I was on my computer the other day and my ThreatFire popped up as stopping something from starting and from then on I can't bring up ThreatFire or McAfee. If I click on the icon for either one the interface comes up and blinks off right away. I did scans with Ad-Aware, Malwarebytes, Spybot Search and Destroy,Windows Defender and Windows Malicious Software Removal Tool and nothing was found. I can't use my SUPERAntiSpyware either. It says it's downloading new updates when I click on it and shows the splash screen after the progress bar is done and then nothing. It won't bring up the interface.
I can't click on System Restore either it gives me this message, "Windows cannot access the specified devise, path or file. You may not have the appropriate permissions to access the item".
I also cannot brink up Word. It also shows then disappears right away.
So, I followed you instructions and when I did the TFC and reboot I was able to bring up those programs that would show a flash of the interface and disappear and do the scan with McAfee and ThreatFire to which they did not detect anything but the second time I tried to use TFC and reboot so I can bring those programs up I was not able to.
Several days earlier I was in my Spybot Search and destroy program and went into "Tools" and ran somekind of registry check that I never tried before in the program. It found some things that had wrong path names etc. I clicked on the fix button and I was a little unsure of what was going on when things kept coming up for me to click on so I closed the program. Perhaps I may have deleted somethings before doing so. I'm not sure if that might be anything to do with this or not. I can post a screenshot of what that program is saying is wrong in the registry as of now if you'd like. Is there a way to check the registry to see if it has missing .dll files or whatever as well?
Let me know if you want post from any of the other anti-spyware scans I did.
Here are my results log post for what was asked in the sticky.
Malwarebytes' Anti-Malware 1.37
Database version: 2192
Windows 5.1.2600 Service Pack 3
5/29/2009 9:00:10 AM
mbam-log-2009-05-29 (09-00-10).txt
Scan type: Quick Scan
Objects scanned: 86986
Time elapsed: 4 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Rooter Log:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:238464 Mo/Free:3888 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:238472 Mo/Free:2258 Mo)
G:\ [Fixed] - NTFS - (Total:238472 Mo/Free:215 Mo)
H:\ [Fixed] - NTFS - (Total:305243 Mo/Free:35 Mo)
Fri 05/29/2009|17:49
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\WINDOWS\system32\LEXBCES.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\LEXPPS.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
---------- C:\Program Files\LSI SoftModem\agrsmsvc.exe
---------- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
---------- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
---------- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
---------- C:\Program Files\McAfee\MPF\MPFSrv.exe
---------- C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\IoctlSvc.exe
---------- C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\ThreatFire\TFService.exe
---------- C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- c:\WINDOWS\system32\ZuneBusEnum.exe
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- c:\PROGRA~1\mcafee.com\agent\mcagent.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\ASUS\Ai Nap\AiNap.exe
---------- C:\Program Files\ThreatFire\TFTray.exe
---------- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
---------- C:\WINDOWS\AGRSMMSG.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\Program Files\Analog Devices\Core\smax4pnp.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
---------- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
---------- C:\WINDOWS\system32\SearchProtocolHost.exe
---------- C:\WINDOWS\system32\SearchFilterHost.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - Fri 05/29/2009|17:50
----------------------\\ Scan completed at 17:50
OTListIT Log:
OTListIt logfile created on: 5/29/2009 5:56:09 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\C. Duke\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 139.80 Gb Free Space | 60.03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.88 Gb Total Space | 70.21 Gb Free Space | 30.15% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 36.21 Gb Free Space | 15.55% Space Free | Partition Type: NTFS
Drive H: | 298.09 Gb Total Space | 64.03 Gb Free Space | 21.48% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: OFFICE
Current User Name: C. Duke
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\Speed Disk\NOPDB.exe (Symantec Corporation)
PRC - C:\Program Files\ThreatFire\TFService.exe (PC Tools)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
PRC - c:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe (Speedbit Ltd.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\ASUS\Ai Nap\AiNap.exe ()
PRC - C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
PRC - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\C. Duke\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (0101621241885690mcinstcleanup [Auto | Stopped]) -- File not found
SRV - (AcrSch2Svc [Auto | Running]) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (AgereModemAudio [Auto | Running]) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems)
SRV - (ASKUpgrade [Auto | Stopped]) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c9d0bd82e688b4 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (HauppaugeTVServer [Disabled | Stopped]) -- C:\Program Files\WinTV\HCWTVServer.exe (Hauppauge Computer Works)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (LiveUpdate [On_Demand | Running]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (MA_CMIDI_InstallerService [Auto | Running]) -- C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McNASvc [Auto | Running]) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (McODS [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy [Auto | Running]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NProtectService [Auto | Running]) -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service [Auto | Running]) -- C:\WINDOWS\system32\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (Sony SCSI Helper Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (Speed Disk service [Auto | Running]) -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\Speed Disk\NOPDB.exe (Symantec Corporation)
SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (ThreatFire [Auto | Running]) -- C:\Program Files\ThreatFire\TFService.exe (PC Tools)
SRV - (VideoAcceleratorService [Auto | Running]) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [Disabled | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (ZuneBusEnum [Auto | Running]) -- c:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc [Disabled | Stopped]) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc [On_Demand | Stopped]) -- c:\WINDOWS\system32\ZuneWlanCfgSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (AsIO [System | Running]) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (CLEDX [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\cledx.sys (Team H2O)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elagopro [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\elagopro.sys (Gteko Ltd.)
DRV - (elaunidr [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\elaunidr.sys (Gteko Ltd.)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (giveio [Boot | Running]) -- C:\WINDOWS\system32\giveio.sys ()
DRV - (hcwPP2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hcwPP2.sys (Hauppauge Computer Works, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (imagedrv [Boot | Running]) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (imagesrv [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (MagicTune [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MTiCtwl.sys ()
DRV - (MA_CMIDI [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ma_cmidi.sys (M-Audio)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfesmfk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (MI4AUDIO [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MI4Audio.sys (usb-audio.de)
DRV - (MI4MIDEV01 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mi4midi.sys (Steinberg Media Technologies)
DRV - (MI4USB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\MI4USB.sys (Steinberg)
DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (NPDriver [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\NPDRIVER.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvata [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (pcouffin [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SDdriver [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\sddriver.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SenFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Senfilt.sys (Sensaura)
DRV - (snapman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (SONYPVU1 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (speedfan [Boot | Running]) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (TfFsMon [Boot | Running]) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)
DRV - (TfNetMon [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)
DRV - (TfSysMon [Boot | Running]) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)
DRV - (tifsfilter [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (timounter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (WinUSB [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\WinUSB.sys (Microsoft Corporation)
DRV - (zumbus [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\zumbus.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...rchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.10
FF - prefs.js..extensions.enabledItems: {62760FD6-B943-48C9-AB09-F99C6FE96088}:1.6.11
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:1.5.41.0
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.12
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.2.0.0
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:0.9945
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.1
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.1
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {ab1c90b8-303d-3736-a28e-0433853da20b}:2.0.1
FF - prefs.js..extensions.enabledItems: {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090325
FF - prefs.js..extensions.enabledItems: youplayer@addons.mozilla.org:0.9.8
FF - prefs.js..extensions.enabledItems: {7ef7f4d6-947d-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.5.2
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:2.95
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/16 08:20:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/20 01:50:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/04/29 01:48:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/05/22 11:29:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 00:12:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 00:12:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/04/29 01:48:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2009/04/29 01:48:50 | 00,000,000 | ---D | M]
[2009/04/29 04:42:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions
[2009/04/29 04:42:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
[2009/04/15 23:19:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/16 03:49:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Extensions\uploadr@flickr.com
[2009/05/28 11:20:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions
[2009/04/16 16:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/04/17 01:45:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/04/16 00:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2009/04/29 07:00:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2009/05/06 13:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/04/16 16:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009/05/07 15:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/04/16 16:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009/04/16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3}
[2009/05/07 15:15:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/04/16 00:36:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/04/23 21:01:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2009/04/16 00:37:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/04/16 16:16:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/04/16 00:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
[2009/04/16 00:05:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/04/16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{ab1c90b8-303d-3736-a28e-0433853da20b}
[2009/04/16 16:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2009/04/16 01:11:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2009/04/29 06:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/05/07 15:15:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\isreaditlater@ideashower.com
[2009/04/16 16:16:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\max@subfighter.com
[2009/04/20 10:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\piclens@cooliris.com
[2009/04/16 00:29:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\redshift_V2@shift-themes.com
[2009/04/16 16:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\smartbookmarksbar@remy.juteau
[2009/04/16 16:16:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\C. Duke\Application Data\mozilla\Firefox\Profiles\l7sucgv8.default\extensions\youplayer@addons.mozilla.org
[2009/05/28 09:59:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 00:12:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/20 01:50:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 00:12:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 00:12:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 13:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 13:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/05/27 16:45:02 | 00,000,912 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\conduit.xml
[2009/03/26 13:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 13:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 13:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 13:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 13:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - Reg Error: Key error. File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Nap\AiNap.exe" ()
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NSWosCheck] "C:\Program Files\Norton SystemWorks Basic Edition\osCheck.exe" (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()
O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1239853994804 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1239911772593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{1A49707C-E340-4BAA-AEF9-C22DCA01EDF8}\\NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/16 03:47:42 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/15 16:58:30 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{153f650a-29ee-11de-b5ee-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{153f650a-29ee-11de-b5ee-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{153f650a-29ee-11de-b5ee-806d6172696f}\Shell\AutoRun\command - "" = E:\Bin\Assetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/29 17:53:42 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[2009/05/29 17:49:19 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/29 17:40:12 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/29 08:24:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/29 08:21:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\RegBack
[2009/05/29 08:12:05 | 00,000,624 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\NTREGOPT.lnk
[2009/05/29 08:12:05 | 00,000,605 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\ERUNT.lnk
[2009/05/29 08:11:49 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/29 07:58:22 | 00,358,072 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Malware and Spyware Cleanin...pdf
[2009/05/28 23:49:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Desktop\Geeks To Go
[2009/05/28 23:48:24 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\C. Duke\Desktop\OTListIt2.exe
[2009/05/28 22:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\Scan Logs
[2009/05/28 11:13:21 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\BitPim.lnk
[2009/05/28 11:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\bitpim
[2009/05/28 11:12:07 | 00,000,000 | ---D | C] -- C:\Program Files\BitPim
[2009/05/28 09:10:15 | 00,000,631 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\DVDFab 6.lnk
[2009/05/28 09:10:06 | 00,000,000 | ---D | C] -- C:\Program Files\DVDFab 6
[2009/05/28 03:35:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\TMPGEnc MPEG Editor
[2009/05/28 03:35:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\Pegasys Inc
[2009/05/28 03:26:13 | 00,000,889 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\TMPGEnc DVD Author 1.6.lnk
[2009/05/28 03:19:47 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/28 03:11:30 | 00,000,000 | ---D | C] -- C:\Program Files\Pegasys Inc
[2009/05/24 11:57:39 | 00,000,294 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/05/24 10:42:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Desktop\Toby & Tigger
[2009/05/22 14:09:38 | 00,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2009/05/21 01:51:26 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/18 15:30:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\Cobra
[2009/05/14 13:59:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\My Documents\FXpansion
[2009/05/14 12:30:09 | 00,001,671 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\BFD2.lnk
[2009/05/14 12:19:04 | 00,000,000 | ---D | C] -- C:\Program Files\FXpansion
[2009/05/14 12:17:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\FXpansion
[2009/05/14 02:22:35 | 00,001,841 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Lightroom.lnk
[2009/05/13 21:32:47 | 00,013,040 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\To Do.rtf
[2009/05/13 21:02:03 | 00,000,643 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Audacity.lnk
[2009/05/13 21:02:01 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2009/05/13 18:02:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\iZotope
[2009/05/13 18:02:24 | 00,000,000 | ---D | C] -- C:\Program Files\iZotope
[2009/05/13 16:22:27 | 00,000,000 | ---D | C] -- C:\Program Files\Toontrack
[2009/05/09 22:57:50 | 00,001,777 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\SpeedBit Video Accelerator.lnk
[2009/05/09 22:57:41 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedBit Video Accelerator
[2009/05/09 22:38:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/05/09 22:38:31 | 00,479,298 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbocx.ocx
[2009/05/09 22:38:31 | 00,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2009/05/09 22:38:31 | 00,050,688 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2009/05/09 15:16:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\gtk-2.0
[2009/05/09 15:06:11 | 00,000,803 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2009/05/09 15:05:29 | 00,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2009/05/09 13:41:23 | 00,000,713 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Inkscape.lnk
[2009/05/09 13:40:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\Inkscape
[2009/05/09 13:34:44 | 00,000,000 | ---D | C] -- C:\Program Files\Inkscape
[2009/05/09 13:31:05 | 00,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2009/05/09 13:30:42 | 00,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2009/05/09 11:16:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Local Settings\Apps
[2009/05/09 10:49:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\C. Duke\Application Data\Google
[2009/05/09 10:48:50 | 00,001,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/05/09 10:43:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2009/05/09 10:43:07 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/05/09 10:40:54 | 01,223,168 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\RapidUploader.exe
[2009/05/05 02:58:36 | 00,012,295 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/05 02:58:29 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2009/05/05 02:58:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/05/05 02:58:26 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/05/05 02:56:01 | 00,033,832 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2009/05/05 02:56:00 | 00,201,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2009/05/05 02:56:00 | 00,079,304 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/05/05 02:56:00 | 00,040,488 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2009/05/05 02:56:00 | 00,035,240 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/05/05 02:55:56 | 00,113,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2009/05/05 02:55:47 | 00,000,344 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/05/05 02:55:46 | 00,000,336 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/05/05 02:55:37 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2009/05/05 02:55:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/05/05 02:55:29 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/05/05 02:35:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/05/05 02:22:03 | 00,125,252 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2009/05/04 03:18:46 | 00,000,723 | ---- | C] () -- C:\Documents and Settings\C. Duke\Desktop\Scanner and Camera Wizard.lnk
[2009/04/29 01:49:46 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/04/18 21:17:02 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/04/17 07:27:44 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/04/17 07:27:40 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/17 07:27:40 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/04/17 06:29:42 | 00,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast_sav.ini
[2009/04/17 06:29:42 | 00,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast.ini
[2009/04/17 06:27:36 | 00,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/04/17 06:27:21 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2009/04/17 06:26:22 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2009/04/17 06:25:48 | 00,007,225 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2009/04/17 06:25:28 | 00,066,048 | R--- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2009/04/16 17:37:09 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/16 05:53:28 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\eautil.dll
[2009/04/16 05:30:09 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/04/16 04:04:28 | 00,000,483 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/16 03:44:05 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/04/16 03:41:35 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/04/16 03:31:00 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/04/16 02:52:18 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2009/04/16 02:52:18 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2009/04/16 02:49:04 | 00,000,418 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/04/16 02:48:51 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbvvs.dll
[2009/04/16 02:48:30 | 00,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbvcoin.ini
[2009/04/16 01:59:46 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2009/04/16 01:58:42 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2009/04/16 00:52:51 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/04/16 00:52:51 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/04/16 00:52:51 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/04/16 00:52:51 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/04/16 00:51:36 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/04/15 22:36:54 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/04/15 22:36:54 | 00,005,685 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/04/15 22:30:11 | 00,027,347 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/04/15 22:14:04 | 00,000,402 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2009/04/15 22:14:03 | 00,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2009/04/15 22:12:07 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/04/15 22:11:38 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/01/25 16:10:48 | 00,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 00,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/02/28 07:00:00 | 00,000,643 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/02/28 07:00:00 | 00,000,435 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/05/08 16:08:10 | 00,000,068 | ---- | C] () -- C:\WINDOWS\System32\eyeQ Screen Saver.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 17:54:04 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[1996/04/03 14:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== Files - Modified Within 30 Days ==========
[2009/05/29 17:45:25 | 00,193,207 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/29 17:45:10 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/29 17:45:09 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\C. Duke\Local Settings\desktop.ini
[2009/05/29 17:40:13 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/29 17:37:44 | 00,012,295 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/29 17:37:20 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/29 17:37:02 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/29 17:36:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/29 17:36:53 | 32,196,40320 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/29 13:42:33 | 00,000,418 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/05/29 09:56:42 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Microsoft Office Word 2003.lnk
[2009/05/29 08:12:05 | 00,000,624 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\NTREGOPT.lnk
[2009/05/29 08:12:05 | 00,000,605 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\ERUNT.lnk
[2009/05/29 07:58:26 | 00,358,072 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Malware and Spyware Cleanin...pdf
[2009/05/29 00:57:14 | 00,000,976 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Spybot - Search & Destroy.lnk
[2009/05/28 23:48:35 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\C. Duke\Desktop\OTListIt2.exe
[2009/05/28 11:28:19 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/05/28 11:13:21 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\BitPim.lnk
[2009/05/28 09:10:15 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\DVDFab 6.lnk
[2009/05/28 06:43:10 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/28 03:26:13 | 00,000,889 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\TMPGEnc DVD Author 1.6.lnk
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/24 19:45:49 | 00,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/05/23 05:30:54 | 00,013,040 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\To Do.rtf
[2009/05/23 04:19:22 | 00,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/05/23 04:19:22 | 00,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2009/05/23 04:17:47 | 00,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[2009/05/22 14:09:39 | 00,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE
[2009/05/21 01:51:26 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/15 01:27:43 | 00,000,344 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/05/14 13:41:24 | 00,000,643 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/14 13:41:24 | 00,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/14 13:41:24 | 00,000,223 | RHS- | M] () -- C:\boot.ini
[2009/05/14 13:03:05 | 00,001,671 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\BFD2.lnk
[2009/05/14 02:22:35 | 00,001,841 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Lightroom.lnk
[2009/05/13 21:02:03 | 00,000,643 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Audacity.lnk
[2009/05/09 22:57:50 | 00,001,777 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\SpeedBit Video Accelerator.lnk
[2009/05/09 22:38:31 | 00,479,298 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbocx.ocx
[2009/05/09 22:38:31 | 00,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2009/05/09 22:38:31 | 00,050,688 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2009/05/09 17:06:17 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/05/09 15:06:11 | 00,000,803 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2009/05/09 13:41:23 | 00,000,713 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Inkscape.lnk
[2009/05/09 13:31:05 | 00,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2009/05/09 10:48:50 | 00,001,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/05/09 10:40:57 | 01,223,168 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\RapidUploader.exe
[2009/05/07 02:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/05 02:58:29 | 00,000,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2009/05/05 02:58:26 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/05/05 02:55:46 | 00,000,336 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/05/05 02:22:07 | 00,125,252 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2009/05/04 03:18:46 | 00,000,723 | ---- | M] () -- C:\Documents and Settings\C. Duke\Desktop\Scanner and Camera Wizard.lnk
[2009/05/01 05:43:34 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\C. Duke\Application Data\AutoGK.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
OTListIT Extras Log:
OTListIt Extras logfile created on: 5/29/2009 5:56:09 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\C. Duke\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 139.80 Gb Free Space | 60.03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.88 Gb Total Space | 70.21 Gb Free Space | 30.15% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 36.21 Gb Free Space | 15.55% Space Free | Partition Type: NTFS
Drive H: | 298.09 Gb Total Space | 64.03 Gb Free Space | 21.48% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: OFFICE
Current User Name: C. Duke
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{147567F0-8575-4BE0-B5B3-62706C67FA5A}" = EZXCocktail
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29D3773E-54F4-23C2-D523-236A4453B844}_is1" = FileAlyzer
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{379BD39E-F13E-458F-96D8-56BD7F2CC516}" = M-Audio Series II MIDI
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}" = EZdrummer
"{4B9B1B84-FEC0-46D5-BDB9-832565779422}" = CheckIt Diagnostics
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = AsusUpdate
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5EC786D5-C0CA-42E0-AF88-5379EF9D91EC}" = First Step Guide
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}" = Norton Utilities
"{6B568B64-0BDE-4FB2-A1AB-8A41DF033C57}" = Ai Gear
"{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks Basic Edition
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A819E7-4146-B9EA-1292-C4A77F657B4E}" = eBay Desktop
"{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Lexmark Fax Solutions
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77364F85-6219-4CB8-AAA0-6D53368D683D}" = Connection Keep Alive
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{777A3891-D6D4-4C83-9367-FA45D40D40F3}" = Mavis Beacon Teaches Typing Deluxe 17
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Seagate DiscWizard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92948172-2857-44BA-B254-5E23AE251C86}" = MT4.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95264530-5A22-8E7E-FE9D-D63A927BCAEA}" = Adobe Media Player
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98EFD8F0-08DE-48DB-B922-A2EBAB711033}" = Nero 7 Ultra Edition
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9CD89DD7-234A-4801-9D87-3DE352E146A0}" = TMPGEnc DVD Author 1.6
"{9E23C48E-5483-4971-BA50-089F2FABCD66}" = Norton SystemWorks
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}" = SPIF215 USB to SATA Bridge 98 Driver Installer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B41FCFEE-EA00-496C-8387-82E730E334FD}" = eyeQ
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BEF3EFE7-5159-436D-9BF0-CCC633179EB4}" = EVGA Display Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C239BCD7-882A-478F-A5CF-DDEB074A4291}" = eBook Library by Sony
"{CA31120D-2101-484D-9FF1-195DE96FE346}" = Norton Cleanup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}" = MSRedist
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2216699-EA02-4B85-BAB1-1DF34C4BDF9D}" = Ai Nap
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EED085D5-A3FA-4FB2-BC93-48C1194E6E26}" = Adobe Photoshop Lightroom
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4974D95-0FFE-4150-8A6D-8439E25234A5}" = YouSendIt Office Family Add-in
"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.6
"{FB55BB78-2BC2-43E9-80FF-517A8D1AE3AD}" = Norton SystemWorks
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"{FFC06EE3-F79F-40A4-AFD4-3E2DA4DC4144}" = Teaching-you Job Interview Skills
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Antares Autotune DX v4.12" = Antares Autotune DX v4.12
"Antares Filter VST DX v1.0" = Antares Filter VST DX v1.0
"Antares Microphone Modeler - ZONE" = Antares Microphone Modeler - ZONE
"Antares Microphone Modeler DX v1.32" = Antares Microphone Modeler DX v1.32
"Ask & Record Toolbar4.00 Public Beta 1" = Ask & Record Toolbar 4.00 Public Beta 1
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"AutoGK" = Auto Gordian Knot 2.55
"AutoHotkey" = AutoHotkey 1.0.48.01
"AviSynth" = AviSynth 2.5
"BitLord" = BitLord 1.1
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.2.2
"DVDFab 6_is1" = DVDFab 6.0.1.0 (May 15, 2009)
"DVDFab Decrypter_is1" = DVDFab Decrypter 3.0.5.0
"dvdSanta 4.00 - Create Your Own DVD Movies!_is1" = dvdSanta 4.00
"EasyJob Resume Builder_is1" = EasyJob Resume Builder 4.67.2318
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"ERUNT_is1" = ERUNT 1.1j
"FILE RECOVERY for WindowsNSIS" = FILE RECOVERY for Windows
"Flickr Uploadr" = Flickr Uploadr 3.1.4
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder Toolbar3.02" = Freecorder Toolbar 3.02 Application
"Freecorder_1.0" = Freecorder 2.3 (with Skype Call Recording)
"Google Updater" = Google Updater
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Inkscape" = Inkscape 0.46
"InstallShield_{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Lexmark Fax Solutions
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{F4974D95-0FFE-4150-8A6D-8439E25234A5}" = YouSendIt Office Family Add-in
"IrfanView" = IrfanView (remove only)
"IZotope Trash DX VST RTAS v1.07" = IZotope Trash DX VST RTAS v1.07
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.6
"Lexmark 2200 Series" = Lexmark 2200 Series
"LG USB Drivers" = LG USB Drivers
"Live 5.2.2" = Live 5.2.2
"Live 6.0.11" = Live 6.0.11
"Live 7.0.15" = Live 7.0.15
"Live Lite 4 for M-Audio 4.0.4" = Live Lite 4 for M-Audio 4.0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.13
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mmmusic" = Movie Maker Background Music Files
"mmsounds" = Movie Maker Sound Effects
"mmtitle" = Movie Maker Title Images
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"nanoPEG-Editor 2.6.0 for WinTV_is1" = nanoPEG-Editor 2.6.0 for WinTV
"NASDAK OmniMouse Driver" = OmniMouse Driver 4.06
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nomad Factory Blue Tubes Bundle v2.0" = Nomad Factory Blue Tubes Bundle v2.0
"Nomad Factory Liquid Bundle VST v1.6" = Nomad Factory Liquid Bundle VST v1.6
"Nomad Factory Rock Amp Legends VST v1.0" = Nomad Factory Rock Amp Legends VST v1.0
"NVIDIA Drivers" = NVIDIA Drivers
"Omni Omni keyboard driver" = Omni keyboard driver 5.0
"PeerGuardian_is1" = PeerGuardian 2.0
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 6.0" = RealPlayer
"Reason_is1" = Reason 3.0
"ReBirth ModPacker" = ReBirth ModPacker
"ReBirth RB-338 2.0" = ReBirth RB-338 2.0
"Replay Media Catcher 3.01" = Replay Media Catcher 3.01
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"ShalSoft.GigaTribe_is1" = GigaTribe 2.52
"Soulseek2" = SoulSeek 157 NS 13d
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedFan" = SpeedFan (remove only)
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Steinberg Cubase SL 2" = Steinberg Cubase SL 2
"Steinberg Groove Agent 2" = Steinberg Groove Agent 2
"Steinberg Groove Agent 2 v2.0.0.28" = Steinberg Groove Agent 2 v2.0.0.28
"Steinberg HALion v3.1.0.947" = Steinberg HALion v3.1.0.947
"Steinberg Hypersonic v1.12.808" = Steinberg Hypersonic v1.12.808
"Steinberg Ultravoice v1.02" = Steinberg Ultravoice v1.02
"Steinberg Voice Designer v1.03" = Steinberg Voice Designer v1.03
"SteinbergMI4" = Steinberg MI4 Setup
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"SymSetup.{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks (Symantec Corporation)
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"Torrent Episode Downloader 0.96" = Torrent Episode Downloader
"VLC media player" = VLC media player 0.9.9
"VobSub" = VobSub v2.23 (Remove Only)
"Waves Diamond Bundle 4.05" = Waves Diamond Bundle 4.05
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMBK2" = Windows Media Bonus Pack for Windows XP
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Zune" = Zune
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/29/2009 11:17:26 AM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 12:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 1:17:26 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 2:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 3:17:36 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 4:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 5:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 6:17:27 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 6:52:14 PM | Computer Name = OFFICE | Source = Google Update | ID = 20
Description =
Error - 5/29/2009 6:53:52 PM | Computer Name = OFFICE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x049f3abf.
[ System Events ]
Error - 5/29/2009 3:55:18 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 239 minutes. NtpClient has no source of accurate
time.
Error - 5/29/2009 6:37:26 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7000
Description = The Nsynas32 service failed to start due to the following error: %%2
Error - 5/29/2009 6:37:31 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 5/29/2009 6:37:31 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/29/2009 6:37:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 5/29/2009 6:37:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/29/2009 6:39:44 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the McAfee SystemGuards service
to connect.
Error - 5/29/2009 6:39:44 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7000
Description = The McAfee SystemGuards service failed to start due to the following
error: %%1053
Error - 5/29/2009 6:52:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 5/29/2009 6:52:46 PM | Computer Name = OFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
< End of report >
Still waiting for help as of 6-2-09
Edited by malwarekiller, 02 June 2009 - 02:24 PM.