Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Downloader.Win32.Agent.db

Started by AZCMer , Aug 20 2009 04:33 PM

  • Please log in to reply

#1
AZCMer
Posted 20 August 2009 - 04:33 PM

AZCMer

    Member

  • Member
  • PipPipPip
  • 108 posts
I have an older system that I prefer to keep. It's been running sluggishly. My parental controls in my McAfee keep shutting off. Then, I discovered that my McAfee is being disabled. I've been checking it daily and having to go into services to restart it.

First I went to Kaspersky and ran an online scan. It found Downloader.Win32.Agent.db. I've included the log.

I then came here and followed your protocol for malware and am posting all the logs below. I've updated my McAfee and Windows, but don't trust my scans. Up until now, I've been running weekly scans and have no results. Please help. Thank you.

--------------------------------------------------------------------------------
ОТЧЕТ О ПРОВЕРКЕ KASPERSKY ONLINE SCANNER 7.0
20 Август 2009 г.
Операционная система: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Версия Kaspersky Online Scanner: 7.0.26.13
Последнее обновление баз: Wednesday, August 19, 2009 08:50:28
Количество записей в базах: 2661251
--------------------------------------------------------------------------------

Параметры проверки:
проверять, используя следующие базы: расширенные
Проверять архивы: да
Проверять почтовые базы: да

Область проверки - Мой компьютер:
A:\
C:\
D:\
E:\
F:\
G:\

Статистика проверки:
Проверено объектов: 338603
Обнаружено угроз: 1
Обнаружено зараженных объектов: 1
Обнаружено подозрительных объектов: 0
Время проверки: 27:11:55


Имя файла / Имя угрозы / Количество угроз
F:\My Documents\My eBooks\Portable Empire\Spa.zip Зараженный: not-a-virus:Downloader.Win32.Agent.db 1

Выбранная область проверена.

-------------------------------------------------------------------------------- REPORT ABOUT THE CHECKING KASPERSKY ONLINE SCANNER 7.0 On August 20, 2009. The operating system: Microsoft Windows XP Of home Of edition Of service Of pack 3 (build 2600) version Kasperskys Online Of scanner: 7.0.26.13 Last renovation of the bases: Wednesday, August 19, 2009 08:50: 28 Quantity of records in the bases: 2661251 -------------------------------------------------------------------------------- Parameters of the checking: to check, using the following bases: extended To check the archives: yes To check the post bases: yes Region of checking - my computer: A:\ C:\ D:\ E:\ F:\ G:\ Statistics of the checking: It is checked the objects: 338603 It is discovered the threats: 1 It is discovered the infected objects: 1 It is discovered the suspicious objects: 0 Time of the checking: the 27:11: 55 Name of file/name of threat/a quantity of the threats F:\My Documents\My eBooks \ Of portable Of empire \ Of spa.zip Infected: not- a -virus: Downloader.Win32.Agent.db 1 The selected region is checked.

Malwarebytes' Anti-Malware 1.40
Database version: 2664
Windows 5.1.2600 Service Pack 3

8/20/2009 2:23:01 PM
mbam-log-2009-08-20 (14-23-01).txt

Scan type: Full Scan (C:\|F:\|G:\|)
Objects scanned: 480094
Time elapsed: 6 hour(s), 40 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d714a94f-123a-45cc-8f03-040bcaf82ad6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Pinnacle\Studio\Register\RegTool.exe (Rogue.RegTool) -> Quarantined and deleted successfully.
F:\My Documents\My Downloads\WinZip.Pro.v10.0.6667\tmg-wz10.exe (Malware.NSPack) -> Quarantined and deleted successfully.

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/20 15:07
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB7148000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79AD000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB5761000 Size: 49152 File Visible: No Signed: -
Status: -

==EOF==

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/20 15:07
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB7148000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79AD000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB5761000 Size: 49152 File Visible: No Signed: -
Status: -

==EOF==

OTL logfile created on: 8/20/2009 3:10:53 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 56.91% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.38 Gb Total Space | 78.70 Gb Free Space | 73.30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 186.31 Gb Total Space | 23.66 Gb Free Space | 12.70% Space Free | Partition Type: NTFS
Drive G: | 4.39 Gb Total Space | 0.80 Gb Free Space | 18.27% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GODSPEED
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/04/01 14:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe
PRC - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/03/25 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe
PRC - [2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2008/04/13 17:12:36 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe
PRC - [2009/03/25 17:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2005/02/02 16:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
PRC - [2005/12/05 21:00:44 | 00,753,664 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Tablet.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2005/12/05 20:59:02 | 00,114,688 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WTablet\TabUserW.exe
PRC - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/08/05 06:10:16 | 00,116,024 | ---- | M] (Flock, Inc.) -- C:\Program Files\Flock\flock.exe
PRC - [2009/08/20 15:09:55 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2004/10/04 04:47:04 | 00,098,304 | ---- | M] () -- F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor [Disabled | Stopped])
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Disabled | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2000/05/24 15:20:36 | 00,015,360 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\ATMsrvc.exe -- (ATMsrvc [Disabled | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [Disabled | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
SRV - [2008/06/26 10:24:08 | 00,031,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [Disabled | Stopped])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [Disabled | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])
SRV - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running])
SRV - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2009/04/01 14:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [Auto | Running])
SRV - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2009/03/25 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Disabled | Stopped])
SRV - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [Disabled | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Disabled | Stopped])
SRV - [2006/04/21 11:20:55 | 00,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files\Rosetta Stone\SMS v3.0hs\Service\JavaSrvc.exe -- (SMSv3hs [Disabled | Stopped])
SRV - [2008/04/13 17:12:36 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe -- (SNMP [Auto | Running])
SRV - [2005/12/05 21:00:44 | 00,753,664 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Tablet.exe -- (TabletService [Auto | Running])
SRV - [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend [On_Demand | Stopped])
SRV - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc [On_Demand | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E2 06 ED 53 A3 20 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/15 14:52:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/06/24 16:15:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components [2009/08/17 10:23:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2009/08/15 10:02:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5\extensions\\Components: C:\Program Files\Flock\components [2009/08/17 10:23:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5\extensions\\Plugins: C:\Program Files\Flock\plugins [2009/08/15 10:02:42 | 00,000,000 | ---D | M]

[2009/05/18 10:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions
[2009/05/18 10:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Encarta Web Companion Helper Object) - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Encarta Web Companion) - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Encarta Web Companion) - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TabUserW.exe.lnk = C:\WINDOWS\System32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - F:\Program Files\EverNote\EverNote\enbar.dll (EverNote Corporation)
O9 - Extra 'Tools' menuitem : Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - F:\Program Files\EverNote\EverNote\enbar.dll (EverNote Corporation)
O9 - Extra Button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: centerpointe.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: comcast.net ([www6] http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/09/04 20:13:37 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/09/04 20:13:37 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 20:07:38 | 00,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{54c8ace0-02b4-11de-8de1-00e018417bdb}\Shell - "" = AutoRun
O33 - MountPoints2\{54c8ace0-02b4-11de-8de1-00e018417bdb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{54c8ace0-02b4-11de-8de1-00e018417bdb}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/08/20 15:09:37 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/08/20 15:04:32 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/08/20 14:38:32 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\RootRepeal.exe
[2009/08/20 07:18:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2009/08/20 07:17:52 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/20 07:17:48 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/20 07:17:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/08/20 07:17:44 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/20 07:17:43 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/20 07:16:36 | 03,942,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/08/20 07:15:04 | 00,000,622 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/08/20 07:15:04 | 00,000,603 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/08/20 07:15:02 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/20 07:12:31 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt_setup.exe
[2009/08/20 07:08:17 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe
[2009/08/20 06:51:50 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2009/08/19 09:56:40 | 01,213,931 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ThemeBuilderExtras.exe
[2009/08/18 11:56:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\WISPTIS.EXE
[2009/08/17 21:48:01 | 00,001,650 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP DVD.lnk
[2009/08/17 21:47:04 | 00,000,000 | ---D | C] -- C:\Program Files\Sonic
[2009/08/17 21:45:34 | 00,001,559 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2009/08/17 21:45:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/08/17 21:45:22 | 00,000,000 | ---D | C] -- C:\Program Files\PowerDVD
[2009/08/17 21:41:34 | 00,000,000 | ---D | C] -- C:\Program Files\RecordNow
[2009/08/17 20:23:16 | 00,620,726 | ---- | C] () -- F:\My Documents\cc_20090817_2023.reg
[2009/08/17 19:58:09 | 00,001,559 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/08/17 19:58:08 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/17 19:05:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2009/08/17 18:54:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2009/08/17 18:54:48 | 00,000,000 | ---D | C] -- C:\Program Files\muvee autoProducer DVD Edition - HPC
[2009/08/17 18:54:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/08/17 18:53:14 | 01,630,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2009/08/17 18:53:14 | 01,150,976 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2009/08/17 18:53:13 | 01,675,264 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2009/08/17 18:53:13 | 01,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2009/08/17 18:53:13 | 00,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2009/08/17 18:53:12 | 00,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2009/08/17 18:53:12 | 00,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2009/08/17 18:53:12 | 00,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2009/08/17 18:53:12 | 00,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2009/08/17 18:53:12 | 00,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2009/08/17 18:53:11 | 00,047,104 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2009/08/17 14:44:15 | 00,021,533 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HP_Chat_Session_17_Aug_2009_14_43.html
[2009/08/17 11:50:03 | 11,353,9466 | ---- | C] () -- F:\My Documents\reg081709.reg
[2009/08/17 10:13:01 | 00,000,000 | ---D | C] -- C:\Program Files\Zero Knowledge
[2009/08/17 10:04:50 | 00,000,000 | ---D | C] -- C:\Program Files\Hp
[2009/08/15 10:11:38 | 00,000,817 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Foxit PDF Editor.lnk
[2009/08/15 10:03:26 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/08/15 10:02:44 | 00,000,894 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/08/15 10:02:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Foxit
[2009/08/15 10:02:15 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/08/15 09:59:44 | 03,738,880 | ---- | C] (Foxit Software) -- C:\Documents and Settings\Owner\Desktop\FoxitReader30_enu_Setup.exe
[2009/08/07 11:02:18 | 00,000,000 | ---D | C] -- F:\My Documents\My Library
[2009/08/07 10:57:38 | 00,000,000 | ---D | C] -- F:\My Documents\My Media
[2009/08/07 10:57:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\OverDrive
[2009/08/07 10:04:05 | 00,001,888 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
[2009/08/07 10:04:00 | 00,000,000 | ---D | C] -- C:\Program Files\OverDrive Media Console
[2009/08/07 10:01:28 | 04,746,752 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ODMediaConsoleSetup.msi

========== Files - Modified Within 14 Days ==========

[2009/08/20 15:09:55 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/08/20 15:04:32 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/08/20 14:53:34 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/20 14:53:11 | 00,016,015 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/08/20 14:52:47 | 00,000,336 | ---- | M] () -- C:\WINDOWS\System32\tablet.dat
[2009/08/20 14:52:39 | 00,183,443 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/08/20 14:52:10 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/20 14:52:07 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/20 14:52:03 | 13,417,55392 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/20 14:46:42 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7221C2B6-A1A5-4C02-A5E7-46AE85E7612D}.job
[2009/08/20 14:46:03 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/08/20 14:39:03 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\RootRepeal.exe
[2009/08/20 07:17:52 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/20 07:16:36 | 03,942,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/08/20 07:15:04 | 00,000,622 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/08/20 07:15:04 | 00,000,603 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/08/20 07:12:37 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt_setup.exe
[2009/08/20 07:09:28 | 00,072,744 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/20 07:08:27 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe
[2009/08/20 06:56:38 | 00,260,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/20 06:51:51 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2009/08/19 20:51:18 | 00,000,206 | ---- | M] () -- F:\My Documents\stevewells.html
[2009/08/19 15:45:43 | 62,859,988 | ---- | M] () -- F:\My Documents\PSPMadeEZ1.dbx
[2009/08/19 10:20:15 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/08/19 09:56:55 | 01,213,931 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ThemeBuilderExtras.exe
[2009/08/18 12:42:10 | 00,000,929 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/08/18 12:42:10 | 00,000,202 | RHS- | M] () -- C:\BOOT.INI
[2009/08/18 12:42:09 | 00,000,260 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/08/18 11:56:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\WISPTIS.EXE
[2009/08/18 11:55:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\WISPTIS.OLD
[2009/08/17 21:48:01 | 00,001,650 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP DVD.lnk
[2009/08/17 21:45:35 | 00,001,559 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2009/08/17 20:24:05 | 00,620,726 | ---- | M] () -- F:\My Documents\cc_20090817_2023.reg
[2009/08/17 19:58:09 | 00,001,559 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/08/17 16:08:53 | 00,445,702 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/17 16:08:53 | 00,072,924 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/17 14:44:18 | 00,021,533 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HP_Chat_Session_17_Aug_2009_14_43.html
[2009/08/17 14:29:56 | 00,000,482 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/08/17 11:51:31 | 11,353,9466 | ---- | M] () -- F:\My Documents\reg081709.reg
[2009/08/16 15:32:24 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/08/15 10:11:38 | 00,000,817 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Foxit PDF Editor.lnk
[2009/08/15 10:02:44 | 00,000,894 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/08/15 09:59:54 | 03,738,880 | ---- | M] (Foxit Software) -- C:\Documents and Settings\Owner\Desktop\FoxitReader30_enu_Setup.exe
[2009/08/13 00:07:34 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/08 19:43:31 | 01,389,056 | ---- | M] () -- F:\My Documents\Persnickity.bro
[2009/08/08 17:46:39 | 00,000,081 | ---- | M] () -- C:\WINDOWS\ImportClient.INI
[2009/08/07 10:04:05 | 00,001,888 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
[2009/08/07 10:02:33 | 04,746,752 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ODMediaConsoleSetup.msi

========== LOP Check ==========

[2009/08/20 07:17:45 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/02/24 13:50:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/05/12 21:11:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/08/17 21:45:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/12/19 14:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2007/05/17 16:30:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2009/08/17 18:54:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2008/07/19 18:26:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2008/06/18 16:24:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2008/12/12 13:37:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/05/25 07:18:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/04/09 00:11:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
[2009/08/20 07:18:02 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data
[2007/11/25 22:51:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.BitZip
[2008/04/06 21:46:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Atari
[2008/12/25 18:39:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ContentGuard
[2007/05/21 19:40:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Corel
[2008/12/19 10:56:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CyberLink
[2009/05/18 23:22:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2007/05/23 09:08:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Download Manager
[2009/08/12 23:53:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FileZilla
[2009/05/18 10:50:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Flock
[2009/08/15 10:02:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Foxit
[2007/06/21 21:58:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2007/05/20 23:31:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jasc
[2008/04/06 21:45:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2007/07/29 17:01:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MAPILab NNTP Accounts
[2008/09/15 13:02:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Motive
[2009/06/23 19:50:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Move Networks
[2008/10/25 20:54:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSN6
[2008/08/04 14:41:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2009/08/07 10:57:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OverDrive
[2008/06/18 16:24:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PlayFirst
[2007/08/30 17:51:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2007/12/25 21:27:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data\SecuROM
[2007/07/12 11:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2008/09/15 12:42:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\System Tweaker
[2009/07/15 13:25:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2007/12/07 13:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2009/05/23 12:35:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2008/12/16 13:52:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Typograf
[2009/08/13 12:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\U3
[2008/09/15 12:15:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2009/02/05 07:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VERITAS
[2008/12/16 13:52:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\W Photo Studio Viewer
[2008/09/16 19:46:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinBatch
[2007/05/17 19:13:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2009/05/15 14:26:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Live Writer
[2009/08/19 10:20:15 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/18 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/07/15 01:25:04 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/07/01 01:02:50 | 00,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/08/20 14:46:03 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/08/20 14:52:10 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/20 14:46:42 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7221C2B6-A1A5-4C02-A5E7-46AE85E7612D}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D8A7F3FF
< End of report >

OTL Extras logfile created on: 8/20/2009 3:10:53 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 56.91% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.38 Gb Total Space | 78.70 Gb Free Space | 73.30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 186.31 Gb Total Space | 23.66 Gb Free Space | 12.70% Space Free | Partition Type: NTFS
Drive G: | 4.39 Gb Total Space | 0.80 Gb Free Space | 18.27% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GODSPEED
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = FlockHTML] -- C:\Program Files\Flock\flock.exe (Flock, Inc.)
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"F:\Program Files\Kodak EasyShare software\bin\EasyShare.exe" = F:\Program Files\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- File not found
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- File not found
"C:\WINDOWS\SYSTEM32\java.exe" = C:\WINDOWS\SYSTEM32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre1.6.0_05\bin\java.exe" = C:\Program Files\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java Runtime Environment -- (Sun Microsystems, Inc.)
"C:\Program Files\Rosetta Stone\SMS v3.0hs\server.exe" = C:\Program Files\Rosetta Stone\SMS v3.0hs\server.exe:*:Enabled:SMS Server v3.0hs -- ()
"C:\Program Files\Rosetta Stone\SMS v3.0hs\admin.exe" = C:\Program Files\Rosetta Stone\SMS v3.0hs\admin.exe:*:Enabled:SMS Admin v3.0hs -- ()
"C:\Program Files\Rosetta Stone\SMS v3.0hs\Service\JavaSrvc.exe" = C:\Program Files\Rosetta Stone\SMS v3.0hs\Service\JavaSrvc.exe:*:Enabled:SMS Service v3.0hs -- (Alexandria Software Consulting)
"C:\Program Files\Rosetta Stone\RS2.1.4.2Asms\Discover.exe" = C:\Program Files\Rosetta Stone\RS2.1.4.2Asms\Discover.exe:*:Enabled:Rosetta Stone SMS Discovery Tool -- (Fairfield Language Technologies)
"C:\Program Files\Rosetta Stone\RS2.1.4.2Asms\Rosetta Stone.exe" = C:\Program Files\Rosetta Stone\RS2.1.4.2Asms\Rosetta Stone.exe:*:Enabled:Rosetta Stone Application -- (Macromedia, Inc.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Disabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe" = C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\Program Files\Orb Networks\Orb\bin\xmltv.exe" = C:\Program Files\Orb Networks\Orb\bin\xmltv.exe:*:Enabled:OrbTVGuide -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C297B1-02F3-4BEE-8B57-7BCA695A41DA}" = EverNote (Trial)
"{0413C01D-638A-496B-AD24-56309C8775D7}" = War Games Virtual Warfare Demo
"{07041881-E9B4-4DF6-A845-CAAFD093E477}" = Microsoft Student with Encarta Premium 2007
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = HP DLA
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12F7033F-3B47-4C9E-AB20-2EC556C40287}" = Microsoft .NET Compact Framework 1.0 SP3
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24960CD0-661D-4957-9D5F-D2905A30EDB1}" = Jasc Paint Shop Photo Album 5
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28114F32-A828-3B57-802B-1F300B0948C7}" = Cooliris for Internet Explorer
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{2F20ADFD-5679-11D5-A8E1-00A0CC663B7C}" = PigPen
"{2FD177C0-A752-11DC-8314-0800200C9A66}" = Windows Live SkyDrive Upload Tool
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3DD1FE66-5536-41E3-B786-70068887B3F4}" = The Print Shop 12
"{42450D0B-8F0B-4EA2-90F6-6047F634ACC7}" = BlasterBall Wild
"{42977380-5628-11D5-A8E1-00A0CC53785B}" = Speedway
"{4A6DDD86-DF01-4472-84BE-7A3D5719D1C9}" = JascUpdate
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4F1CECBC-670F-4DAA-81D6-944B12450917}" = DIGOpt
"{4FD84C01-F268-4E99-A7D5-533D04722C4B}" = SabreWing 2
"{60E971B7-51A0-48CA-8687-C6B8F094A409}" = Sonic Simple Backup
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E84B43-8227-4DC3-A4E4-CAB022DCF858}" = muvee autoProducer DVD Edition - HPC
"{6A6FF26C-34A4-11D5-A8E0-00A0CC663B7C}" = DarkOrbit
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D10C4BE-0C36-4F4E-8C3A-E5E867A5F01D}" = QuickConnect
"{6FA269F8-38CB-4DF7-AA0D-36E3CE789485}" = HP Software Update
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}" = ArcSoft ShowBiz 2
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{8214CC02-6271-4DC8-B8DD-779933450264}" = RecordNow
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11127847}" = Diner Dash 2
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{93AC2663-6946-490E-B4A4-FD126F318084}" = Atomic Pop
"{94753E09-CB41-4894-9F73-C1F55EA23ECB}" = Jasc Virtual Painter 4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9692FD03-6662-4E62-B08C-30DFF51651E1}" = Actiontec Gateway
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = The Sims™ 2 Deluxe
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A580547F-4FB6-433E-A595-21CAA858C556}" = Microsoft Office Live Small Business Image Uploader
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.6
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B348E585-E872-41DF-8234-E2D49917CFBB}" = Learning Essentials for Microsoft Office
"{B40514BB-56EC-11D5-A8E1-00A0CC663B7C}" = GemMaster
"{B6ACFF51-248A-4290-B50B-E50C81F25B97}" = iPod for Windows 2005-02-22
"{B946D46E-1302-48B4-84EE-B74C3191D975}" = Corel Painter Essentials 2
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1939820-A945-11D4-86F6-0001031E5712}" = InterVideo WinDVD
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C7239ACC-601B-46BC-B48D-3998303A326D}" = OverDrive Media Console
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus®
"{D085A1B6-90A4-11D3-82B7-00C04FA309DE}" = Microsoft Money 2001
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D11550E6-B064-4717-AF9E-A979EF245468}" = Live Spaces Photo Album Plugin
"{DA9F6EF5-E48A-4E45-BC57-AA16193763B7}" = Detto Migration Kit
"{DB42270E-B4CA-7457-3D2B-E0B46AAEF819}" = twhirl
"{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}" = MobileMe Control Panel
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0
"{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}" = Works Suite OS Pack
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Type Manager 4.1" = Adobe Type Manager 4.1
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Ask Toolbar_is1" = Foxit Toolbar
"Atmosphere Lite (Boundless Living Edition)_is1" = Atmosphere Lite v5.0
"Auto Care" = Auto Care
"BackWeb-137903 Uninstaller" = hp center
"CCleaner" = CCleaner (remove only)
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.6.1
"Flock (2.5)" = Flock (2.5)
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
"HP Instant Support" = hp instant support
"HP Photo Printing Software" = HP Photo Printing Software
"hp print screen utility" = hp print screen utility
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{B6ACFF51-248A-4290-B50B-E50C81F25B97}" = iPod for Windows 2005-02-22
"InterActual Player" = InterActual Player
"IsoBuster_is1" = IsoBuster 2.5
"Jasc Paint Shop Pro 9 GDI+ Patch" = Jasc Paint Shop Pro 9 GDI+ Patch
"Jasc Paint Shop Pro 9.01 - (9.0.1.1)" = Jasc Paint Shop Pro 9.01 - (9.0.1.1)
"Jasc Paint Shop Pro 9.01 Patch" = Jasc Paint Shop Pro 9.01 Patch
"KazooStudio" = KazooStudio
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.6
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.3 build 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTrueTypeProperties" = Microsoft OpenType Font Properties Extension (Remove Only)
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"My Photo Center" = My Photo Center
"nik Color Efex Pro 2.0 GE" = nik Color Efex Pro 2.0 GE
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Papi" = Device drivers for Simple Backup
"PCDoctor" = PC-Doctor for Windows
"PCFriendly" = PCFriendly
"PHOTORECOVERY" = PHOTORECOVERY® Limited Edition 3.0
"PROSet" = Intel® Network Connections Drivers
"PS2" = PS2
"Python 1.5 combined Win32 extensions" = Python 1.5 combined Win32 extensions
"Python 1.5.2 (final)" = Python 1.5.2 (final)
"Quicken Financial Center" = Quicken Financial Center
"Rosetta Stone 2.1.4.2Asms" = Rosetta Stone 2.1.4.2Asms
"S3 Gamma" = S3 Gamma
"S3switch2" = S3 Savage4 Family Display Switch2 Utility
"SecondLife" = SecondLife (remove only)
"Student Management System v3.0hs" = Student Management System v3.0hs
"StudioDV" = Studio
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"SystemRequirementsLab" = System Requirements Lab
"Tablet Driver" = Tablet
"Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"TweakMP9" = Windows Media Player 9 Series TweakMP PowerToy
"Typograf" = Typograf4.8f
"wcmdmgr.exe" = WildTangent Updater
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2001Setup" = Microsoft Works and Money 2001 Setup Launcher
"wtwebdriver" = WildTangent Web Driver
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/27/2009 1:36:57 PM | Computer Name = GODSPEED | Source = ESENT | ID = 490
Description = svchost (924) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.log"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 7/29/2009 11:33:36 PM | Computer Name = GODSPEED | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 1308 (0x51c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.423
/ 5301.4018 Object being scanned = \Device\HarddiskVolume2\WINDOWS\system32\drivers\etc\hosts

by C:\WINDOWS\System32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)

7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 7/30/2009 10:30:11 AM | Computer Name = GODSPEED | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 1668 (0x684) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.423
/ 5301.4018 Object being scanned = \Device\HarddiskVolume2\Program Files\uTorrent\uTorrent.exe

by C:\WINDOWS\Explorer.EXE 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0)

5006(0)(0) 5004(0)(0)

Error - 8/3/2009 2:35:54 PM | Computer Name = GODSPEED | Source = MsiInstaller | ID = 11905
Description = Product: ESSgui -- Error 1905.Module F:\Program Files\Kodak EasyShare
software\bin\ESCom.dll failed to unregister. HRESULT -2147220472. Contact your
support personnel.

Error - 8/10/2009 10:02:40 AM | Computer Name = GODSPEED | Source = ESENT | ID = 490
Description = svchost (928) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 8/17/2009 1:50:52 PM | Computer Name = GODSPEED | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 8/17/2009 1:56:57 PM | Computer Name = GODSPEED | Source = MsiInstaller | ID = 1002
Description = Unexpected or missing value (name: 'PackageName', value: '') in key
'HKU\S-1-5-21-1822439336-2826457082-3675345140-1003\Software\Microsoft\Installer\Products\7D1F7FAF7E0CAE74A8AA484E9FAEC349\SourceList'

Error - 8/17/2009 7:30:05 PM | Computer Name = GODSPEED | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 1336 (0x538) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.423
/ 5301.4018 Object being scanned = \Device\CdRom3\Scrapbook\8-flws_CristinaBlomberg.jpg

by C:\WINDOWS\Explorer.EXE 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0)

5006(0)(0) 5004(0)(0)

Error - 8/17/2009 7:40:29 PM | Computer Name = GODSPEED | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 1536 (0x600) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.423
/ 5301.4018 Object being scanned = \Device\CdRom3\Scrapbook\2Peas_Stone Etchings.zip

by C:\WINDOWS\Explorer.EXE 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0)

5006(0)(0) 5004(0)(0)

Error - 8/20/2009 10:04:15 AM | Computer Name = GODSPEED | Source = Application Error | ID = 1000
Description = Faulting application flock.exe, version 1.9.0.3493, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

[ System Events ]
Error - 8/20/2009 5:32:45 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 8/20/2009 5:32:57 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}.
The
error: "%193" Happened while starting this command: "C:\WINDOWS\system32\WISPTIS.EXE"
-Embedding

Error - 8/20/2009 5:32:58 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}.
The
error: "%193" Happened while starting this command: "C:\WINDOWS\system32\WISPTIS.EXE"
-Embedding

Error - 8/20/2009 5:35:10 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SeaPort with
arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}

Error - 8/20/2009 5:39:30 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 8/20/2009 5:39:42 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 8/20/2009 6:00:45 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}.
The
error: "%193" Happened while starting this command: "C:\WINDOWS\system32\WISPTIS.EXE"
-Embedding

Error - 8/20/2009 6:00:45 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}.
The
error: "%193" Happened while starting this command: "C:\WINDOWS\system32\WISPTIS.EXE"
-Embedding

Error - 8/20/2009 6:03:47 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 8/20/2009 6:04:05 PM | Computer Name = GODSPEED | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}


< End of report >
  • 0

Advertisements

#2
AZCMer
Posted 20 August 2009 - 04:45 PM

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
An Addendum. . .

I forgot to write a couple of things.

First, I've had a new user added into my McAfee, ASPNET, type limited. I can't delete the acct. I have edited it so that it has no internet access. I can change that once I know what that is about.

Second, I'm having trouble using my dvd rw drives to burn cd's. I get errors saying that the media is unacceptable. I've been to the HP site for updates and my computer won't allow me to install a firmware update. The error I get is "Update program did not find any supported HP drives on this computer."

Thanks for any help you can give.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP