After my computer started acting strange I ran Spyware Doctor, which found a TrojanVX2 Look2me infection. Spyware Doctor would delete it but when I restarted my computer it would appear again along with a lot of other low level spyware. At that time it also prevented Malwarebytes and Super AntiSpyware from accessing the internet and updating. I also had downloaded Avira and Avast but everytime I tried to run the setup for them it failed because they could not access the internet.
So I downloaded AVG and ran it, but it didn't find anything. An online scan with Bit Defender did find something and deleted it. That allowed my antivirus and antispyware programs to access the internet. I ran Avast but it didn't find anything. I uninstalled Avast and tried Avira. It found a couple of infections and deleted them. Spyware Doctor then was able to delete TrojanVX2 Look2me but my computer still gets filled up with new low level spyware infections every time I restart the computer.
Now my computer works a little better but it still gets bogged down and locks up after I use it for a short time. Malwarbytes doesn't find anything. Neither does Super AntiSpyware. Spyware Doctor finds and deletes spyware but every time I restart my computer it's back, even if I didn't surf any web pages. I'm in the process of going through the online scans but they are difficult to complete because my computer keeps slowing down then freezing.
Here are my logs:
Root Repeal
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/24 00:37
Program Version: Version 1.3.2.0
Windows Version: Windows Vista SP1
==================================================
Drivers
-------------------
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x9073C000 Size: 778240 File Visible: No Signed: -
Status: -
Name: mchInjDrv.sys
Image Path: C:\Windows\system32\Drivers\mchInjDrv.sys
Address: 0xAD383000 Size: 2560 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xAD3AF000 Size: 49152 File Visible: No Signed: -
Status: -
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\audiodg.exe
PID: 1180 Status: Locked to the Windows API!
SSDT
-------------------
#: 064 Function Name: NtCreateKey
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec87a6
#: 072 Function Name: NtCreateProcess
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec5794
#: 073 Function Name: NtCreateProcessEx
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec5f1e
#: 078 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x8d8f0574
#: 123 Function Name: NtDeleteKey
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec91f0
#: 126 Function Name: NtDeleteValueKey
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec942a
#: 194 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x8d8f0560
#: 201 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x8d8f0565
#: 267 Function Name: NtRenameKey
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8feca12a
#: 324 Function Name: NtSetValueKey
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec983c
#: 334 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0x90695f20
#: 358 Function Name: NtWriteVirtualMemory
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec4384
#: 383 Function Name: NtCreateUserProcess
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8fec66b6
==EOF==
OTL
OTL logfile created on: 7/24/2009 12:40:03 AM - Run 1
OTL by OldTimer - Version 3.0.10.2 Folder = C:\Users\Jim\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 107.29 Gb Free Space | 37.58% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.36 Gb Free Space | 43.65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JIM-PC
Current User Name: Jim
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2008/09/23 23:09:52 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2007/09/20 14:31:10 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\aestsrv.exe
PRC - [2009/05/11 10:15:50 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/09/30 11:03:14 | 00,820,464 | ---- | M] (Dell Inc.) -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/06/13 17:29:14 | 00,356,920 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2008/10/09 14:47:42 | 01,079,176 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2007/09/13 14:45:38 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\STacSV.exe
PRC - [2008/10/27 04:54:20 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE
PRC - [2008/10/27 04:52:16 | 02,654,208 | ---- | M] (Dell Inc.) -- C:\Windows\System32\bcmwltry.exe
PRC - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/10/04 14:58:04 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/10/29 01:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 21:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2009/03/02 21:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/07/24 00:38:33 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/04/08 23:17:17 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/09/20 14:31:10 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\aestsrv.exe -- (AESTFilters [Auto | Running])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/05/11 10:15:50 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/27 13:03:11 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 13:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/09/23 23:09:52 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService [Auto | Running])
SRV - [2008/01/20 21:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 07:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/01/20 21:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/06/19 20:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/04 18:17:48 | 00,164,600 | ---- | M] (WildTangent, Inc.) -- C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService [On_Demand | Stopped])
SRV - [2008/12/18 01:02:23 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331 [On_Demand | Stopped])
SRV - [2008/12/18 01:12:55 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist [On_Demand | Stopped])
SRV - [2009/02/02 20:47:16 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c985a15cf94e28 [Auto | Stopped])
SRV - [2009/03/24 10:55:24 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/09/30 11:03:14 | 00,820,464 | ---- | M] (Dell Inc.) -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe -- (hnmsvc [Auto | Running])
SRV - [2008/06/19 20:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2002/12/17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped])
SRV - [2002/12/17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2008/06/19 20:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/12/23 10:35:20 | 00,117,264 | ---- | M] (CACE Technologies, Inc.) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])
SRV - [2008/06/13 17:29:14 | 00,356,920 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2008/10/09 14:47:42 | 01,079,176 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2008/10/04 14:58:04 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter [Auto | Running])
SRV - [2002/12/17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped])
SRV - [2007/09/13 14:45:38 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\STacSV.exe -- (STacSV [Auto | Running])
SRV - [2008/03/24 08:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2008/01/20 21:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2008/10/27 04:54:20 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])
SRV - [2008/01/20 21:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...amp;ibd=4081218
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...amp;ibd=4081218
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...amp;ibd=4081218
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 75.101.191.25:80
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://by109w.bay109...0&n=1812397654"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.1
FF - prefs.js..network.proxy.http: "194.170.32.251"
FF - prefs.js..network.proxy.http_port: 443
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/29 03:00:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/21 00:00:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/21 00:00:28 | 00,000,000 | ---D | M]
[2009/03/17 23:20:38 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\mozilla\Extensions
[2008/12/24 01:01:26 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/23 23:02:58 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\mozilla\Firefox\Profiles\4r15r5g3.default\extensions
[2009/07/04 12:07:48 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\mozilla\Firefox\Profiles\4r15r5g3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/06/13 16:09:10 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\mozilla\Firefox\Profiles\4r15r5g3.default\extensions\[email protected]
[2009/03/17 23:09:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/21 00:00:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/21 00:00:27 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/21 00:00:27 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/12/18 01:02:29 | 00,122,880 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/07/21 00:00:28 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/09/10 14:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/03/15 06:10:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/03/15 06:10:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/03/15 06:10:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/03/15 06:10:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/03/15 06:10:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/03/15 06:10:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/03/15 06:10:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/09/10 14:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/07/20 11:59:07 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/20 11:59:07 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/20 11:59:07 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/20 11:59:07 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/20 11:59:07 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/20 11:59:07 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 14 Days ==========
[2009/07/24 00:38:32 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
[2009/07/24 00:32:25 | 00,000,000 | ---D | C] -- C:\Users\Jim\Desktop\RootRepeal
[2009/07/24 00:31:28 | 00,462,508 | ---- | C] () -- C:\Users\Jim\Desktop\RootRepeal.zip
[2009/07/23 22:55:21 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/07/23 22:55:09 | 00,000,915 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/07/23 22:54:53 | 00,000,735 | ---- | C] () -- C:\Users\Jim\Desktop\NTREGOPT.lnk
[2009/07/23 22:54:53 | 00,000,716 | ---- | C] () -- C:\Users\Jim\Desktop\ERUNT.lnk
[2009/07/23 22:54:52 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/23 22:53:54 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Jim\Desktop\erunt_setup.exe
[2009/07/23 03:13:31 | 00,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2009/07/23 03:13:20 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/07/23 03:13:20 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/07/23 03:13:19 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/07/23 03:13:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/07/23 03:13:17 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/22 21:59:14 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At15.job
[2009/07/22 03:54:59 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/07/22 03:49:19 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At14.job
[2009/07/22 03:11:10 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2009/07/22 02:09:08 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At13.job
[2009/07/22 02:06:19 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At12.job
[2009/07/22 02:04:17 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At11.job
[2009/07/22 01:05:32 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At10.job
[2009/07/22 00:40:24 | 00,359,929 | ---- | C] () -- C:\Users\Jim\Desktop\dds.scr
[2009/07/22 00:27:47 | 02,901,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jim\Desktop\mbam-rules.exe
[2009/07/22 00:19:56 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At9.job
[2009/07/22 00:18:20 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At8.job
[2009/07/22 00:02:47 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At7.job
[2009/07/21 23:28:29 | 00,646,872 | ---- | C] (Crawler Inc. ) -- C:\Users\Jim\Desktop\SpywareTerminatorSetup.exe
[2009/07/21 20:15:53 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/07/21 19:37:52 | 00,000,788 | ---- | C] () -- C:\Users\Jim\Desktop\Trend Micro Security Software Download Manager.lnk
[2009/07/21 19:37:51 | 00,000,000 | ---D | C] -- C:\Users\Jim\Desktop\TrendMicro_Downloader
[2009/07/21 19:37:31 | 01,975,504 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jim\Desktop\TrendMicro_Downloader.exe
[2009/07/21 18:36:17 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At6.job
[2009/07/21 18:35:40 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At5.job
[2009/07/21 18:34:50 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At4.job
[2009/07/21 18:32:31 | 00,000,000 | ---D | C] -- C:\Users\Jim\Desktop\Avira
[2009/07/21 18:12:25 | 00,000,000 | ---D | C] -- C:\Users\Jim\Desktop\look2medestroyer
[2009/07/21 18:08:27 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At3.job
[2009/07/21 18:07:09 | 00,448,487 | ---- | C] () -- C:\Users\Jim\Desktop\L2MRemover.zip
[2009/07/21 17:53:34 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At2.job
[2009/07/21 17:49:27 | 00,000,382 | ---- | C] () -- C:\Windows\tasks\At1.job
[2009/07/21 17:42:00 | 00,085,635 | ---- | C] () -- C:\Users\Jim\Desktop\Qoofix.zip
[2009/07/21 15:47:37 | 00,000,000 | -H-- | C] () -- C:\Users\Jim\AppData\Local\IconCache.db
[2009/07/21 12:00:09 | 00,001,876 | ---- | C] () -- C:\Users\Jim\Desktop\HijackThis.lnk
[2009/07/21 12:00:08 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/07/21 11:59:49 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jim\Desktop\HJTInstall.exe
[2009/07/21 11:44:43 | 37,476,55680 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/21 01:50:47 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/07/21 01:47:13 | 00,847,776 | ---- | C] (AVG Technologies) -- C:\Users\Jim\Desktop\avg_avwt_stb_all_8_30.exe
[2009/07/21 01:23:05 | 32,299,960 | ---- | C] () -- C:\Users\Jim\Desktop\avira_antivir_personal_en.exe
[2009/07/21 01:21:10 | 00,308,160 | ---- | C] (ALWIL Software) -- C:\Users\Jim\Desktop\jim.exe
[2009/07/21 01:18:58 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Users\Jim\Desktop\TFC.exe
[2009/07/21 01:17:27 | 03,146,989 | ---- | C] () -- C:\Users\Jim\Desktop\ComboFix.exe
[2009/07/21 01:12:56 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/21 01:12:53 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/21 01:12:52 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/21 01:12:52 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/20 17:42:16 | 14,986,944 | ---- | C] (Doctor Web, Ltd.) -- C:\Users\Jim\Desktop\88uqsn42.exe
[2009/07/19 20:07:01 | 00,000,445 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\XENTONE Preferences
[2009/07/10 14:02:05 | 00,000,000 | ---D | C] -- C:\Users\Jim\Documents\Sony Media Libraries
[2009/07/10 14:01:56 | 00,000,000 | ---D | C] -- C:\Users\Jim\Documents\Sony ACID Pro 6.0 Projects
[2009/07/10 14:01:56 | 00,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Sony
[2009/07/10 13:22:10 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2009/07/10 13:21:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Sony
[2009/07/10 12:44:22 | 00,000,000 | ---D | C] -- C:\Users\Jim\Desktop\Sony ACID Pro 6.0
========== Files - Modified Within 14 Days ==========
[2009/07/24 00:38:33 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
[2009/07/24 00:31:46 | 00,462,508 | ---- | M] () -- C:\Users\Jim\Desktop\RootRepeal.zip
[2009/07/24 00:31:29 | 00,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/24 00:31:29 | 00,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/24 00:31:01 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/23 23:31:04 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/23 22:55:09 | 00,000,915 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/07/23 22:54:53 | 00,000,735 | ---- | M] () -- C:\Users\Jim\Desktop\NTREGOPT.lnk
[2009/07/23 22:54:53 | 00,000,716 | ---- | M] () -- C:\Users\Jim\Desktop\ERUNT.lnk
[2009/07/23 22:53:55 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Jim\Desktop\erunt_setup.exe
[2009/07/23 22:51:56 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/07/23 22:47:52 | 00,002,463 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Remote Access.lnk
[2009/07/23 22:47:27 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/23 22:47:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/23 22:47:21 | 37,476,55680 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/23 22:32:29 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At15.job
[2009/07/23 15:16:46 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At14.job
[2009/07/23 15:16:41 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At13.job
[2009/07/23 15:16:37 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At11.job
[2009/07/23 03:13:32 | 00,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2009/07/22 23:26:27 | 00,000,000 | -H-- | M] () -- C:\Users\Jim\AppData\Local\IconCache.db
[2009/07/22 23:22:29 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At6.job
[2009/07/22 03:55:18 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/07/22 02:07:07 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At12.job
[2009/07/22 01:59:16 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At10.job
[2009/07/22 01:19:31 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At9.job
[2009/07/22 00:40:27 | 00,359,929 | ---- | M] () -- C:\Users\Jim\Desktop\dds.scr
[2009/07/22 00:27:48 | 02,901,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jim\Desktop\mbam-rules.exe
[2009/07/22 00:19:48 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At7.job
[2009/07/22 00:19:41 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At8.job
[2009/07/21 23:37:25 | 00,174,080 | ---- | M] () -- C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/21 23:28:39 | 00,646,872 | ---- | M] (Crawler Inc. ) -- C:\Users\Jim\Desktop\SpywareTerminatorSetup.exe
[2009/07/21 23:24:24 | 00,000,788 | ---- | M] () -- C:\Users\Jim\Desktop\Trend Micro Security Software Download Manager.lnk
[2009/07/21 19:37:35 | 01,975,504 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jim\Desktop\TrendMicro_Downloader.exe
[2009/07/21 18:36:10 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At5.job
[2009/07/21 18:35:23 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At2.job
[2009/07/21 18:35:19 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At1.job
[2009/07/21 18:35:14 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At4.job
[2009/07/21 18:35:09 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\At3.job
[2009/07/21 18:08:01 | 00,448,487 | ---- | M] () -- C:\Users\Jim\Desktop\L2MRemover.zip
[2009/07/21 17:42:05 | 00,085,635 | ---- | M] () -- C:\Users\Jim\Desktop\Qoofix.zip
[2009/07/21 12:00:09 | 00,001,876 | ---- | M] () -- C:\Users\Jim\Desktop\HijackThis.lnk
[2009/07/21 11:59:50 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jim\Desktop\HJTInstall.exe
[2009/07/21 01:47:14 | 00,847,776 | ---- | M] (AVG Technologies) -- C:\Users\Jim\Desktop\avg_avwt_stb_all_8_30.exe
[2009/07/21 01:23:42 | 32,299,960 | ---- | M] () -- C:\Users\Jim\Desktop\avira_antivir_personal_en.exe
[2009/07/21 01:21:10 | 00,308,160 | ---- | M] (ALWIL Software) -- C:\Users\Jim\Desktop\jim.exe
[2009/07/21 01:18:59 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\TFC.exe
[2009/07/21 01:17:30 | 03,146,989 | ---- | M] () -- C:\Users\Jim\Desktop\ComboFix.exe
[2009/07/21 01:12:56 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/20 17:42:53 | 14,986,944 | ---- | M] (Doctor Web, Ltd.) -- C:\Users\Jim\Desktop\88uqsn42.exe
[2009/07/20 07:09:27 | 00,281,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/20 02:55:57 | 00,067,776 | ---- | M] () -- C:\Users\Jim\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/07/19 22:37:05 | 00,000,445 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\XENTONE Preferences
[2009/07/19 20:04:50 | 00,001,126 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/10 13:22:24 | 00,765,518 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/07/10 13:22:24 | 00,651,918 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/07/10 13:22:24 | 00,124,928 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== LOP Check ==========
[2009/07/21 15:45:29 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming
[2009/07/02 03:19:14 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Cycling '74
[2009/03/17 23:19:50 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Dell
[2009/03/17 23:19:51 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\DMCache
[2009/05/13 06:56:42 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\DonationCoder
[2009/06/07 08:49:19 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\dvdcss
[2009/06/03 03:59:03 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FileZilla
[2009/03/17 23:19:51 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FlashGet
[2009/03/17 23:19:51 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\GetRight
[2009/03/17 23:19:53 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\IDM
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Media Center Programs
[2009/02/18 04:58:46 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\NetMedia Providers
[2009/01/11 21:42:11 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Publish Providers
[2009/03/17 23:20:40 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Roxio
[2009/06/09 04:30:12 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\SignalAnalyzer
[2009/07/22 22:25:56 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Sony
[2009/03/17 23:20:42 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\SystemRequirementsLab
[2009/06/10 12:42:54 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Template
[2009/04/10 20:10:46 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\TVU networks
[2009/03/17 23:20:42 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Uniblue
[2009/07/19 19:06:39 | 00,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\uTorrent
[2009/07/21 18:35:19 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2009/07/22 01:59:16 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2009/07/23 15:16:37 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2009/07/22 02:07:07 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2009/07/23 15:16:41 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2009/07/23 15:16:46 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2009/07/23 22:32:29 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2009/07/21 18:35:23 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2009/07/21 18:35:09 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2009/07/21 18:35:14 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2009/07/21 18:36:10 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2009/07/22 23:22:29 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2009/07/22 00:19:48 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2009/07/22 00:19:41 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2009/07/22 01:19:31 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2009/07/23 22:51:56 | 00,000,868 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2009/07/23 23:31:04 | 00,000,882 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009/07/24 00:31:01 | 00,000,886 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2009/07/23 22:47:27 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/07/23 22:46:36 | 00,019,332 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:6FDABC0E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >
Extras (OTL)
OTL Extras logfile created on: 7/24/2009 12:40:03 AM - Run 1
OTL by OldTimer - Version 3.0.10.2 Folder = C:\Users\Jim\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 107.29 Gb Free Space | 37.58% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.36 Gb Free Space | 43.65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JIM-PC
Current User Name: Jim
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{103F1942-FF9D-4A0B-8C9C-5B86A7334B94}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4123D60E-B785-4A28-98DB-4B6B0416D503}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\vlc\vlc.exe |
"{4EE6D749-199A-4F76-B122-48EA7F526930}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{54D95848-72CE-4764-99D5-A013D6F02224}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{67CFEE26-6703-43E9-8858-F42643A4C826}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\advanced networking service\hnm_svc.exe |
"{67D39865-532A-4F5F-9E36-27D5A432DEEC}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{759B723C-D878-438A-82B1-26E3B5C35A8C}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\advanced networking service\hnm_svc.exe |
"{7E27352E-E960-43E5-994D-8DA5B3A83D2B}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{89083612-7C3A-446E-BA6D-C7C80BAADCAF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9CC65E3C-77E5-42A9-AD08-758FA6880279}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{A7116F81-F68D-482F-B0ED-2FF4F4660415}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\vlc\vlc.exe |
"{BFABFC82-4C32-45A0-8E4D-C6E89D8155D4}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{CFDB8787-7A34-42AA-A5EC-6A07C6B2E6FC}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{D894A360-7B5B-46B7-9441-E307CB151785}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FBD1A3F8-B0C8-4514-8852-3A48CDBCB59A}" = protocol=17 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{FDB4D71C-4E3E-4C65-8C2B-524924FA62ED}" = protocol=6 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"TCP Query User{0411487A-9815-4F4D-A2B8-13BB1FD33602}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{137F6A09-11CF-4B7A-B3B8-129885285347}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{40A81185-A5A1-414F-A904-982308C35D42}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{50BCB105-3F46-4DF3-A34D-D2017CE38BB1}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{5601A5C0-A2EC-4E07-BF4C-A33C20C9A646}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5B5A130C-1966-4F3F-B5E0-4B76718F91A4}C:\program files\pd\bin\pd.exe" = protocol=6 | dir=in | app=c:\program files\pd\bin\pd.exe |
"TCP Query User{7E79033E-71BE-49DD-B873-6836AB54CEC5}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
"TCP Query User{875B9427-FEC9-4BA1-A5D7-6353766444D3}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{8EE3D3DA-014C-4CA3-A34C-18CF04EFB866}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{8F5DDFC5-DAD7-490F-8CCB-B5E6F0DE7B47}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{A29CDDC8-0A22-44E3-9B56-BF8FC5C30964}C:\program files\real alternative\media player classic\mplayerc.exe" = protocol=6 | dir=in | app=c:\program files\real alternative\media player classic\mplayerc.exe |
"TCP Query User{C81BE1A6-073C-4500-974E-A8F21EF3194D}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{E1B7E309-57D1-4911-A722-332801EF1BB2}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{E53C68FD-8B6A-47C7-96C1-871DBA67DB03}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F860595E-D950-45ED-AC06-E103947039AB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FF0DE57E-2EDB-4592-A907-F7B4E4CCFB40}C:\users\jim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\jim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{026B5735-1EFE-4268-9E5F-61C1F4E16FCB}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{105DD9B2-93AF-44D5-925B-78148F7029D1}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{21CB1AB4-70F0-4181-9ED3-3F6AC8B4F2B9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{285D6D01-1FCD-4923-9A75-E09B1EFDB8B7}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{2C65A9D8-2FCD-4AC0-9E3B-23294E6DB4D9}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{640DA33B-9813-40E4-8110-DE8E9252CEDC}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{8E66B5F3-8307-41F8-8E42-753E9435F5C6}C:\users\jim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\jim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{93BCA127-5862-4ECD-9C79-5A930F2FF550}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{9491D161-0C13-49FE-98D7-DCC86C538FD7}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{A3FA06EB-DC5A-498F-90D6-58EF9E1AC659}C:\program files\real alternative\media player classic\mplayerc.exe" = protocol=17 | dir=in | app=c:\program files\real alternative\media player classic\mplayerc.exe |
"UDP Query User{ACC47B2B-4296-4677-8F72-9F4D19C4A61D}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{B452697F-C4CF-47F5-B244-66FD6A78C3B7}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{C7BE81B3-9B25-4549-9F78-F22594636E41}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{E28639D9-32E2-43D6-B6F6-F0E09FD810AD}C:\program files\pd\bin\pd.exe" = protocol=17 | dir=in | app=c:\program files\pd\bin\pd.exe |
"UDP Query User{EB41FA8E-D4E4-4394-B694-06505C1D19BB}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
"UDP Query User{EC112865-9D81-4228-87F1-F4D15B5F886A}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{255909FA-8E58-4BC2-A83A-3C71EB5DD6EC}" = EarthLink Setup Files
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604
"{3E5DA526-F420-45A6-9F27-D2B5246D6823}" = Free Natural Text to Speech Reader 2008
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{44A91B04-3D0C-47F9-B644-7F682869AFF3}" = MobileMe Control Panel
"{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}" = Sony Media Manager 2.2
"{48EB9208-593D-4DC7-B613-9C5A210D87BA}" = Sony Sound Forge 8.0b
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{784DF107-2945-4B65-ADE3-A58ECD6C37A9}" = Sony Vegas 5.0a
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B535B621-5559-11DE-A7A1-005056806466}" = Google Earth Plugin
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Apen CD Ripper_is1" = Apen CD Ripper 1.02
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DS-Monkey Audio Source" = DS-Monkey Audio Source 1.00
"EchoFilter 2.0 Free" = EchoFilter 2.0 Free
"EchoFilter 3.01 Trial" = EchoFilter 3.01 Trial
"ERUNT_is1" = ERUNT 1.1j
"FFT Properties (32) v5" = FFT Properties (32)
"FileZilla Client" = FileZilla Client 3.2.4.1
"FlashGet" = FlashGet 1.9.6.1073
"GetRight_is1" = GetRight
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist 8.0.0.514
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder iPhone Edition" = MediaCoder iPhone Edition
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.1)" = Mozilla Firefox (3.5.1)
"OJOsoft Audio Converter_is1" = OJOsoft Audio Converter
"P2P Tv Plugin_is1" = P2P Tv Plugin
"pd_is1" = Pd-0.40.3-extended-20080721
"RealAlt_is1" = Real Alternative 1.9.0
"Replay Media Catcher 3.02" = Replay Media Catcher 3.02
"SopCast" = SopCast 3.0.3
"Soulseek2" = SoulSeek 157 NS 13c
"Spyware Doctor" = Spyware Doctor 6.0
"SystemRequirementsLab" = System Requirements Lab
"The KMPlayer" = The KMPlayer (remove only)
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.4.5.1
"VLC media player" = VLC media player 0.9.8a
"WildTangent dell Master Uninstall" = WildTangent Games
"WinAce Archiver" = WinAce Archiver
"WinPcapInst" = WinPcap 4.1 beta5
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/19/2009 8:09:33 PM | Computer Name = Jim-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Unable
to connect to the remote server ---> System.Net.Sockets.SocketException: No connection
could be made because the target machine actively refused it 75.101.191.25:80
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress
socketAddress) at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket
s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult
asyncResult, Int32 timeout, Exception& exception) --- End of inner exception
stack trace --- at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) at Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) at Swapdrive.Shared.ActivationWsvcs.GetInfo()
Error - 7/19/2009 8:09:38 PM | Computer Name = Jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/20/2009 8:10:42 AM | Computer Name = Jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/20/2009 8:11:56 AM | Computer Name = Jim-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Unable
to connect to the remote server ---> System.Net.Sockets.SocketException: No connection
could be made because the target machine actively refused it 75.101.191.25:80
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress
socketAddress) at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket
s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult
asyncResult, Int32 timeout, Exception& exception) --- End of inner exception
stack trace --- at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) at Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) at Swapdrive.Shared.ActivationWsvcs.GetInfo()
Error - 7/20/2009 5:56:46 PM | Computer Name = Jim-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Unable
to connect to the remote server ---> System.Net.Sockets.SocketException: No connection
could be made because the target machine actively refused it 75.101.191.25:80
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress
socketAddress) at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket
s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult
asyncResult, Int32 timeout, Exception& exception) --- End of inner exception
stack trace --- at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) at Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) at Swapdrive.Shared.ActivationWsvcs.GetInfo()
Error - 7/20/2009 5:56:48 PM | Computer Name = Jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/21/2009 12:58:33 AM | Computer Name = Jim-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Unable
to connect to the remote server ---> System.Net.Sockets.SocketException: No connection
could be made because the target machine actively refused it 75.101.191.25:80
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress
socketAddress) at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket
s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult
asyncResult, Int32 timeout, Exception& exception) --- End of inner exception
stack trace --- at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) at Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) at Swapdrive.Shared.ActivationWsvcs.GetInfo()
Error - 7/21/2009 12:58:34 AM | Computer Name = Jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/21/2009 2:21:29 AM | Computer Name = Jim-PC | Source = Application Error | ID = 1000
Description = Faulting application avast_home_setup.exe, version 4.8.0.0, time stamp
0x49de0798, faulting module kernel32.dll, version 6.0.6001.18215, time stamp 0x49953395,
exception code 0xe06d7363, fault offset 0x000442eb, process id 0x1444, application
start time 0x01ca09cb79141dfb.
Error - 7/21/2009 2:21:49 AM | Computer Name = Jim-PC | Source = Application Error | ID = 1000
Description = Faulting application avast_home_setup.exe, version 4.8.0.0, time stamp
0x49de0798, faulting module kernel32.dll, version 6.0.6001.18215, time stamp 0x49953395,
exception code 0xe06d7363, fault offset 0x000442eb, process id 0x15a8, application
start time 0x01ca09cb85850dbb.
[ Broadcom Wireless LAN Events ]
Error - 7/21/2009 5:43:55 PM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 16:43:55, Tue, Jul 21, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/21/2009 5:43:55 PM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 16:43:55, Tue, Jul 21, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/21/2009 8:14:02 PM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 19:14:02, Tue, Jul 21, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/21/2009 8:14:02 PM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 19:14:02, Tue, Jul 21, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/22/2009 4:44:47 AM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 03:44:47, Wed, Jul 22, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/22/2009 4:44:47 AM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 03:44:47, Wed, Jul 22, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/22/2009 4:55:59 AM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 03:55:59, Wed, Jul 22, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/22/2009 4:55:59 AM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 03:55:59, Wed, Jul 22, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/22/2009 4:30:25 PM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 15:30:25, Wed, Jul 22, 09 Error - User "" does not have administrative
privileges on this system
Error - 7/22/2009 4:30:25 PM | Computer Name = Jim-PC | Source = WLAN-Tray | ID = 0
Description = 15:30:25, Wed, Jul 22, 09 Error - User "" does not have administrative
privileges on this system
[ System Events ]
Error - 7/24/2009 12:11:47 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 12:21:48 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 12:31:50 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 12:41:53 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 12:51:55 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 1:01:56 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 1:11:57 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 1:21:57 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 1:32:00 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
Error - 7/24/2009 1:42:04 AM | Computer Name = Jim-PC | Source = netbt | ID = 4321
Description = The name "JM :0" could not be registered on the interface
with IP address 192.168.2.106. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.
< End of report >
Thank you very much for any help.
Edited by chili fries, 24 July 2009 - 12:06 AM.