7E-FE9D-D63A927BCAEA}" = Adobe Media Player
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98EFD8F0-08DE-48DB-B922-A2EBAB711033}" = Nero 7 Ultra Edition
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9CD89DD7-234A-4801-9D87-3DE352E146A0}" = TMPGEnc DVD Author 1.6
"{9E23C48E-5483-4971-BA50-089F2FABCD66}" = Norton SystemWorks
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}" = SPIF215 USB to SATA Bridge 98 Driver Installer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B41FCFEE-EA00-496C-8387-82E730E334FD}" = eyeQ
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BEF3EFE7-5159-436D-9BF0-CCC633179EB4}" = EVGA Display Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C239BCD7-882A-478F-A5CF-DDEB074A4291}" = eBook Library by Sony
"{CA31120D-2101-484D-9FF1-195DE96FE346}" = Norton Cleanup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}" = MSRedist
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2216699-EA02-4B85-BAB1-1DF34C4BDF9D}" = Ai Nap
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EED085D5-A3FA-4FB2-BC93-48C1194E6E26}" = Adobe Photoshop Lightroom
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4974D95-0FFE-4150-8A6D-8439E25234A5}" = YouSendIt Office Family Add-in
"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.6
"{FB55BB78-2BC2-43E9-80FF-517A8D1AE3AD}" = Norton SystemWorks
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"{FFC06EE3-F79F-40A4-AFD4-3E2DA4DC4144}" = Teaching-you Job Interview Skills
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Antares Autotune DX v4.12" = Antares Autotune DX v4.12
"Antares Filter VST DX v1.0" = Antares Filter VST DX v1.0
"Antares Microphone Modeler - ZONE" = Antares Microphone Modeler - ZONE
"Antares Microphone Modeler DX v1.32" = Antares Microphone Modeler DX v1.32
"Ask & Record Toolbar4.00 Public Beta 1" = Ask & Record Toolbar 4.00 Public Beta 1
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"AutoGK" = Auto Gordian Knot 2.55
"AutoHotkey" = AutoHotkey 1.0.48.01
"AviSynth" = AviSynth 2.5
"BitLord" = BitLord 1.1
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.2.2
"DVDFab 6_is1" = DVDFab 6.0.1.0 (May 15, 2009)
"DVDFab Decrypter_is1" = DVDFab Decrypter 3.0.5.0
"dvdSanta 4.00 - Create Your Own DVD Movies!_is1" = dvdSanta 4.00
"EasyJob Resume Builder_is1" = EasyJob Resume Builder 4.67.2318
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"ERUNT_is1" = ERUNT 1.1j
"FILE RECOVERY for WindowsNSIS" = FILE RECOVERY for Windows
"Flickr Uploadr" = Flickr Uploadr 3.1.4
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder Toolbar3.02" = Freecorder Toolbar 3.02 Application
"Freecorder_1.0" = Freecorder 2.3 (with Skype Call Recording)
"Google Updater" = Google Updater
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Inkscape" = Inkscape 0.46
"InstallShield_{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Lexmark Fax Solutions
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{F4974D95-0FFE-4150-8A6D-8439E25234A5}" = YouSendIt Office Family Add-in
"IrfanView" = IrfanView (remove only)
"IZotope Trash DX VST RTAS v1.07" = IZotope Trash DX VST RTAS v1.07
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.6
"Lexmark 2200 Series" = Lexmark 2200 Series
"LG USB Drivers" = LG USB Drivers
"Live 5.2.2" = Live 5.2.2
"Live 6.0.11" = Live 6.0.11
"Live 7.0.15" = Live 7.0.15
"Live Lite 4 for M-Audio 4.0.4" = Live Lite 4 for M-Audio 4.0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.13
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mmmusic" = Movie Maker Background Music Files
"mmsounds" = Movie Maker Sound Effects
"mmtitle" = Movie Maker Title Images
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"nanoPEG-Editor 2.6.0 for WinTV_is1" = nanoPEG-Editor 2.6.0 for WinTV
"NASDAK OmniMouse Driver" = OmniMouse Driver 4.06
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nomad Factory Blue Tubes Bundle v2.0" = Nomad Factory Blue Tubes Bundle v2.0
"Nomad Factory Liquid Bundle VST v1.6" = Nomad Factory Liquid Bundle VST v1.6
"Nomad Factory Rock Amp Legends VST v1.0" = Nomad Factory Rock Amp Legends VST v1.0
"NVIDIA Drivers" = NVIDIA Drivers
"Omni Omni keyboard driver" = Omni keyboard driver 5.0
"PeerGuardian_is1" = PeerGuardian 2.0
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 6.0" = RealPlayer
"Reason_is1" = Reason 3.0
"ReBirth ModPacker" = ReBirth ModPacker
"ReBirth RB-338 2.0" = ReBirth RB-338 2.0
"Replay Media Catcher 3.01" = Replay Media Catcher 3.01
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"ShalSoft.GigaTribe_is1" = GigaTribe 2.52
"Soulseek2" = SoulSeek 157 NS 13d
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedFan" = SpeedFan (remove only)
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Steinberg Cubase SL 2" = Steinberg Cubase SL 2
"Steinberg Groove Agent 2" = Steinberg Groove Agent 2
"Steinberg Groove Agent 2 v2.0.0.28" = Steinberg Groove Agent 2 v2.0.0.28
"Steinberg HALion v3.1.0.947" = Steinberg HALion v3.1.0.947
"Steinberg Hypersonic v1.12.808" = Steinberg Hypersonic v1.12.808
"Steinberg Ultravoice v1.02" = Steinberg Ultravoice v1.02
"Steinberg Voice Designer v1.03" = Steinberg Voice Designer v1.03
"SteinbergMI4" = Steinberg MI4 Setup
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"SymSetup.{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks (Symantec Corporation)
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"Torrent Episode Downloader 0.96" = Torrent Episode Downloader
"VLC media player" = VLC media player 0.9.9
"VobSub" = VobSub v2.23 (Remove Only)
"Waves Diamond Bundle 4.05" = Waves Diamond Bundle 4.05
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMBK2" = Windows Media Bonus Pack for Windows XP
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/29/2009 11:17:26 AM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 12:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 1:17:26 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 2:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 3:17:36 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 4:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 5:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 6:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 6:52:14 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =

Error - 5/29/2009 6:53:52 PM | Computer Name = OFFICE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x049f3abf.

[ System Events ]
Error - 5/29/2009 3:55:18 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 239 minutes. NtpClient has no source of accurate
time.

Error - 5/29/2009 6:37:26 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7000
Description = The Nsynas32 service failed to start due to the following error: %%2

Error - 5/29/2009 6:37:31 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 5/29/2009 6:37:31 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 5/29/2009 6:37:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 5/29/2009 6:37:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 5/29/2009 6:39:44 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the McAfee SystemGuards service
to connect.

Error - 5/29/2009 6:39:44 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7000
Description = The McAfee SystemGuards service failed to start due to the following
error: %%1053

Error - 5/29/2009 6:52:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 5/29/2009 6:52:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.


< End of report >

Still waiting for help as of 6-2-09

Edited by malwarekiller, 02 June 2009 - 02:24 PM.

  • 0

Advertisements


#2
malwarekiller

malwarekiller

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I forgot to mention that I am constantly getting the windows explorer shutdown message where it says it shutting it down for your protection. Forgot what it was called exactly.
  • 0

#3
malwarekiller

malwarekiller

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Update.
I suspected that ThreatFire might have been blocking things. I recently was fooling with the setting it it and made it so it showed warnings for just about everything and aksed me what to do. I guess I denied one or two things and that's why McAfee or Word would just flash it's interface across the screen and disappear. So, I unstalled and reinstalled ThreatFire and now I can bring up McAfee, Word, System Restore and ThreatFire itself.

I tried doing a system restore but it won't restore to a previous point which I had noticed before I had this current issue that I came here for and I still get the Data Execution Prevention messages. I do have the Data Execution Prevention messages set to all programs and services. Maybe I should have it set to only Windows operating system programs and services.

I still want to check if my system is clean and make sure I don't have any missing .dlls or registry items since I may have deleted something to that effect accidentlly when previously messing around in Spybot Search and Destroy's settings.
  • 0

#4
malwarekiller

malwarekiller

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Is no one gonna help me and tell me if my scans look okay?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP