Ive followed the steps in your guide
rootrepeal text:-
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/03 08:52
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: dump_iaStor.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_iaStor.sys
Address: 0xED4FB000 Size: 827392 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB9DA6000 Size: 49152 File Visible: No Signed: -
Status: -
Name: sfc.SYS
Image Path: C:\WINDOWS\System32\Drivers\sfc.SYS
Address: 0xB9CA9000 Size: 12544 File Visible: No Signed: -
Status: -
Name: win32k.sys:1
Image Path: C:\WINDOWS\win32k.sys:1
Address: 0xF78E4000 Size: 20480 File Visible: No Signed: -
Status: -
Name: win32k.sys:2
Image Path: C:\WINDOWS\win32k.sys:2
Address: 0xEF43D000 Size: 61440 File Visible: No Signed: -
Status: -
Hidden Services
-------------------
Service Name: gasfkydlmcytgk
Image Path: C:\WINDOWS\system32\drivers\gasfkyhxhhylua.sys
==EOF==
OTL text:-
OTL logfile created on: 03/10/2009 08:56:57 - Run 1
OTL by OldTimer - Version 3.0.18.0 Folder = C:\Documents and Settings\Norman\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1023.29 Mb Total Physical Memory | 412.02 Mb Available Physical Memory | 40.26% Memory free
2.40 Gb Paging File | 1.88 Gb Available in Paging File | 78.07% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.03 Gb Total Space | 107.65 Gb Free Space | 76.33% Space Free | Partition Type: NTFS
Drive D: | 8.01 Gb Total Space | 6.06 Gb Free Space | 75.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 74.52 Gb Total Space | 35.19 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
Drive G: | 74.52 Gb Total Space | 35.19 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NORMANXP
Current User Name: Norman
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/08/17 07:58:26 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2005/04/06 17:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2001/12/07 12:45:58 | 00,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
PRC - [2007/01/05 03:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/08/17 07:58:40 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2006/07/12 13:19:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2007/02/02 15:43:16 | 00,538,136 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/11/24 23:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2007/02/02 15:43:16 | 00,330,264 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsty.exe
PRC - [2006/07/10 19:53:08 | 00,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
PRC - [2006/06/15 08:43:20 | 00,049,152 | ---- | M] (HP) -- C:\Program Files\ToolBoxFX\bin\HPTLBXFX.exe
PRC - [2009/08/17 07:58:30 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008/08/04 00:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/03/18 02:06:00 | 01,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/12/08 15:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
PRC - [2008/12/08 15:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
PRC - [2008/04/14 01:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/08/24 21:17:45 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/03 08:55:40 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Norman\My Documents\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/12/13 12:17:27 | 00,072,704 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [On_Demand | Stopped])
SRV - [2009/08/17 07:58:26 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/01/11 18:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc [Disabled | Stopped])
SRV - [2005/04/06 17:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service [Auto | Running])
SRV - [2001/12/07 12:45:58 | 00,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE -- (C-DillaSrv [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/28 15:14:53 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/14 01:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/03/30 10:36:30 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2007/01/05 03:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr [Auto | Running])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/04/14 18:07:20 | 28,933,976 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ [On_Demand | Stopped])
SRV - [2005/10/14 11:50:20 | 00,045,272 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper [Disabled | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006/07/12 13:19:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/06/14 00:39:58 | 00,364,544 | ---- | M] (SoftThinks) -- C:\WINDOWS\SMINST\PCAngel.exe -- (PCA [Disabled | Stopped])
SRV - [2007/02/02 15:43:16 | 00,538,136 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher [Auto | Running])
SRV - [2007/12/19 09:11:41 | 00,079,360 | ---- | M] (SolidWorks) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service [On_Demand | Stopped])
SRV - [2006/04/14 18:05:58 | 00,240,416 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser [Disabled | Stopped])
SRV - [2008/11/24 23:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo.co.uk"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/01 17:52:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/06 10:11:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/23 17:38:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/24 07:56:11 | 00,000,000 | ---D | M]
[2009/09/23 17:38:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\mozilla\Extensions
[2009/09/23 17:38:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/02 15:32:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\mozilla\Firefox\Profiles\esffjylg.default\extensions
[2009/09/23 17:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\mozilla\Firefox\Profiles\esffjylg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/23 17:38:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\mozilla\Firefox\Profiles\esffjylg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/10/02 15:32:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/02/21 18:57:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/09/23 17:38:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/05/14 17:28:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/05/24 08:06:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2009/08/24 21:17:45 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 21:17:45 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/08/24 21:17:45 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/02/21 18:57:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008/05/19 17:15:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/05/19 17:15:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/05/19 17:15:43 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/05/19 17:15:43 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/05/19 17:15:43 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/05/19 17:15:43 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/05/19 17:15:43 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/02/21 18:57:54 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2008/02/21 18:57:46 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/08/24 20:10:36 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/08/24 20:10:36 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/24 20:10:36 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/08/24 20:10:36 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 20:10:36 | 00,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/08/24 20:10:36 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 20:10:36 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 20:10:36 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: (319915 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10971 more lines...
O2 - BHO: (mscorewr) - {00009E9F-DDD7-AA59-AA7D-AA4B7D6BE000} - C:\WINDOWS\System32\mscorewr.dll (Macrovision Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSN helper) - {1D50F92D-B74D-434F-B14A-7A08E851ADFF} - C:\WINDOWS\System32\khg0.dll (Google Ltd)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (PremiereAdvertisingPlatform) - {547395D9-934A-CED6-B851-F238C86079E5} - C:\Program Files\PremiereAdvertisingPlatform\PremiereAdvertisingPlatform.dll File not found
O2 - BHO: () - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - C:\Program Files\Starware316\bin\Starware316.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (fruttinet) - {cc414268-9551-912e-6b8a-e0b2faf089a7} - C:\WINDOWS\System32\00407928-667d-e635-0368-9ee6caa0727a.dll File not found
O2 - BHO: (TBSB09835 Class) - {D97FC677-694D-4A75-AC89-A5B85C2BCFED} - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Starware Screensavers Toolbar) - {1962c5bc-e475-465b-823b-133e711bceb9} - C:\Program Files\Starware316\bin\Starware316.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Bullseye Tool Bar) - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Bullseye Tool Bar) - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} http://download.yaho...bt/yregucfg.cab (RegUserCfgUI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.50 194.62.44.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hendry2k.local
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/05/01 01:01:00 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (Partizan) - C:\WINDOWS\System32\Partizan.exe (Greatis Software)
O34 - HKLM BootExecute: (ootExecute) - File not found
O34 - HKLM BootExecute: (settings...) - File not found
O34 - HKLM BootExecute: (on\E) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/10/01 15:45:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/01 15:45:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Norman\Application Data\Malwarebytes
[2009/10/03 08:21:44 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/09/19 11:02:11 | 00,000,000 | ---D | C] -- C:\Program Files\Greatis
[2009/10/01 16:09:31 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/01 15:12:27 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/03 08:22:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/03 08:15:28 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/03 08:15:26 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/03 08:03:50 | 00,000,000 | ---D | C] -- C:\906301ac388c237a80
[2009/10/03 07:57:34 | 00,000,000 | ---D | C] -- C:\2c5b59320054670d038a46cac3
[2009/10/01 17:37:32 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Norman\Desktop\RootRepeal.exe
[2009/10/01 17:01:03 | 03,550,592 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Norman\Desktop\procexp.exe
[2009/10/01 15:44:04 | 04,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Norman\Desktop\mbam-setup.exe
[2009/10/01 14:21:55 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Norman\Desktop\spybotsd162.exe
[2009/09/24 14:07:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Norman\My Documents\Downloads
[2009/09/23 16:02:47 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec
[2009/09/23 15:50:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8
[2009/09/23 15:50:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009/09/19 17:57:59 | 66,060,2880 | ---- | C] (SoftThinks) -- C:\Backup 09-19-09 095345.001.exe
[2009/09/19 11:07:59 | 00,024,416 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2009/09/19 11:03:27 | 00,035,040 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe
[2009/09/19 11:03:27 | 00,034,760 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2009/09/19 11:02:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Norman\My Documents\RegRun2
========== Files - Modified Within 14 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/10/03 08:21:44 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Norman\Desktop\NTREGOPT.lnk
[2009/10/03 08:21:44 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Norman\Desktop\ERUNT.lnk
[2009/10/03 08:15:30 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/03 08:14:03 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/03 08:13:39 | 00,000,248 | -H-- | M] () -- C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/10/03 08:13:39 | 00,000,248 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/10/03 08:13:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/03 08:13:18 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/03 08:13:18 | 00,000,000 | ---- | M] () -- C:\WINDOWS\win32k.sys
[2009/10/03 08:13:16 | 10,730,74176 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/03 08:12:20 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2009/10/03 08:06:42 | 42,186,641 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/03 08:06:42 | 00,004,566 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/03 07:56:04 | 00,067,863 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2009/10/02 09:33:49 | 00,050,431 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\3-8NPT PORT.pdf
[2009/10/02 09:33:10 | 00,050,999 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\3-8BSP PORT.pdf
[2009/10/02 09:32:32 | 00,046,687 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\1-4NPT PORT1.pdf
[2009/10/02 03:30:00 | 00,000,420 | ---- | M] () -- C:\WINDOWS\tasks\ErrorSweeper Scheduled Scan.job
[2009/10/01 17:40:49 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\Norman\Desktop\settings.dat
[2009/10/01 17:32:24 | 00,034,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\rootrepeal_1.sys
[2009/10/01 17:29:58 | 00,034,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\norman.sys
[2009/10/01 17:21:57 | 00,013,705 | ---- | M] () -- C:\WINDOWS\System32\mscomct2.dat
[2009/10/01 17:21:56 | 00,015,313 | ---- | M] () -- C:\WINDOWS\System32\ntrdectr.dat
[2009/10/01 17:01:09 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Norman\Desktop\procexp.exe
[2009/10/01 16:04:23 | 00,271,872 | ---- | M] () -- C:\Documents and Settings\Norman\Desktop\TFC.exe
[2009/10/01 15:44:16 | 04,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Norman\Desktop\mbam-setup.exe
[2009/10/01 14:22:04 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Norman\Desktop\spybotsd162.exe
[2009/10/01 12:05:59 | 00,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/01 11:37:16 | 00,032,026 | ---- | M] () -- C:\WINDOWS\System32\msrfcint.dat
[2009/10/01 09:28:15 | 00,401,408 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\MILLER.xls
[2009/10/01 08:46:34 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/09/29 15:13:39 | 00,764,416 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\NIROX.xls
[2009/09/28 12:04:51 | 00,196,271 | ---- | M] () -- C:\Documents and Settings\Norman\Desktop\paint.pdf
[2009/09/28 11:59:02 | 00,051,192 | ---- | M] () -- C:\Documents and Settings\Norman\Desktop\IMG.pdf
[2009/09/24 17:43:59 | 00,020,027 | ---- | M] () -- C:\WINDOWS\System32\pogb
[2009/09/24 17:43:54 | 00,011,264 | ---- | M] () -- C:\WINDOWS\System32\lpomf.dll
[2009/09/24 17:43:52 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\xd.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\q1.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\jc.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\idm.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\c2d.dat
[2009/09/24 13:46:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini
[2009/09/24 12:13:47 | 00,027,938 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\D400516.pdf
[2009/09/23 12:24:05 | 00,031,948 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\D400530.pdf
[2009/09/23 08:19:41 | 00,000,895 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/09/23 08:19:32 | 00,000,059 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/09/23 08:19:13 | 00,000,685 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/23 08:19:12 | 00,001,725 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2009/09/22 11:16:48 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/09/22 09:26:28 | 00,021,970 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\Md60037R.pdf
[2009/09/22 09:19:16 | 00,405,504 | ---- | M] () -- C:\Documents and Settings\Norman\My Documents\Ratcliff2.xls
[2009/09/19 18:08:23 | 66,060,2880 | ---- | M] (SoftThinks) -- C:\Backup 09-19-09 095345.001.exe
[2009/09/19 18:08:23 | 14,768,0453 | ---- | M] () -- C:\Backup 09-19-09 095345.005.stc
[2009/09/19 18:07:34 | 66,060,2880 | ---- | M] () -- C:\Backup 09-19-09 095345.004.stc
[2009/09/19 18:05:27 | 66,060,2880 | ---- | M] () -- C:\Backup 09-19-09 095345.003.stc
[2009/09/19 18:02:32 | 66,060,2880 | ---- | M] () -- C:\Backup 09-19-09 095345.002.stc
[2009/09/19 17:57:59 | 00,001,112 | ---- | M] () -- C:\Backup 09-19-09 095345.bst
[2009/09/19 11:32:55 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/19 11:32:55 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/09/19 11:07:59 | 00,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2009/09/19 11:03:27 | 00,035,040 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe
[2009/09/19 11:03:27 | 00,034,760 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2009/09/19 11:02:31 | 00,002,631 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2009/09/19 11:02:31 | 00,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/09/19 11:02:31 | 00,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
========== Files - No Company Name ==========
[2009/10/03 08:21:44 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Norman\Desktop\NTREGOPT.lnk
[2009/10/03 08:21:44 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Norman\Desktop\ERUNT.lnk
[2009/10/03 08:15:30 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/02 08:44:01 | 00,046,687 | ---- | C] () -- C:\Documents and Settings\Norman\My Documents\1-4NPT PORT1.pdf
[2009/10/01 17:37:45 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\Norman\Desktop\settings.dat
[2009/10/01 17:32:15 | 00,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootrepeal_1.sys
[2009/10/01 17:29:47 | 00,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\norman.sys
[2009/10/01 16:03:56 | 00,271,872 | ---- | C] () -- C:\Documents and Settings\Norman\Desktop\TFC.exe
[2009/10/01 15:51:49 | 10,730,74176 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/01 11:37:17 | 00,032,026 | ---- | C] () -- C:\WINDOWS\System32\msrfcint.dat
[2009/10/01 11:37:08 | 00,015,313 | ---- | C] () -- C:\WINDOWS\System32\ntrdectr.dat
[2009/10/01 11:36:59 | 00,013,705 | ---- | C] () -- C:\WINDOWS\System32\mscomct2.dat
[2009/09/28 12:04:50 | 00,196,271 | ---- | C] () -- C:\Documents and Settings\Norman\Desktop\paint.pdf
[2009/09/28 11:59:02 | 00,051,192 | ---- | C] () -- C:\Documents and Settings\Norman\Desktop\IMG.pdf
[2009/09/24 17:43:54 | 00,011,264 | ---- | C] () -- C:\WINDOWS\System32\lpomf.dll
[2009/09/24 17:43:52 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\xd.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\q1.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\jc.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\idm.dat
[2009/09/24 17:43:52 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\c2d.dat
[2009/09/24 14:00:59 | 00,020,027 | ---- | C] () -- C:\WINDOWS\System32\pogb
[2009/09/24 13:46:50 | 00,774,144 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB
[2009/09/24 13:46:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/09/23 12:23:58 | 00,031,948 | ---- | C] () -- C:\Documents and Settings\Norman\My Documents\D400530.pdf
[2009/09/22 09:26:22 | 00,021,970 | ---- | C] () -- C:\Documents and Settings\Norman\My Documents\Md60037R.pdf
[2009/09/19 18:07:34 | 14,768,0453 | ---- | C] () -- C:\Backup 09-19-09 095345.005.stc
[2009/09/19 18:05:27 | 66,060,2880 | ---- | C] () -- C:\Backup 09-19-09 095345.004.stc
[2009/09/19 18:02:32 | 66,060,2880 | ---- | C] () -- C:\Backup 09-19-09 095345.003.stc
[2009/09/19 18:00:43 | 66,060,2880 | ---- | C] () -- C:\Backup 09-19-09 095345.002.stc
[2009/09/19 17:57:59 | 00,001,112 | ---- | C] () -- C:\Backup 09-19-09 095345.bst
[2009/09/19 11:02:31 | 00,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2008/04/01 08:18:24 | 03,702,618 | -H-- | C] () -- C:\Documents and Settings\Norman\Local Settings\Application Data\IconCache.db
[2008/02/06 11:42:44 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Norman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/06 09:26:20 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Norman\Local Settings\Application Data\fusioncache.dat
[2007/10/06 09:16:58 | 00,002,718 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/09/12 14:59:46 | 00,070,152 | ---- | C] () -- C:\Documents and Settings\Norman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/09/12 14:59:46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Norman\Application Data\desktop.ini
[2006/04/25 11:19:02 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
========== LOP Check ==========
[2009/10/01 15:45:04 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/08/22 05:26:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2009/01/14 17:08:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2008/02/07 17:30:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2008/02/05 09:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2008/11/03 11:33:44 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/12/09 09:31:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009/06/02 10:38:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/02/07 18:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2008/03/29 12:02:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/06/02 10:48:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/03/26 11:41:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Starware316
[2009/09/15 15:58:02 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Norman\Application Data
[2009/01/30 17:54:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\ArcSoft
[2009/01/14 17:08:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Autodesk
[2008/02/07 17:30:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\AVS4YOU
[2008/05/17 08:46:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\AVSMedia
[2009/09/15 15:58:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\CADClick
[2008/06/26 08:09:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Canneverbe_Limited
[2008/12/09 09:31:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Canon
[2009/09/18 20:08:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\DealAssistant
[2007/12/19 09:12:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\EDrawings
[2007/12/17 16:36:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\ErrorSweeper
[2009/09/17 17:32:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\FrostWire
[2008/05/15 11:10:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\InterVideo
[2008/10/30 15:48:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Lasata
[2008/07/15 18:00:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\LimeWire
[2008/05/26 14:36:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\NCH Swift Sound
[2009/06/02 10:48:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Nokia
[2009/06/02 10:48:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\PC Suite
[2007/08/22 05:17:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\SampleView
[2008/03/26 11:41:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Starware316
[2008/08/06 12:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Windows Desktop Search
[2008/10/30 16:32:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Norman\Application Data\Windows Search
[2006/02/28 03:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/02 03:30:00 | 00,000,420 | ---- | M] () -- C:\WINDOWS\Tasks\ErrorSweeper Scheduled Scan.job
[2009/10/03 08:13:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/03 08:13:39 | 00,000,248 | -H-- | M] () -- C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/10/03 08:13:39 | 00,000,248 | -H-- | M] () -- C:\WINDOWS\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2009/09/19 18:08:23 | 66,060,2880 | ---- | M] (SoftThinks) -- C:\Backup 09-19-09 095345.001.exe
< %systemroot%\system32\eventlog.dll >
[2008/04/14 01:11:53 | 00,061,952 | ---- | M] () -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/14 01:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
[2008/04/14 01:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logevent.dll
< End of report >
OTL Extra :-
OTL Extras logfile created on: 03/10/2009 08:56:57 - Run 1
OTL by OldTimer - Version 3.0.18.0 Folder = C:\Documents and Settings\Norman\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1023.29 Mb Total Physical Memory | 412.02 Mb Available Physical Memory | 40.26% Memory free
2.40 Gb Paging File | 1.88 Gb Available in Paging File | 78.07% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.03 Gb Total Space | 107.65 Gb Free Space | 76.33% Space Free | Partition Type: NTFS
Drive D: | 8.01 Gb Total Space | 6.06 Gb Free Space | 75.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 74.52 Gb Total Space | 35.19 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
Drive G: | 74.52 Gb Total Space | 35.19 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NORMANXP
Current User Name: Norman
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\setup\HPZNET01.EXE" = E:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe -- File not found
"E:\setup\hppapd.exe" = E:\setup\hppapd.exe:*:Enabled:hppapd.exe -- File not found
"E:\setup\HPNTWKEXE.EXE" = E:\setup\HPNTWKEXE.EXE:*:Enabled:hpntwkexe.exe -- File not found
"C:\WINDOWS\system32\dmremote.exe" = C:\WINDOWS\system32\dmremote.exe:*:Enabled:dmremote.exe -- (Microsoft Corp.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{071B0E72-3E3E-416B-B19A-48B97DDBF2EA}" = Install
"{09920506-86A3-4EB2-A022-8DD6D56FEC59}" = Autodesk Inventor 5.3
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series" = Canon iP3600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{135BA9A6-495A-4FE9-B1A1-AB4DA449CAB1}" = hppLJP2015
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1ECD6EC8-7BB2-4CD5-A384-BAA371BC4D21}" = Volo View Express
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3EA85AFA-1664-497B-A571-8B26A5B72172}" = Mirar
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{41F8F89F-4638-4201-8072-D610F61506C9}" = SolidWorks eDrawings 2009
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{4F2A42E9-C0A7-4C56-92A8-6EC6CB7D815C}" = eDrawings 2008
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{561D20B1-766E-4EA5-8A1D-B7357D903673}" = hppIOFiles
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{633EC831-6345-4D3E-8BA0-9A8D030CC393}" = HP Performance Tuning Framework
"{6441FECE-0E73-4326-81BF-68503E897820}" = CorePLS_Min_QFolder
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{69E6C13B-CF6B-47A6-B7A5-77FE82B2CB40}" = hppFonts
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A178F2E-92F6-437C-A709-69685D1C0F2B}" = hppTLBXFXP2015
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F4DD591-9000-0409-0000-7107D70F3DB4}" = Autodesk Inventor 9
"{808E5AB1-E98F-4362-AB10-B5B69CB2301C}" = HP Workstation User Guides
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C0118CC-F720-45FF-A4DA-44AD77B2E73C}" = CorePLS_Full_QFolder
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{93C069D4-2F86-4570-A6DF-BFABBA1E4AFD}" = hpzTLBXFX
"{996D8BB8-9B47-46C7-92DC-DCCE64467AB8}" = BlueSoleil
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAA11090-6E99-4655-AAF5-57EB5F677D0C}" = MarketResearch
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-BA7E-000000000001}" = Adobe Acrobat 6.0 Standard
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.2
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EDAE4F43-833C-443B-8DB5-129F897DF3E8}" = hppWebRegMM
"{EDAE94B3-712E-4D9B-9772-BDB49DAF6BA1}" = Content Library
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F38D0F99-1BFC-47AB-AC36-8D9D43700CFB}" = hppManualsP2015
"{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs
"7-Zip" = 7-Zip 4.57
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Astro Gemini Screensaver Manager_is1" = Astro Gemini Screensaver Manager 1.2
"Astronomy 2005 Screensaver" = Astronomy 2005 Screensaver
"AutoCAD 2000 Uninstall" = AutoCAD 2000
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"AVG8Uninstall" = AVG Free 8.5
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP1
"Canon iP3600 series User Registration" = Canon iP3600 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DoremiSoft AVI to MP4 Converter" = DoremiSoft AVI to MP4 Converter 1.0
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ERUNT_is1" = ERUNT 1.1j
"GlobFX Space Travel" = GlobFX Space Travel
"HP LaserJet P2015" = HP LaserJet P2015 Series 1.0
"HPExtendedCapabilities" = HP Extended Capabilities 6.0
"IDAutomation.com Code 39 Free Font" = IDAutomation.com Code 39 Free Font
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{071B0E72-3E3E-416B-B19A-48B97DDBF2EA}" = XRL
"LMS" = C-Dilla Licence Management System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player - Codec Pack" = Media Player Codec Pack 3.8.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PDF Complete" = PDF Complete
"Pegasus Operations Client" = Pegasus Operations II Client
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealPlayer
"Solar System 3D Screensaver_is1" = Solar System 3D Screensaver 1.4
"SSSInstaller" = Screensavers Installer Version 3
"TBSB09835.TBSB09835Toolbar" = Bullseye Tool Bar
"VisualTool" = VisualTool
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winmail Reader_is1" = Winmail Reader 1.1.12
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealAssistant" = DealAssistant
"Puzzle Pirates" = Puzzle Pirates
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01/10/2009 12:48:35 | Computer Name = NORMANXP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0013cce3.
Error - 01/10/2009 12:48:43 | Computer Name = NORMANXP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0013cce3.
Error - 01/10/2009 13:10:52 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft SQL Server 2005 Express Edition -- Error 29503.
The SQL Server service failed to start. For more information, see the SQL Server
Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting
SQL Server Manually." The error is (1053) The service did not respond to the start
or control request in a timely fashion. .
Error - 01/10/2009 13:11:03 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft Office 2007 Primary Interop Assemblies -- Please
install Microsoft Office 2007 before installing this product.
Error - 01/10/2009 13:11:03 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office 2007 Primary Interop Assemblies - Update
'Security Update for Microsoft Office PowerPoint 2007 (KB951338)' could not be
installed. Error code 1603. Windows Installer can create logs to help troubleshoot
issues with installing software packages. Use the following link for instructions
on turning on logging support: http://go.microsoft....k/?LinkId=23127
Error - 01/10/2009 22:01:53 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft SQL Server 2005 Express Edition -- Error 29503.
The SQL Server service failed to start. For more information, see the SQL Server
Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting
SQL Server Manually." The error is (1053) The service did not respond to the start
or control request in a timely fashion. .
Error - 01/10/2009 22:02:03 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft Office 2007 Primary Interop Assemblies -- Please
install Microsoft Office 2007 before installing this product.
Error - 01/10/2009 22:02:03 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office 2007 Primary Interop Assemblies - Update
'Security Update for Microsoft Office PowerPoint 2007 (KB951338)' could not be
installed. Error code 1603. Windows Installer can create logs to help troubleshoot
issues with installing software packages. Use the following link for instructions
on turning on logging support: http://go.microsoft....k/?LinkId=23127
Error - 03/10/2009 03:09:40 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft Office 2007 Primary Interop Assemblies -- Please
install Microsoft Office 2007 before installing this product.
Error - 03/10/2009 03:09:40 | Computer Name = NORMANXP | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office 2007 Primary Interop Assemblies - Update
'Security Update for Microsoft Office PowerPoint 2007 (KB951338)' could not be
installed. Error code 1603. Windows Installer can create logs to help troubleshoot
issues with installing software packages. Use the following link for instructions
on turning on logging support: http://go.microsoft....k/?LinkId=23127
[ System Events ]
Error - 03/10/2009 03:09:35 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 03/10/2009 03:09:35 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7034
Description = The PDF Document Manager service terminated unexpectedly. It has
done this 1 time(s).
Error - 03/10/2009 03:09:35 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7034
Description = The AVG8 WatchDog service terminated unexpectedly. It has done this
1 time(s).
Error - 03/10/2009 03:09:36 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7034
Description = The SQL Server VSS Writer service terminated unexpectedly. It has
done this 1 time(s).
Error - 03/10/2009 03:09:36 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7031
Description = The .NET Runtime Optimization Service v2.0.50727_X86 service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 60000 milliseconds: Restart the service.
Error - 03/10/2009 03:10:05 | Computer Name = NORMANXP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft SQL Server 2005 Express Edition Service Pack 3
(KB955706).
Error - 03/10/2009 03:10:05 | Computer Name = NORMANXP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB951338).
Error - 03/10/2009 03:14:41 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%10022
Error - 03/10/2009 03:14:41 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 03/10/2009 03:14:41 | Computer Name = NORMANXP | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
< End of report >