Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Generic Host Process for Win32 Services Error


  • Please log in to reply

#1
sosa21

sosa21

    Member

  • Member
  • PipPip
  • 41 posts
Hello there, I'm attempting to repair a computer that had some malware / spyware (Think WinAntiVirus Pro) and after using malware bytes to remove things, also running spybot, ad-aware, avg etc I'm left with a Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience popup when I boot or restart thec computer.

AppName: svchost.exe AppVer: 5.1.2600.2180 ModName: unknown
ModVer: 0.0.0.0 Offset: 00406a05

Here are some logs of programs I have ran. Would appreciate any help!

OTL logfile created on: 7/16/2009 11:39:20 AM - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\User\Desktop\Spyware Tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 197.11 Mb Available Physical Memory | 38.65% Memory free
860.84 Mb Paging File | 575.16 Mb Available in Paging File | 66.81% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 20.26 Gb Free Space | 59.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WVR3
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\User\Desktop\Spyware Tools\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (gupdate1c9eecb7fa03f70 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (KodakCCS [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\KodakCCS.exe (Eastman Kodak Company)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (WinVNC4 [Auto | Stopped]) -- File not found

========== Driver Services (SafeList) ==========

DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ASCTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (bcm4sbxp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DcCam [System | Running]) -- C:\WINDOWS\System32\DRIVERS\DcCam.sys (Eastman Kodak Company)
DRV - (DcFpoint [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\DcFpoint.sys (Eastman Kodak Company)
DRV - (DCFS2K [Auto | Running]) -- C:\WINDOWS\System32\drivers\dcfs2k.sys (Eastman Kodak Company)
DRV - (DcLps [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\DcLps.sys (Eastman Kodak Company)
DRV - (DcPTP [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\DcPTP.sys (Eastman Kodak Company)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (Exportit [System | Stopped]) -- C:\WINDOWS\System32\DRIVERS\exportit.sys (Eastman Kodak Company)
DRV - (grmnusb [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\grmnusb.sys (GARMIN Corp.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (omci [System | Running]) -- C:\WINDOWS\System32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (senfilt [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.westernviewrealestate.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.westernvi...ealestate.com/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/01 14:07:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/01 14:06:58 | 00,000,000 | ---D | M]

[2009/07/01 14:08:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\mozilla\Extensions
[2009/07/01 14:08:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/01 14:08:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\mozilla\Firefox\Profiles\ezmdrhap.default\extensions
[2009/07/01 14:06:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/01 14:06:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/24 07:26:10 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/24 07:26:11 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/06/24 07:26:12 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/06/24 05:27:00 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/06/24 05:27:00 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/06/24 05:27:00 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/06/24 05:27:00 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/06/24 05:27:00 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/06/24 05:27:00 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/06/24 05:27:00 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (23 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] File not found
O4 - HKLM..\RunOnceEx: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} http://photo.walmart...ploadClient.cab (FujifilmUploader Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1c93572e-a1ba-11db-b655-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{1c93572e-a1ba-11db-b655-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1c93572e-a1ba-11db-b655-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/07/16 11:17:19 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009/07/16 11:17:19 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2009/07/16 11:17:16 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009/07/16 11:17:16 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2009/07/16 11:16:55 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009/07/16 11:16:55 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009/07/16 11:16:43 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/07/16 11:16:43 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009/07/16 10:47:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/07/16 10:25:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/07/16 10:25:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/07/16 10:25:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/07/16 10:24:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/07/16 10:19:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/07/16 10:11:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/07/16 10:11:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009/07/16 09:18:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/07/16 09:18:56 | 00,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2009/07/16 09:18:52 | 00,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2009/07/16 09:18:51 | 00,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2009/07/16 09:18:50 | 00,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2009/07/16 09:18:49 | 00,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2009/07/16 09:18:49 | 00,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2009/07/16 09:18:48 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2009/07/16 09:18:43 | 00,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2009/07/16 09:18:40 | 00,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2009/07/16 09:18:39 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2009/07/16 09:18:38 | 00,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2009/07/16 09:18:36 | 00,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2009/07/16 09:18:34 | 00,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2009/07/16 09:18:33 | 00,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2009/07/16 09:18:33 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2009/07/16 09:18:28 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2009/07/16 09:18:27 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2009/07/16 09:18:26 | 00,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2009/07/16 09:18:25 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2009/07/16 09:16:44 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2009/07/15 15:14:51 | 53,484,3392 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/15 14:27:00 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/07/15 13:25:12 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/07/15 13:16:23 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/07/15 13:16:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/07/15 13:12:22 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2009/07/15 13:09:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/07/15 11:16:13 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/07/15 10:35:35 | 00,000,444 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/07/15 10:31:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2009/07/15 10:31:26 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/15 10:31:25 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/15 10:31:25 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/15 10:31:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/07/15 10:26:33 | 00,000,000 | ---D | C] -- C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2009/07/15 10:26:32 | 00,000,000 | ---D | C] -- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2009/07/15 10:26:32 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009/07/15 10:26:31 | 00,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2009/07/01 14:10:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Downloads
[2009/07/01 14:07:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
[2009/07/01 14:07:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Mozilla
[2009/07/01 14:07:14 | 00,001,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/07/01 14:06:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/06/30 20:02:27 | 00,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/06/30 20:02:26 | 00,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/06/16 15:54:32 | 00,001,868 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2008/11/14 10:23:03 | 00,000,196 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2008/11/14 10:22:58 | 00,000,942 | ---- | C] () -- C:\WINDOWS\_isenv31.ini
[2008/11/14 10:22:58 | 00,000,521 | ---- | C] () -- C:\WINDOWS\_iserr31.ini
[2008/11/13 14:21:49 | 00,000,685 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008/10/21 09:51:23 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/01/09 15:40:50 | 00,000,142 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2006/01/09 15:40:49 | 00,003,399 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2006/01/09 15:40:16 | 00,749,568 | R--- | C] () -- C:\WINDOWS\System32\agissi.dll
[2006/01/09 15:40:12 | 11,157,504 | R--- | C] () -- C:\WINDOWS\System32\zhhp_res.dll
[2006/01/09 15:40:11 | 00,114,688 | R--- | C] () -- C:\WINDOWS\System32\vshp2600.dll
[2006/01/09 14:46:52 | 00,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.User.ini
[2005/12/27 16:23:28 | 00,000,060 | ---- | C] () -- C:\WINDOWS\VistaEmail.ini
[2005/02/17 18:55:20 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/02/17 18:39:44 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/17 18:03:50 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/10/15 18:56:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 13:04:08 | 00,000,573 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2004/08/10 12:57:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2004/08/04 05:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/10/28 16:42:30 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2000/09/08 18:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/07/16 11:23:27 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/07/16 11:22:45 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/16 11:22:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/16 11:22:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/07/16 11:22:30 | 53,484,3392 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/16 11:06:39 | 04,841,926 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2009/07/16 10:52:19 | 00,000,573 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/07/16 10:52:19 | 00,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2009/07/16 10:52:19 | 00,000,211 | RHS- | M] () -- C:\BOOT.INI
[2009/07/16 10:51:57 | 00,384,596 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/07/16 10:51:57 | 00,054,280 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/07/16 10:51:56 | 00,445,630 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/16 10:49:52 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/07/16 10:47:06 | 00,120,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/16 10:17:05 | 00,250,048 | RHS- | M] () -- C:\NTLDR
[2009/07/16 10:07:03 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/16 09:41:05 | 00,002,521 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Outlook.lnk
[2009/07/16 09:35:55 | 38,217,554 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/07/15 21:33:04 | 00,032,011 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/07/15 16:18:33 | 00,000,441 | ---- | M] () -- C:\Documents and Settings\User\Desktop\WVR 1 Documents.lnk
[2009/07/15 13:25:13 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/07/15 10:35:35 | 00,000,444 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/07/13 15:40:55 | 05,197,824 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/07/13 15:40:54 | 03,390,464 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/10 18:30:00 | 00,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (1) (WVR3-User).job
[2009/07/10 09:16:25 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk
[2009/07/07 09:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/07/03 08:49:08 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/07/03 08:49:07 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/07/01 14:07:14 | 00,001,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/06/29 20:47:21 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/06/26 08:12:44 | 00,327,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/06/26 08:12:43 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/06/26 08:12:42 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/06/17 15:12:02 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\User\My Documents\List.xls
[2009/06/16 15:54:32 | 00,001,868 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
< End of report >


OTL Extras logfile created on: 7/16/2009 11:39:20 AM - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\User\Desktop\Spyware Tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 197.11 Mb Available Physical Memory | 38.65% Memory free
860.84 Mb Paging File | 575.16 Mb Available in Paging File | 66.81% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 20.26 Gb Free Space | 59.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WVR3
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater ()
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare ()
D:\SETUP.EXE:*:Enabled:Setup File not found
C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe File not found
C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe File not found
C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe File not found
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Documents and Settings\User\Local Settings\Temp\hp_webrelease\setup\HPZnet01.exe:*:Enabled:hpznet01.exe File not found
C:\Documents and Settings\User\Local Settings\Temp\hp_webrelease\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe File not found
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe ()
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe (Hewlett-Packard Development Company, L.P.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237a4b21-78c1-11d6-a394-00104bd190b1}" = QuickBooks Basic Edition 2003
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2}" = MapSource
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}" = HLPSFO
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{901D1286-529B-48A9-8DDD-4A60CF9E9BF1}" = H&R Block Tax Offer
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0F584A7-B0C2-4D90-9580-15456B9CF63C}" = MapSource - Trip & Waypoint Manager v2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CDE4CC8B-134B-421E-943C-90799E56F664}" = Dell Media Experience Update
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}" = ESSEMAIL
"Ad-Aware" = Ad-Aware
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG8Uninstall" = AVG 8.5
"Chuzzle Deluxe" = Chuzzle Deluxe (remove only)
"HijackThis" = HijackThis 2.0.2
"HP-Color LaserJet 2600n" = Color LaserJet 2600n
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"InstallShield_{A0F584A7-B0C2-4D90-9580-15456B9CF63C}" = MapSource - Trip & Waypoint Manager v2
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"Magic Vines" = Magic Vines (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5)" = Mozilla Firefox (3.5)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"RealVNC_is1" = VNC Free Edition 4.1.1
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Super SpongeBob Collapse!" = Super SpongeBob Collapse!
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/15/2009 5:16:33 PM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/15/2009 6:10:47 PM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 10:54:54 AM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 11:29:10 AM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 11:43:03 AM | Computer Name = WVR3 | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Word.

Error - 7/16/2009 11:58:16 AM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 12:49:48 PM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 12:54:41 PM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 1:15:40 PM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

Error - 7/16/2009 1:23:17 PM | Computer Name = WVR3 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00406a05.

[ System Events ]
Error - 7/15/2009 1:08:08 PM | Computer Name = WVR3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/15/2009 1:10:14 PM | Computer Name = WVR3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error - 7/15/2009 3:21:52 PM | Computer Name = WVR3 | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 7/15/2009 3:26:50 PM | Computer Name = WVR3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/15/2009 3:26:53 PM | Computer Name = WVR3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 Fips intelppm

Error - 7/15/2009 5:13:28 PM | Computer Name = WVR3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/15/2009 5:13:49 PM | Computer Name = WVR3 | Source = DCOM | ID = 10010
Description = The server {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C} did not register
with DCOM within the required timeout.

Error - 7/16/2009 11:39:18 AM | Computer Name = WVR3 | Source = DCOM | ID = 10010
Description = The server {00020906-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 7/16/2009 12:01:15 PM | Computer Name = WVR3 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Internet Explorer 8 for Windows XP.

Error - 7/16/2009 1:14:28 PM | Computer Name = WVR3 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 001143199BDB has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >


Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 2 Stepping 9, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 7.0.5730.13
Mozilla Firefox 3.5 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:34 Go - Free:20 Go )
D:\ [CD_Rom]
.
Scan : 12:07.25
Path : C:\Documents and Settings\User\Desktop\Spyware Tools\Rooter.exe
User : User ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (556)
______ \??\C:\WINDOWS\system32\csrss.exe (628)
______ \??\C:\WINDOWS\system32\winlogon.exe (652)
______ C:\WINDOWS\system32\services.exe (696)
______ C:\WINDOWS\system32\lsass.exe (708)
______ C:\WINDOWS\system32\svchost.exe (868)
______ C:\WINDOWS\system32\svchost.exe (936)
______ C:\WINDOWS\System32\svchost.exe (1032)
______ C:\WINDOWS\system32\svchost.exe (1096)
______ C:\WINDOWS\system32\svchost.exe (1216)
______ C:\WINDOWS\Explorer.EXE (1544)
______ C:\WINDOWS\system32\spoolsv.exe (1720)
______ C:\WINDOWS\system32\svchost.exe (112)
______ C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (544)
______ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (612)
______ C:\Program Files\Dell Support Center\bin\sprtsvc.exe (992)
______ C:\WINDOWS\system32\wdfmgr.exe (1372)
______ C:\PROGRA~1\AVG\AVG8\avgrsx.exe (152)
______ C:\PROGRA~1\AVG\AVG8\avgnsx.exe (212)
______ C:\WINDOWS\System32\alg.exe (2320)
______ C:\WINDOWS\system32\ctfmon.exe (2640)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2676)
______ C:\WINDOWS\system32\svchost.exe (3560)
______ C:\Program Files\Internet Explorer\iexplore.exe (3620)
______ C:\Documents and Settings\User\Desktop\Spyware Tools\Rooter.exe (832)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:57544704)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:57576960 | Length:36717649920)
\Device\Harddisk0\Partition3 (Start_Offset:36775226880 | Length:3216084480)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\Tasks\DESKTOP.INI
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (1) (WVR3-User).job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 12:08.14
.
C:\Rooter$\Rooter_1.txt - (16/07/2009 | 12:08.14)


Thanks!
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP