Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Show Hidden Files and Folders Not Working

Started by diYes , Sep 08 2009 07:29 AM

  • Please log in to reply

#1
diYes
Posted 08 September 2009 - 07:29 AM

diYes

    New Member

  • Member
  • Pip
  • 4 posts
I had the problem with this option for days now. At first it always goes back to "Do not show hidden files and folders" even if I already picked the other option. But now whatever I pick, it seems to pick both options or sometimes no option at all is picked.

MBAM log:

Malwarebytes' Anti-Malware 1.40
Database version: 2758
Windows 5.1.2600 Service Pack 3

9/8/2009 8:26:30 PM
mbam-log-2009-09-08 (20-26-30).txt

Scan type: Quick Scan
Objects scanned: 108875
Time elapsed: 6 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


RootRepeal Log:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/08 21:16
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: Aavmker4.SYS
Image Path: C:\windows\System32\Drivers\Aavmker4.SYS
Address: 0xF7964000 Size: 19072 File Visible: - Signed: Yes
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF748D000 Size: 187776 File Visible: - Signed: Yes
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: Yes
Status: -

Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF79D8000 Size: 11648 File Visible: - Signed: Yes
Status: -

Name: AegisP.sys
Image Path: C:\windows\system32\DRIVERS\AegisP.sys
Address: 0xAABFD000 Size: 15968 File Visible: - Signed: No
Status: -

Name: Afc.sys
Image Path: C:\windows\system32\drivers\Afc.sys
Address: 0xF78FC000 Size: 32768 File Visible: - Signed: No
Status: -

Name: afd.sys
Image Path: C:\windows\System32\drivers\afd.sys
Address: 0xAAED1000 Size: 138496 File Visible: - Signed: Yes
Status: -

Name: ALCXWDM.SYS
Image Path: C:\windows\system32\drivers\ALCXWDM.SYS
Address: 0xF65B6000 Size: 2317504 File Visible: - Signed: No
Status: -

Name: aswFsBlk.sys
Image Path: C:\windows\system32\DRIVERS\aswFsBlk.sys
Address: 0xF79C4000 Size: 32768 File Visible: - Signed: Yes
Status: -

Name: aswMon2.SYS
Image Path: C:\windows\System32\Drivers\aswMon2.SYS
Address: 0xAA9E3000 Size: 87424 File Visible: - Signed: Yes
Status: -

Name: aswRdr.SYS
Image Path: C:\windows\System32\Drivers\aswRdr.SYS
Address: 0xAA5C4000 Size: 15136 File Visible: - Signed: Yes
Status: -

Name: aswSP.SYS
Image Path: C:\windows\System32\Drivers\aswSP.SYS
Address: 0xAAD69000 Size: 135168 File Visible: - Signed: Yes
Status: -

Name: aswTdi.SYS
Image Path: C:\windows\System32\Drivers\aswTdi.SYS
Address: 0xF765C000 Size: 41664 File Visible: - Signed: Yes
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF7401000 Size: 96512 File Visible: - Signed: Yes
Status: -

Name: audstub.sys
Image Path: C:\windows\system32\DRIVERS\audstub.sys
Address: 0xF7CB6000 Size: 3072 File Visible: - Signed: Yes
Status: -

Name: BATTC.SYS
Image Path: C:\windows\system32\DRIVERS\BATTC.SYS
Address: 0xF79D4000 Size: 16384 File Visible: - Signed: Yes
Status: -

Name: Beep.SYS
Image Path: C:\windows\System32\Drivers\Beep.SYS
Address: 0xF7AF2000 Size: 4224 File Visible: - Signed: Yes
Status: -

Name: BOOTVID.dll
Image Path: C:\windows\system32\BOOTVID.dll
Address: 0xF79CC000 Size: 12288 File Visible: - Signed: Yes
Status: -

Name: BtHidBus.sys
Image Path: BtHidBus.sys
Address: 0xF79DC000 Size: 14848 File Visible: - Signed: Yes
Status: -

Name: Cdfs.SYS
Image Path: C:\windows\System32\Drivers\Cdfs.SYS
Address: 0xF772C000 Size: 63744 File Visible: - Signed: Yes
Status: -

Name: cdrbsdrv.SYS
Image Path: C:\windows\System32\Drivers\cdrbsdrv.SYS
Address: 0xF7A98000 Size: 12736 File Visible: - Signed: No
Status: -

Name: cdrom.sys
Image Path: C:\windows\system32\DRIVERS\cdrom.sys
Address: 0xF6CAB000 Size: 62976 File Visible: - Signed: Yes
Status: -

Name: CLASSPNP.SYS
Image Path: C:\windows\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF75FC000 Size: 53248 File Visible: - Signed: Yes
Status: -

Name: CmBatt.sys
Image Path: C:\windows\system32\DRIVERS\CmBatt.sys
Address: 0xF7A94000 Size: 13952 File Visible: - Signed: Yes
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF79D0000 Size: 10240 File Visible: - Signed: Yes
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF75EC000 Size: 36352 File Visible: - Signed: Yes
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF7419000 Size: 153344 File Visible: - Signed: Yes
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xF7AC2000 Size: 5888 File Visible: - Signed: Yes
Status: -

Name: drmk.sys
Image Path: C:\windows\system32\drivers\drmk.sys
Address: 0xF6CDB000 Size: 61440 File Visible: - Signed: Yes
Status: -

Name: Dxapi.sys
Image Path: C:\windows\System32\drivers\Dxapi.sys
Address: 0xAAD4D000 Size: 12288 File Visible: - Signed: Yes
Status: -

Name: dxg.sys
Image Path: C:\windows\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: - Signed: Yes
Status: -

Name: dxgthk.sys
Image Path: C:\windows\System32\drivers\dxgthk.sys
Address: 0xF7BE9000 Size: 4096 File Visible: - Signed: Yes
Status: -

Name: eeCtrl.sys
Image Path: C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Address: 0xAAD8A000 Size: 385024 File Visible: - Signed: Yes
Status: -

Name: Fips.SYS
Image Path: C:\windows\System32\Drivers\Fips.SYS
Address: 0xF767C000 Size: 44544 File Visible: - Signed: Yes
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF73E1000 Size: 129792 File Visible: - Signed: Yes
Status: -

Name: Fs_Rec.SYS
Image Path: C:\windows\System32\Drivers\Fs_Rec.SYS
Address: 0xF7AF0000 Size: 7936 File Visible: - Signed: Yes
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF743F000 Size: 125056 File Visible: - Signed: Yes
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\windows\System32\Drivers\GEARAspiWDM.sys
Address: 0xF6C8B000 Size: 40960 File Visible: - Signed: Yes
Status: -

Name: hal.dll
Image Path: C:\windows\system32\hal.dll
Address: 0x806D0000 Size: 131840 File Visible: - Signed: Yes
Status: -

Name: HIDCLASS.SYS
Image Path: C:\windows\system32\DRIVERS\HIDCLASS.SYS
Address: 0xF769C000 Size: 36864 File Visible: - Signed: Yes
Status: -

Name: HIDPARSE.SYS
Image Path: C:\windows\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF795C000 Size: 28672 File Visible: - Signed: Yes
Status: -

Name: hidusb.sys
Image Path: C:\windows\system32\DRIVERS\hidusb.sys
Address: 0xF7A80000 Size: 10368 File Visible: - Signed: Yes
Status: -

Name: HTTP.sys
Image Path: C:\windows\System32\Drivers\HTTP.sys
Address: 0xA9E8E000 Size: 264832 File Visible: - Signed: Yes
Status: -

Name: i8042prt.sys
Image Path: C:\windows\system32\DRIVERS\i8042prt.sys
Address: 0xF6CCB000 Size: 52480 File Visible: - Signed: Yes
Status: -

Name: ialmdd5.DLL
Image Path: C:\windows\System32\ialmdd5.DLL
Address: 0xBFA38000 Size: 925696 File Visible: - Signed: No
Status: -

Name: ialmdev5.DLL
Image Path: C:\windows\System32\ialmdev5.DLL
Address: 0xBFA04000 Size: 212992 File Visible: - Signed: No
Status: -

Name: ialmdnt5.dll
Image Path: C:\windows\System32\ialmdnt5.dll
Address: 0xBF9E3000 Size: 135168 File Visible: - Signed: No
Status: -

Name: ialmnt5.sys
Image Path: C:\windows\system32\DRIVERS\ialmnt5.sys
Address: 0xF6B4A000 Size: 1052608 File Visible: - Signed: No
Status: -

Name: ialmrnt5.dll
Image Path: C:\windows\System32\ialmrnt5.dll
Address: 0xBF9D5000 Size: 57344 File Visible: - Signed: No
Status: -

Name: imapi.sys
Image Path: C:\windows\system32\DRIVERS\imapi.sys
Address: 0xF6CBB000 Size: 42112 File Visible: - Signed: Yes
Status: -

Name: InCDfs.SYS
Image Path: C:\windows\System32\Drivers\InCDfs.SYS
Address: 0xAAF87000 Size: 99456 File Visible: - Signed: No
Status: -

Name: InCDPass.sys
Image Path: C:\windows\System32\DRIVERS\InCDPass.sys
Address: 0xF7904000 Size: 28928 File Visible: - Signed: No
Status: -

Name: InCDrec.SYS
Image Path: C:\windows\System32\Drivers\InCDrec.SYS
Address: 0xF7277000 Size: 8704 File Visible: - Signed: No
Status: -

Name: incdrm.SYS
Image Path: C:\windows\System32\Drivers\incdrm.SYS
Address: 0xF790C000 Size: 27776 File Visible: - Signed: No
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF7AC0000 Size: 5504 File Visible: - Signed: Yes
Status: -

Name: intelppm.sys
Image Path: C:\windows\system32\DRIVERS\intelppm.sys
Address: 0xF782C000 Size: 36352 File Visible: - Signed: Yes
Status: -

Name: ipnat.sys
Image Path: C:\windows\system32\DRIVERS\ipnat.sys
Address: 0xAADE8000 Size: 152832 File Visible: - Signed: Yes
Status: -

Name: ipsec.sys
Image Path: C:\windows\system32\DRIVERS\ipsec.sys
Address: 0xAAF74000 Size: 75264 File Visible: - Signed: Yes
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF75BC000 Size: 37248 File Visible: - Signed: Yes
Status: -

Name: kbdclass.sys
Image Path: C:\windows\system32\DRIVERS\kbdclass.sys
Address: 0xF78EC000 Size: 24576 File Visible: - Signed: Yes
Status: -

Name: KDCOM.DLL
Image Path: C:\windows\system32\KDCOM.DLL
Address: 0xF7ABC000 Size: 8192 File Visible: - Signed: Yes
Status: -

Name: kmixer.sys
Image Path: C:\windows\system32\drivers\kmixer.sys
Address: 0xA9ACB000 Size: 172416 File Visible: - Signed: Yes
Status: -

Name: ks.sys
Image Path: C:\windows\system32\drivers\ks.sys
Address: 0xF656F000 Size: 143360 File Visible: - Signed: Yes
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF73B8000 Size: 92928 File Visible: - Signed: Yes
Status: -

Name: mnmdd.SYS
Image Path: C:\windows\System32\Drivers\mnmdd.SYS
Address: 0xF7AF4000 Size: 4224 File Visible: - Signed: Yes
Status: -

Name: mouclass.sys
Image Path: C:\windows\system32\DRIVERS\mouclass.sys
Address: 0xF78F4000 Size: 23040 File Visible: - Signed: Yes
Status: -

Name: mouhid.sys
Image Path: C:\windows\system32\DRIVERS\mouhid.sys
Address: 0xF7A84000 Size: 12160 File Visible: - Signed: Yes
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF75CC000 Size: 42368 File Visible: - Signed: Yes
Status: -

Name: mrxdav.sys
Image Path: C:\windows\system32\DRIVERS\mrxdav.sys
Address: 0xAA84E000 Size: 180608 File Visible: - Signed: Yes
Status: -

Name: mrxsmb.sys
Image Path: C:\windows\system32\DRIVERS\mrxsmb.sys
Address: 0xAAE0E000 Size: 455296 File Visible: - Signed: Yes
Status: -

Name: Msfs.SYS
Image Path: C:\windows\System32\Drivers\Msfs.SYS
Address: 0xF794C000 Size: 19072 File Visible: - Signed: Yes
Status: -

Name: msgpc.sys
Image Path: C:\windows\system32\DRIVERS\msgpc.sys
Address: 0xF6C4B000 Size: 35072 File Visible: - Signed: Yes
Status: -

Name: mssmbios.sys
Image Path: C:\windows\system32\DRIVERS\mssmbios.sys
Address: 0xF72BC000 Size: 15488 File Visible: - Signed: Yes
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF72E4000 Size: 105344 File Visible: - Signed: Yes
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF72FE000 Size: 182656 File Visible: - Signed: Yes
Status: -

Name: ndistapi.sys
Image Path: C:\windows\system32\DRIVERS\ndistapi.sys
Address: 0xF7AA4000 Size: 10112 File Visible: - Signed: Yes
Status: -

Name: ndisuio.sys
Image Path: C:\windows\system32\DRIVERS\ndisuio.sys
Address: 0xAABF9000 Size: 14592 File Visible: - Signed: Yes
Status: -

Name: ndiswan.sys
Image Path: C:\windows\system32\DRIVERS\ndiswan.sys
Address: 0xF5856000 Size: 91520 File Visible: - Signed: Yes
Status: -

Name: NDProxy.SYS
Image Path: C:\windows\System32\Drivers\NDProxy.SYS
Address: 0xF762C000 Size: 40576 File Visible: - Signed: Yes
Status: -

Name: netbios.sys
Image Path: C:\windows\system32\DRIVERS\netbios.sys
Address: 0xF766C000 Size: 34688 File Visible: - Signed: Yes
Status: -

Name: netbt.sys
Image Path: C:\windows\system32\DRIVERS\netbt.sys
Address: 0xAAEF3000 Size: 162816 File Visible: - Signed: Yes
Status: -

Name: Npfs.SYS
Image Path: C:\windows\System32\Drivers\Npfs.SYS
Address: 0xF7954000 Size: 30848 File Visible: - Signed: Yes
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF732B000 Size: 574976 File Visible: - Signed: Yes
Status: -

Name: ntkrnlpa.exe
Image Path: C:\windows\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: Yes
Status: -

Name: Null.SYS
Image Path: C:\windows\System32\Drivers\Null.SYS
Address: 0xF7CFB000 Size: 2944 File Visible: - Signed: Yes
Status: -

Name: OPRGHDLR.SYS
Image Path: C:\windows\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF7B85000 Size: 4096 File Visible: - Signed: Yes
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF7844000 Size: 19712 File Visible: - Signed: Yes
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF747C000 Size: 68224 File Visible: - Signed: Yes
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7B84000 Size: 3328 File Visible: - Signed: Yes
Status: -

Name: PCIIDEX.SYS
Image Path: C:\windows\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF783C000 Size: 28672 File Visible: - Signed: Yes
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF745E000 Size: 120192 File Visible: - Signed: Yes
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: Yes
Status: -

Name: portcls.sys
Image Path: C:\windows\system32\drivers\portcls.sys
Address: 0xF6592000 Size: 147456 File Visible: - Signed: Yes
Status: -

Name: psched.sys
Image Path: C:\windows\system32\DRIVERS\psched.sys
Address: 0xF5845000 Size: 69120 File Visible: - Signed: Yes
Status: -

Name: ptilink.sys
Image Path: C:\windows\system32\DRIVERS\ptilink.sys
Address: 0xF791C000 Size: 17792 File Visible: - Signed: Yes
Status: -

Name: rasacd.sys
Image Path: C:\windows\system32\DRIVERS\rasacd.sys
Address: 0xF7273000 Size: 8832 File Visible: - Signed: Yes
Status: -

Name: rasl2tp.sys
Image Path: C:\windows\system32\DRIVERS\rasl2tp.sys
Address: 0xF6C7B000 Size: 51328 File Visible: - Signed: Yes
Status: -

Name: raspppoe.sys
Image Path: C:\windows\system32\DRIVERS\raspppoe.sys
Address: 0xF6C6B000 Size: 41472 File Visible: - Signed: Yes
Status: -

Name: raspptp.sys
Image Path: C:\windows\system32\DRIVERS\raspptp.sys
Address: 0xF6C5B000 Size: 48384 File Visible: - Signed: Yes
Status: -

Name: raspti.sys
Image Path: C:\windows\system32\DRIVERS\raspti.sys
Address: 0xF7924000 Size: 16512 File Visible: - Signed: Yes
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: Yes
Status: -

Name: rdbss.sys
Image Path: C:\windows\system32\DRIVERS\rdbss.sys
Address: 0xAAEA6000 Size: 175744 File Visible: - Signed: Yes
Status: -

Name: RDPCDD.sys
Image Path: C:\windows\System32\DRIVERS\RDPCDD.sys
Address: 0xF7AF6000 Size: 4224 File Visible: - Signed: Yes
Status: -

Name: rdpdr.sys
Image Path: C:\windows\system32\DRIVERS\rdpdr.sys
Address: 0xF5815000 Size: 196224 File Visible: - Signed: Yes
Status: -

Name: redbook.sys
Image Path: C:\windows\system32\DRIVERS\redbook.sys
Address: 0xF6C9B000 Size: 57600 File Visible: - Signed: Yes
Status: -

Name: rootrepeal.sys
Image Path: C:\windows\system32\drivers\rootrepeal.sys
Address: 0xA9B66000 Size: 49152 File Visible: No Signed: No
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF73CF000 Size: 73472 File Visible: - Signed: Yes
Status: -

Name: srv.sys
Image Path: C:\windows\system32\DRIVERS\srv.sys
Address: 0xAA6BC000 Size: 333952 File Visible: - Signed: Yes
Status: -

Name: swenum.sys
Image Path: C:\windows\system32\DRIVERS\swenum.sys
Address: 0xF7AEE000 Size: 4352 File Visible: - Signed: Yes
Status: -

Name: symlcbrd.sys
Image Path: C:\WINDOWS\system32\drivers\symlcbrd.sys
Address: 0xF7974000 Size: 24576 File Visible: - Signed: Yes
Status: -

Name: SynTP.sys
Image Path: C:\windows\system32\DRIVERS\SynTP.sys
Address: 0xF653F000 Size: 193216 File Visible: - Signed: No
Status: -

Name: sysaudio.sys
Image Path: C:\windows\system32\drivers\sysaudio.sys
Address: 0xAA2B4000 Size: 60800 File Visible: - Signed: Yes
Status: -

Name: tcpip.sys
Image Path: C:\windows\system32\DRIVERS\tcpip.sys
Address: 0xAAF1B000 Size: 361600 File Visible: - Signed: Yes
Status: -

Name: TDI.SYS
Image Path: C:\windows\system32\DRIVERS\TDI.SYS
Address: 0xF7914000 Size: 20480 File Visible: - Signed: Yes
Status: -

Name: termdd.sys
Image Path: C:\windows\system32\DRIVERS\termdd.sys
Address: 0xF761C000 Size: 40704 File Visible: - Signed: Yes
Status: -

Name: tmcomm.sys
Image Path: C:\WINDOWS\system32\drivers\tmcomm.sys
Address: 0xAA6A4000 Size: 97280 File Visible: - Signed: Yes
Status: -

Name: update.sys
Image Path: C:\windows\system32\DRIVERS\update.sys
Address: 0xF578F000 Size: 384768 File Visible: - Signed: Yes
Status: -

Name: USBD.SYS
Image Path: C:\windows\system32\DRIVERS\USBD.SYS
Address: 0xF7AEA000 Size: 8192 File Visible: - Signed: Yes
Status: -

Name: usbehci.sys
Image Path: C:\windows\system32\DRIVERS\usbehci.sys
Address: 0xF78E4000 Size: 30208 File Visible: - Signed: Yes
Status: -

Name: usbhub.sys
Image Path: C:\windows\system32\DRIVERS\usbhub.sys
Address: 0xF764C000 Size: 59520 File Visible: - Signed: Yes
Status: -

Name: USBPORT.SYS
Image Path: C:\windows\system32\DRIVERS\USBPORT.SYS
Address: 0xF6B12000 Size: 147456 File Visible: - Signed: Yes
Status: -

Name: usbuhci.sys
Image Path: C:\windows\system32\DRIVERS\usbuhci.sys
Address: 0xF78DC000 Size: 20608 File Visible: - Signed: Yes
Status: -

Name: vga.sys
Image Path: C:\windows\System32\drivers\vga.sys
Address: 0xF7944000 Size: 20992 File Visible: - Signed: Yes
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\windows\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF6B36000 Size: 81920 File Visible: - Signed: Yes
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF75DC000 Size: 52352 File Visible: - Signed: Yes
Status: -

Name: w29n51.sys
Image Path: C:\windows\system32\DRIVERS\w29n51.sys
Address: 0xF67EC000 Size: 3298432 File Visible: - Signed: No
Status: -

Name: wanarp.sys
Image Path: C:\windows\system32\DRIVERS\wanarp.sys
Address: 0xF768C000 Size: 34560 File Visible: - Signed: Yes
Status: -

Name: watchdog.sys
Image Path: C:\windows\System32\watchdog.sys
Address: 0xF79A4000 Size: 20480 File Visible: - Signed: Yes
Status: -

Name: wdmaud.sys
Image Path: C:\windows\system32\drivers\wdmaud.sys
Address: 0xAA257000 Size: 83072 File Visible: - Signed: Yes
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: Yes
Status: -

Name: win32k.sys
Image Path: C:\windows\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: Yes
Status: -

Name: wmiacpi.sys
Image Path: C:\windows\system32\DRIVERS\wmiacpi.sys
Address: 0xF7A90000 Size: 8832 File Visible: - Signed: Yes
Status: -

Name: WMILIB.SYS
Image Path: C:\windows\system32\DRIVERS\WMILIB.SYS
Address: 0xF7ABE000 Size: 8192 File Visible: - Signed: Yes
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: Yes
Status: -

Processes
-------------------
PathSystem
PID: 4 Status: -

PathC:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe
PID: 148 Status: -

PathC:\Program Files\Bonjour\mDNSResponder.exe
PID: 208 Status: -

PathC:\WINDOWS\system32\wuauclt.exe
PID: 248 Status: -

PathC:\Program Files\Java\jre6\bin\jqs.exe
PID: 276 Status: -

PathC:\Program Files\Canon\CAL\CALMAIN.exe
PID: 356 Status: -

PathC:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PID: 432 Status: -

PathC:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PID: 456 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 500 Status: -

PathC:\WINDOWS\system32\smss.exe
PID: 572 Status: -

PathC:\Program Files\iPod\bin\iPodService.exe
PID: 624 Status: -

PathC:\WINDOWS\system32\csrss.exe
PID: 668 Status: -

PathC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PID: 672 Status: -

PathC:\WINDOWS\system32\winlogon.exe
PID: 692 Status: -

PathC:\WINDOWS\system32\services.exe
PID: 736 Status: -

PathC:\WINDOWS\system32\lsass.exe
PID: 748 Status: -

PathC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PID: 864 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 912 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 980 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 1020 Status: -

PathC:\Program Files\Ahead\InCD\InCDsrv.exe
PID: 1040 Status: -

PathC:\WINDOWS\system32\WLTRYSVC.EXE
PID: 1084 Status: -

PathC:\WINDOWS\system32\BCMWLTRY.EXE
PID: 1240 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 1260 Status: -

PathC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PID: 1268 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 1304 Status: -

PathC:\WINDOWS\system32\alg.exe
PID: 1416 Status: -

PathC:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PID: 1444 Status: -

PathC:\Program Files\Alwil Software\Avast4\ashServ.exe
PID: 1492 Status: -

PathC:\WINDOWS\system32\spoolsv.exe
PID: 1908 Status: -

PathC:\WINDOWS\system32\acs.exe
PID: 1948 Status: -

PathC:\WINDOWS\system32\svchost.exe
PID: 2000 Status: -

PathC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PID: 2040 Status: -

PathC:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
PID: 2576 Status: -

PathC:\WINDOWS\system32\WgaTray.exe
PID: 2680 Status: -

PathC:\WINDOWS\system32\wbem\wmiprvse.exe
PID: 2740 Status: -

PathC:\WINDOWS\explorer.exe
PID: 2836 Status: -

PathC:\Documents and Settings\Donell\My Documents\Downloads\RootRepeal.exe
PID: 3160 Status: -

PathC:\WINDOWS\system32\igfxpers.exe
PID: 3304 Status: -

PathC:\Program Files\Opera\opera.exe
PID: 3328 Status: -

PathC:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PID: 3392 Status: -

PathC:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PID: 3400 Status: -

PathC:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PID: 3408 Status: -

PathC:\WINDOWS\SOUNDMAN.EXE
PID: 3416 Status: -

PathC:\WINDOWS\vsnp2std.exe
PID: 3424 Status: -

PathC:\WINDOWS\system32\hkcmd.exe
PID: 3508 Status: -

PathC:\Program Files\Atheros\ACU.exe
PID: 3520 Status: -

PathC:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PID: 3544 Status: -

PathC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
PID: 3572 Status: -

PathC:\Program Files\Java\jre6\bin\jusched.exe
PID: 3584 Status: -

PathC:\WINDOWS\system32\wuauclt.exe
PID: 3596 Status: -

PathC:\Program Files\iTunes\iTunesHelper.exe
PID: 3672 Status: -

PathC:\WINDOWS\system32\ctfmon.exe
PID: 3684 Status: -

PathC:\Program Files\Rainlendar2\Rainlendar2.exe
PID: 3876 Status: -

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Not hooked

#: 041 Function Name: NtCreateKey
Status: Not hooked

#: 065 Function Name: NtDeleteValueKey
Status: Not hooked

#: 068 Function Name: NtDuplicateObject
Status: Not hooked

#: 119 Function Name: NtOpenKey
Status: Not hooked

#: 122 Function Name: NtOpenProcess
Status: Not hooked

#: 128 Function Name: NtOpenThread
Status: Not hooked

#: 177 Function Name: NtQueryValueKey
Status: Not hooked

#: 204 Function Name: NtRestoreKey
Status: Not hooked

#: 247 Function Name: NtSetValueKey
Status: Not hooked

Hidden Services
-------------------
==EOF==

OTL Log:
OTL logfile created on: 9/8/2009 9:18:03 PM - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Donell\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

758.42 Mb Total Physical Memory | 407.16 Mb Available Physical Memory | 53.68% Memory free
1.06 Gb Paging File | 0.65 Gb Available in Paging File | 60.93% Paging File free
Paging file location(s): c:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 10.53 Gb Free Space | 26.95% Space Free | Partition Type: NTFS
Drive D: | 16.82 Gb Total Space | 15.59 Gb Free Space | 92.69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONELL-F8D64C2C
Current User Name: Donell
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2005/01/03 18:40:42 | 00,854,528 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2009/08/17 23:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/18 00:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2004/12/27 17:12:16 | 00,036,864 | ---- | M] () -- C:\windows\System32\acs.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/02/18 19:32:03 | 00,081,920 | R--- | M] () -- C:\windows\System32\SupportAppXL\cdrom_mon.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/09/07 23:55:40 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007/03/23 20:03:53 | 01,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2004/12/22 01:32:00 | 00,065,536 | ---- | M] () -- C:\windows\System32\wltrysvc.exe
PRC - [2004/12/22 01:32:00 | 00,827,499 | ---- | M] (Broadcom Corporation) -- C:\windows\System32\bcmwltry.exe
PRC - [2008/11/10 04:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/01/31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2009/08/18 00:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/18 00:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WgaTray.exe
PRC - [2008/04/14 08:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\windows\Explorer.EXE
PRC - [2005/08/24 12:51:12 | 00,114,688 | R--- | M] (Intel Corporation) -- C:\windows\System32\igfxpers.exe
PRC - [2008/10/07 23:23:46 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2005/02/04 11:12:58 | 00,102,490 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/02/04 11:11:48 | 00,708,698 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005/04/15 11:01:46 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SOUNDMAN.EXE
PRC - [2007/05/10 16:58:42 | 00,344,064 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2005/08/24 12:47:18 | 00,077,824 | R--- | M] (Intel Corporation) -- C:\windows\System32\hkcmd.exe
PRC - [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2005/01/31 08:05:50 | 00,253,952 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2009/08/18 00:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/09/07 23:55:41 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/08/22 18:31:06 | 05,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/18 18:27:06 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/08/28 13:13:02 | 00,832,808 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009/02/06 18:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wbem\wmiprvse.exe
PRC - [2009/09/07 23:25:02 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Donell\My Documents\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2004/12/27 17:12:16 | 00,036,864 | ---- | M] () -- C:\windows\System32\acs.exe -- (ACS [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/08/17 23:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008/02/18 19:32:03 | 00,081,920 | R--- | M] () -- C:\windows\System32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor [Auto | Running])
SRV - [2009/08/18 00:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/08/18 00:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/08/18 00:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - File not found -- -- (avg8wd [Auto | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/01/31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/03/23 19:29:33 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2008/04/14 08:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/01/03 18:40:42 | 00,854,528 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
SRV - [2005/01/03 18:40:42 | 00,854,528 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR [Auto | Stopped])
SRV - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/09/07 23:55:40 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009/03/17 08:39:00 | 02,800,669 | ---- | M] (INCA Internet Co., Ltd.) -- C:\windows\System32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/03/04 11:25:12 | 00,621,056 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2007/03/23 20:03:53 | 01,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Running])
SRV - [2004/12/22 01:32:00 | 00,065,536 | ---- | M] () -- C:\windows\System32\wltrysvc.exe -- (wltrysvc [Auto | Running])
SRV - [2008/11/10 04:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-yff3k"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-yff3k"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo....x/?fr=yffk-sfp"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..keyword.URL: "http://search.yahoo....=ytff-yff3k&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/04/27 23:28:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/09/07 23:55:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/25 00:33:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/08 20:14:31 | 00,000,000 | ---D | M]

[2009/06/23 21:32:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\mozilla\Extensions
[2009/06/23 21:32:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/08 20:14:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\mozilla\Firefox\Profiles\wu3wha1t.default\extensions
[2009/06/24 22:10:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\mozilla\Firefox\Profiles\wu3wha1t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/08 19:43:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/01 16:32:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}
[2009/08/25 00:33:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/25 00:33:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/08 01:24:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/03/28 22:50:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/07 23:56:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/07/30 19:26:53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/30 19:26:54 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/09/07 23:55:41 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/07/30 19:26:55 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/25 20:11:36 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/30 15:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 15:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/30 15:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 15:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 15:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/30 15:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/30 15:24:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (0 bytes) - C:\windows\System32\drivers\etc\Hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - No CLSID value found.
O2 - BHO: (no name) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [igfxhkcmd] C:\windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [SoundMan] C:\windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [cdloader] C:\Documents and Settings\Donell\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1190004533875 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} https://my.levelupga...crypt/npkcx.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 58.69.254.4 58.69.254.3 124.104.135.63
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/07 22:36:21 | 00,000,049 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0d3f086e-3ef1-11de-9c53-00166fb80264}\Shell\AutoRun\command - "" = wscript.exe solution.vbs
O33 - MountPoints2\{0d3f086e-3ef1-11de-9c53-00166fb80264}\Shell\Open\Command - "" = wscript.exe solution.vbs
O33 - MountPoints2\{1a57f45c-d2a6-11db-982f-b330d612ff89}\Shell\Auto\command - "" = H:\RavMonE.exe -- File not found
O33 - MountPoints2\{1a57f45c-d2a6-11db-982f-b330d612ff89}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1efde56e-d83b-11db-984d-a0afcbbddc89}\Shell - "" = AutoRun
O33 - MountPoints2\{1efde56e-d83b-11db-984d-a0afcbbddc89}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2284de5c-1914-11dd-9abd-00166fb80264}\Shell - "" = AutoRun
O33 - MountPoints2\{2284de5c-1914-11dd-9abd-00166fb80264}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2968e6e2-d2b3-11db-9830-cc04b9a69d88}\Shell - "" = AutoRun
O33 - MountPoints2\{2968e6e2-d2b3-11db-9830-cc04b9a69d88}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{444ce05c-d1ec-11db-982c-a2d96b46e988}\Shell - "" = AutoRun
O33 - MountPoints2\{444ce05c-d1ec-11db-982c-a2d96b46e988}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{485a0675-8caa-11db-97c7-0016d34823e1}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{485a0675-8caa-11db-97c7-0016d34823e1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5d748469-70f7-11de-9cd1-00166fb80264}\Shell\AutoRun\command - "" = wscript.exe solution.vbs
O33 - MountPoints2\{5d748469-70f7-11de-9cd1-00166fb80264}\Shell\Open\Command - "" = wscript.exe solution.vbs
O33 - MountPoints2\{5def2a60-1b84-11de-9c10-00166fb80264}\Shell\AutoRun\command - "" = G:\y.bat -- File not found
O33 - MountPoints2\{5def2a60-1b84-11de-9c10-00166fb80264}\Shell\open\Command - "" = G:\y.bat -- File not found
O33 - MountPoints2\{606fd70a-9d42-11db-97e5-ddc59378568a}\Shell\AutoRun\command - "" = F:\d6fagcs8.cmd -- File not found
O33 - MountPoints2\{606fd70a-9d42-11db-97e5-ddc59378568a}\Shell\explore\Command - "" = F:\d6fagcs8.cmd -- File not found
O33 - MountPoints2\{606fd70a-9d42-11db-97e5-ddc59378568a}\Shell\open\Command - "" = F:\d6fagcs8.cmd -- File not found
O33 - MountPoints2\{606fd715-9d42-11db-97e5-ddc59378568a}\Shell\AutoRun\command - "" = F:\vuts0e.cmd -- File not found
O33 - MountPoints2\{606fd715-9d42-11db-97e5-ddc59378568a}\Shell\explore\Command - "" = F:\vuts0e.cmd -- File not found
O33 - MountPoints2\{606fd715-9d42-11db-97e5-ddc59378568a}\Shell\open\Command - "" = F:\vuts0e.cmd -- File not found
O33 - MountPoints2\{76032872-a7fb-11dd-9bbd-00166fb80264}\Shell - "" = AutoRun
O33 - MountPoints2\{76032872-a7fb-11dd-9bbd-00166fb80264}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{79577994-a718-11dd-9bbc-00166fb80264}\Shell\AutoRun\command - "" = F:\y.bat -- File not found
O33 - MountPoints2\{79577994-a718-11dd-9bbc-00166fb80264}\Shell\open\Command - "" = F:\y.bat -- File not found
O33 - MountPoints2\{804390d6-78c2-11de-9ce2-00166fb80264}\Shell\AutoRun\command - "" = C:\windows\System32\setup.exe -- [2008/04/14 08:12:34 | 00,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{9176509a-0ae7-11dd-9a87-00166fb80264}\Shell\AutoRun\command - "" = bar311.exe %1
O33 - MountPoints2\{9176509a-0ae7-11dd-9a87-00166fb80264}\Shell\Explore\command - "" = bar311.exe %1
O33 - MountPoints2\{9176509a-0ae7-11dd-9a87-00166fb80264}\Shell\Open\command - "" = bar311.exe %1
O33 - MountPoints2\{aaf8142b-a661-11dd-9bb9-00166fb80264}\Shell\AutoRun\command - "" = F:\r1y1.bat -- File not found
O33 - MountPoints2\{aaf8142b-a661-11dd-9bb9-00166fb80264}\Shell\explore\Command - "" = F:\r1y1.bat -- File not found
O33 - MountPoints2\{aaf8142b-a661-11dd-9bb9-00166fb80264}\Shell\open\Command - "" = F:\r1y1.bat -- File not found
O33 - MountPoints2\{b55a20aa-ad8b-11dd-9bce-00166fb80264}\Shell\AutoRun\command - "" = RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\ROX.exe
O33 - MountPoints2\{b55a20aa-ad8b-11dd-9bce-00166fb80264}\Shell\open\command - "" = RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\ROX.exe
O33 - MountPoints2\{cc567824-0335-11de-9bf6-00166fb80264}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc567824-0335-11de-9bf6-00166fb80264}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{cc567824-0335-11de-9bf6-00166fb80264}\Shell\phone\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{d3fd895f-d202-11db-982d-bf18f35af688}\Shell - "" = AutoRun
O33 - MountPoints2\{d3fd895f-d202-11db-982d-bf18f35af688}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dd3d1c40-459b-11dd-9b5a-00166fb80264}\Shell - "" = AutoRun
O33 - MountPoints2\{dd3d1c40-459b-11dd-9b5a-00166fb80264}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dd3d1c40-459b-11dd-9b5a-00166fb80264}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{e27815b4-f4ad-11dc-9a45-00166fb80264}\Shell\AutoRun\command - "" = F:\uulaqvl.cmd -- File not found
O33 - MountPoints2\{e27815b4-f4ad-11dc-9a45-00166fb80264}\Shell\explore\Command - "" = F:\uulaqvl.cmd -- File not found
O33 - MountPoints2\{e27815b4-f4ad-11dc-9a45-00166fb80264}\Shell\open\Command - "" = F:\uulaqvl.cmd -- File not found
O33 - MountPoints2\{f531f62e-4e3c-11dc-98d4-00030d000001}\Shell\AutoRun\command - "" = F:\lsass.exe -- File not found
O33 - MountPoints2\{f60f09e2-8c3f-11dc-9995-00166fb80264}\Shell\0pen\command - "" = F:\krag.exe -- File not found
O33 - MountPoints2\{f60f09e2-8c3f-11dc-9995-00166fb80264}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/09/08 01:23:53 | 00,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/09/08 01:23:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009/09/08 01:23:45 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/09/08 01:19:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Donell\Local Settings\Application Data\Opera
[2009/09/08 01:19:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Donell\Application Data\Opera
[2009/09/08 01:19:19 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2009/09/08 01:19:12 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/09/08 01:05:44 | 00,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009/09/08 01:00:13 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/09/08 00:59:42 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/09/08 00:59:22 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/09/08 00:52:59 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/09/08 00:52:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/09/08 00:52:39 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/09/08 00:52:11 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/09/08 00:37:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/09/08 00:32:50 | 00,001,596 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Rainlendar2.lnk
[2009/09/08 00:32:39 | 00,000,000 | ---D | C] -- C:\Program Files\Rainlendar2
[2009/09/08 00:09:58 | 00,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2009/09/08 00:07:04 | 00,000,000 | R-SD | C] -- C:\windows\assembly
[2009/09/08 00:06:02 | 00,000,000 | ---D | C] -- C:\windows\Microsoft.NET
[2009/09/07 22:50:37 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/07 22:50:35 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2009/09/07 22:50:33 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2009/09/07 22:50:33 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/07 22:49:51 | 00,000,000 | ---D | C] -- C:\windows\ERDNT
[2009/09/07 22:49:08 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/09/07 22:23:18 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/06 22:15:25 | 00,000,000 | ---D | C] -- C:\Program Files\Any Video Converter
[2009/09/06 01:00:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Donell\My Documents\xeno
[2009/09/06 00:59:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Donell\My Documents\Suikuden 2
[2009/08/31 19:30:49 | 00,538,624 | ---- | C] () -- C:\Documents and Settings\Donell\My Documents\2009 Individual_family brochure_72109.doc
[2009/08/31 19:30:49 | 00,260,096 | ---- | C] () -- C:\Documents and Settings\Donell\My Documents\Enrollment Form.doc

========== Files - Modified Within 14 Days ==========

[2049/12/31 16:00:00 | 00,538,624 | ---- | M] () -- C:\Documents and Settings\Donell\My Documents\2009 Individual_family brochure_72109.doc
[2049/12/31 16:00:00 | 00,260,096 | ---- | M] () -- C:\Documents and Settings\Donell\My Documents\Enrollment Form.doc
[2009/09/08 21:13:46 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2009/09/08 21:12:19 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2009/09/08 21:12:10 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2009/09/08 20:31:44 | 16,532,630 | -H-- | M] () -- C:\Documents and Settings\Donell\Local Settings\Application Data\IconCache.db
[2009/09/08 20:27:47 | 00,002,626 | ---- | M] () -- C:\windows\System32\CONFIG.NT
[2009/09/08 19:37:42 | 00,001,111 | ---- | M] () -- C:\windows\win.ini
[2009/09/08 19:37:42 | 00,000,469 | ---- | M] () -- C:\windows\system.ini
[2009/09/08 01:23:53 | 00,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/09/08 01:19:19 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2009/09/08 01:05:44 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009/09/08 01:00:13 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/09/08 00:32:50 | 00,001,596 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Rainlendar2.lnk
[2009/09/08 00:09:54 | 00,409,600 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2009/09/08 00:09:54 | 00,395,768 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2009/09/08 00:09:54 | 00,059,842 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2009/09/07 22:50:37 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/07 00:05:34 | 00,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
[2009/09/06 18:33:52 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Donell\Desktop\Microsoft Office Word 2007.lnk
[2009/09/06 00:39:19 | 00,063,488 | ---- | M] () -- C:\Documents and Settings\Donell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/01 08:41:11 | 00,000,991 | ---- | M] () -- C:\Documents and Settings\Donell\Desktop\magicJack.lnk
[2009/09/01 00:30:46 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Donell\Desktop\yahoo_firefox_3.5.2_setup_usk.exe
[2009/08/28 16:22:33 | 00,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job

========== LOP Check ==========

[2009/09/08 20:14:40 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/06/25 20:15:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/01/06 13:28:35 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2007/05/29 00:47:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/05/11 15:43:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/04/27 23:26:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2007/09/14 01:06:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/07/03 11:04:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/02/25 00:44:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2007/03/22 17:32:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/08/31 18:54:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/09/14 02:27:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tenebril
[2006/12/23 11:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/04/23 20:21:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2009/09/08 01:19:29 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Donell\Application Data
[2007/08/07 19:19:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Ahead
[2009/09/06 22:19:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Any Video Converter
[2009/04/03 13:19:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\ArcSoft
[2009/07/10 15:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\AVGTOOLBAR
[2008/03/21 22:33:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\CyberLink
[2008/02/17 19:03:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Datalayer
[2009/07/20 03:36:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\DNA
[2008/05/08 13:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\FrostWire
[2009/07/10 15:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\HouseCall 6.6
[2009/07/10 15:33:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\IObit
[2007/06/28 15:26:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Leadertech
[2009/05/28 19:57:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\LG Electronics
[2008/04/25 09:05:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\LimeWire
[2008/04/05 20:14:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Magic Match
[2009/09/01 08:41:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\mjusbsp
[2009/04/30 11:45:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Nokia
[2007/05/09 19:42:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Nokia Multimedia Player
[2009/09/08 01:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Opera
[2009/04/30 11:45:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\PC Suite
[2007/06/30 13:27:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\PlayFirst
[2006/12/16 10:25:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Rainlendar
[2009/06/16 14:53:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\SystemRequirementsLab
[2007/09/14 02:32:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\Tenebril
[2009/08/26 19:50:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\uTorrent
[2009/04/30 12:19:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Donell\Application Data\ZoomBrowser EX
[2009/08/28 16:22:33 | 00,000,284 | ---- | M] () -- C:\windows\Tasks\AppleSoftwareUpdate.job
[2001/08/23 19:00:00 | 00,000,065 | RH-- | M] () -- C:\windows\Tasks\desktop.ini
[2009/09/08 21:12:19 | 00,000,006 | -H-- | M] () -- C:\windows\Tasks\SA.DAT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008/02/02 20:53:48 | 00,000,000 | RHS- | M] () -- C:\SilentSoftech.exe

< %systemroot%\system32\eventlog.dll >
[2008/04/14 08:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\eventlog.dll

< %systemroot%\system32\scecli.dll >
[2008/04/14 08:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\scecli.dll

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Donell\Desktop\yahoo_firefox_3.5.2_setup_usk.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Donell\Desktop\Sony Ericsson PC Suite_3.209.00_EN.exe:SummaryInformation
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
< End of report >


Extras Log:
OTL Extras logfile created on: 9/7/2009 11:25:54 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Donell\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

758.42 Mb Total Physical Memory | 297.42 Mb Available Physical Memory | 39.22% Memory free
1.06 Gb Paging File | 0.57 Gb Available in Paging File | 53.93% Paging File free
Paging file location(s): c:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 11.81 Gb Free Space | 30.24% Space Free | Partition Type: NTFS
Drive D: | 16.82 Gb Total Space | 15.59 Gb Free Space | 92.69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONELL-F8D64C2C
Current User Name: Donell
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"G:\utorrent.exe" = G:\utorrent.exe:*:Disabled:µTorrent -- File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\dale\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\dale\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Donell\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Donell\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 15
"{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Camera Support Core Library
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = RAW Image Task 1.1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9092875A-D6E1-4B76-84F5-F9C0C6E14D10}" = ArcSoft PhotoImpression 6
"{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = SMART BRO
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{C1B93FF0-EDBB-43F1-8F4B-E0C8665EBE37}" = LG PC Suite II
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C797EAF2-707A-4239-BDF3-F2672314A734}" = First Step Guide
"{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = RemoteCapture Task 1.0.3
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6F8C52CF07BBF1FE2471DC68C08F06D7C58B7D49" = Windows Driver Package - Intel (w29n51) net (09/12/2005 9.0.3.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast!" = avast! Antivirus
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"CAL" = Canon Camera Access Library
"CameraUserGuide-PSSD1200IS_IXUS95IS" = Canon PowerShot SD1200 IS_IXUS 95 IS Camera User Guide
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CANONBJ_Deinstall_CNMCP76.DLL" = Canon iP1200
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CCleaner" = CCleaner (remove only)
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Windows Driver Package - Nokia Modem (02/24/2009 4.0)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Windows Driver Package - Nokia Modem (02/23/2009 7.01.0.2)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"F.A. Davis's Nursing Care Plan, ed. 6, on CD-ROM" = F.A. Davis's Nursing Care Plan, ed. 6, on CD-ROM
"FLV Player" = FLV Player 2.0 (build 25)
"Game Booster_is1" = Game Booster
"Garena" = Garena
"GridVista" = Acer GridVista
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Canon Camera Support Core Library
"InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = Canon RemoteCapture Task for ZoomBrowser EX
"jZip" = jZip
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Network Play System (Patching)" = Network Play System (Patching)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"Rainlendar" = Rainlendar (remove only)
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shockwave" = Shockwave
"SoftwareStarterGuide-DCSD40_46" = Canon Digital Camera Solution Disk 40-46 Software Starter Guide
"ST6UNST #1" = Dealer Information System ver. 2.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 5/27/2007 2:05:10 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

Error - 5/27/2007 2:29:15 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Instant Messaging provider: cannot start
because 'Norton Antivirus / Symantec Antivirus' is active!, 00000000.

Error - 5/27/2007 2:29:16 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - initialization error: P2P provider: cannot start because 'Norton
Antivirus / Symantec Antivirus' is active!, 00000000.

Error - 5/27/2007 2:29:16 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Standard Shield provider: cannot start
because 'Norton Antivirus / Symantec Antivirus' is active!, 00000000.

Error - 10/4/2007 8:35:18 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://forum.gsmhost...mp;d=1166430343
failed, 00000026.

Error - 10/5/2007 4:09:45 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.gsmhostin...mp;d=1161358228 failed,
00000026.

Error - 10/5/2007 4:10:15 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.gsmhostin...mp;d=1161358228 failed,
00000026.

Error - 10/5/2007 4:10:39 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.gsmhostin...mp;d=1161358228 failed,
00000026.

Error - 10/5/2007 4:10:59 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.gsmhostin...mp;d=1161358357 failed,
00000026.

Error - 11/26/2007 10:11:44 AM | Computer Name = DONELL-F8D64C2C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.nokiapowe...t...ost&id=6626 failed, 00000026.


[ Application Events ]
Error - 6/9/2009 11:16:19 AM | Computer Name = DONELL-F8D64C2C | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/12/2009 5:13:40 AM | Computer Name = DONELL-F8D64C2C | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/12/2009 9:40:06 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.

Error - 6/14/2009 1:46:16 PM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module emzdecmp4_h263.dll, version 2.6.1.0, fault address 0x00002827.

Error - 6/14/2009 1:47:10 PM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module emzdecmp4_h263.dll, version 2.6.1.0, fault address 0x00002827.

Error - 6/14/2009 1:47:45 PM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module emzdecmp4_h263.dll, version 2.6.1.0, fault address 0x00002827.

Error - 7/15/2009 9:44:24 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application yahoom~1.exe, version 9.0.0.2162, faulting module
yahoom~1.exe, version 9.0.0.2162, fault address 0x000a7714.

Error - 7/15/2009 9:46:59 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2162, faulting
module yahoomessenger.exe, version 9.0.0.2162, fault address 0x000a7714.

Error - 7/24/2009 12:34:42 PM | Computer Name = DONELL-F8D64C2C | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 9/6/2009 6:39:32 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10b.ocx, version 10.0.22.87, fault address 0x0002aeec.

[ Application Events ]
Error - 6/9/2009 11:16:19 AM | Computer Name = DONELL-F8D64C2C | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/12/2009 5:13:40 AM | Computer Name = DONELL-F8D64C2C | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/12/2009 9:40:06 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.

Error - 6/14/2009 1:46:16 PM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module emzdecmp4_h263.dll, version 2.6.1.0, fault address 0x00002827.

Error - 6/14/2009 1:47:10 PM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module emzdecmp4_h263.dll, version 2.6.1.0, fault address 0x00002827.

Error - 6/14/2009 1:47:45 PM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module emzdecmp4_h263.dll, version 2.6.1.0, fault address 0x00002827.

Error - 7/15/2009 9:44:24 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application yahoom~1.exe, version 9.0.0.2162, faulting module
yahoom~1.exe, version 9.0.0.2162, fault address 0x000a7714.

Error - 7/15/2009 9:46:59 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2162, faulting
module yahoomessenger.exe, version 9.0.0.2162, fault address 0x000a7714.

Error - 7/24/2009 12:34:42 PM | Computer Name = DONELL-F8D64C2C | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 9/6/2009 6:39:32 AM | Computer Name = DONELL-F8D64C2C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10b.ocx, version 10.0.22.87, fault address 0x0002aeec.

[ System Events ]
Error - 9/7/2009 10:36:45 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7034
Description = The Canon Camera Access Library 8 service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/7/2009 10:36:45 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 9/7/2009 10:36:45 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/7/2009 10:36:45 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7034
Description = The avast! Mail Scanner service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/7/2009 10:36:46 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7034
Description = The InCD Helper service terminated unexpectedly. It has done this
1 time(s).

Error - 9/7/2009 10:44:05 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7000
Description = The AVG8 WatchDog service failed to start due to the following error:
%%2

Error - 9/7/2009 10:44:08 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86

Error - 9/7/2009 10:59:50 AM | Computer Name = DONELL-F8D64C2C | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 9/7/2009 11:00:15 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7000
Description = The AVG8 WatchDog service failed to start due to the following error:
%%2

Error - 9/7/2009 11:00:18 AM | Computer Name = DONELL-F8D64C2C | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 IntelIde


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP