She also reports that Outlook is crashing frequently (which seems to happen when Norton tries to scan email), as has iTunes and her Adobe LightRoom programs.
She's running XP, SP3.
I've gone through the steps in your malware removal guide, but have found nothing significant and seen no changes in her system's performance. Would appreciate any help you can give.
I've attached logs from RootRepeal and OTL below.
RootRepeal Log
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/18 13:57
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: asc3350p.sys
Image Path: asc3350p.sys
Address: 0xBA378000 Size: 22400 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: dump_iaStor.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_iaStor.sys
Address: 0x8CB53000 Size: 749568 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xAA950000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 012 Function Name: NtAlertResumeThread
Status: Hooked by "<unknown>" at address 0x884054e0
#: 013 Function Name: NtAlertThread
Status: Hooked by "<unknown>" at address 0x87bc22c0
#: 017 Function Name: NtAllocateVirtualMemory
Status: Hooked by "<unknown>" at address 0x87bbaf98
#: 031 Function Name: NtConnectPort
Status: Hooked by "<unknown>" at address 0x8a9590c0
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0x8cfa9020
#: 043 Function Name: NtCreateMutant
Status: Hooked by "<unknown>" at address 0x887ff9b0
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x87ba5b30
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0x8cfa92a0
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0x8cfa9800
#: 083 Function Name: NtFreeVirtualMemory
Status: Hooked by "<unknown>" at address 0x88544810
#: 089 Function Name: NtImpersonateAnonymousToken
Status: Hooked by "<unknown>" at address 0x88405428
#: 091 Function Name: NtImpersonateThread
Status: Hooked by "<unknown>" at address 0x88324438
#: 108 Function Name: NtMapViewOfSection
Status: Hooked by "<unknown>" at address 0x87bf4b40
#: 114 Function Name: NtOpenEvent
Status: Hooked by "<unknown>" at address 0x887fd6d0
#: 123 Function Name: NtOpenProcessToken
Status: Hooked by "<unknown>" at address 0x883d35b8
#: 129 Function Name: NtOpenThreadToken
Status: Hooked by "<unknown>" at address 0x87bb6f98
#: 206 Function Name: NtResumeThread
Status: Hooked by "<unknown>" at address 0x87bf36c0
#: 213 Function Name: NtSetContextThread
Status: Hooked by "<unknown>" at address 0x87bc2288
#: 228 Function Name: NtSetInformationProcess
Status: Hooked by "<unknown>" at address 0x87bb5f78
#: 229 Function Name: NtSetInformationThread
Status: Hooked by "<unknown>" at address 0x88854fc0
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0x8cfa9a50
#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x87c06158
#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x87bf4750
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x87c06530
#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x87bcc4e8
#: 267 Function Name: NtUnmapViewOfSection
Status: Hooked by "<unknown>" at address 0x87bcd488
#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "<unknown>" at address 0x87bbaf08
==EOF==
OTL LOG
OTL logfile created on: 10/18/2009 2:02:16 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 461.88 Gb Total Space | 103.29 Gb Free Space | 22.36% Space Free | Partition Type: NTFS
Drive D: | 3.85 Gb Total Space | 1.50 Gb Free Space | 39.05% Space Free | Partition Type: FAT32
Drive E: | 504.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-24D7B2AECF
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/18 10:34:36 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/09/16 19:17:24 | 00,972,064 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2009/09/14 13:04:36 | 02,891,576 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2009/06/24 15:03:32 | 00,078,136 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozybackup.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/27 03:27:04 | 29,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/24 22:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/30 12:14:00 | 00,159,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WTablet\Wacom_TabletUser.exe
PRC - [2008/10/30 12:13:28 | 02,749,224 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wacom_Tablet.exe
PRC - [2008/10/02 09:23:16 | 00,546,288 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2008/05/02 02:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 02:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/12/12 18:23:26 | 00,020,480 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
PRC - [2007/09/29 03:56:34 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/08/09 00:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
PRC - [2007/07/14 16:14:43 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/05/08 17:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2007/04/19 13:49:52 | 00,064,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
PRC - [2007/01/17 17:57:52 | 00,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2007/01/17 17:47:45 | 00,555,008 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2007/01/17 17:47:45 | 00,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2007/01/17 17:47:45 | 00,195,584 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
PRC - [2007/01/17 17:47:45 | 00,169,984 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2007/01/17 17:47:45 | 00,089,600 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.exe
PRC - [2007/01/12 03:09:28 | 00,488,984 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/01/09 22:59:52 | 00,115,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2007/01/09 22:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/01/01 14:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/11/13 14:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
PRC - [2006/11/13 14:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/09/02 17:36:34 | 00,198,336 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2006/09/01 22:33:40 | 00,046,736 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/07/06 08:15:00 | 00,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PRC - [2006/07/06 08:14:30 | 00,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
PRC - [2006/06/30 07:31:10 | 01,106,386 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2006/06/29 20:06:32 | 01,848,150 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2006/06/29 20:06:00 | 00,126,976 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2006/06/29 20:05:58 | 00,204,800 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2006/01/02 18:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
PRC - [2005/12/09 19:44:40 | 00,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
PRC - [2005/11/08 22:25:46 | 00,716,800 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTXFISPI.EXE
PRC - [2005/10/29 21:31:06 | 00,018,944 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTXFIHLP.EXE
PRC - [2005/10/29 21:31:06 | 00,016,384 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2005/01/18 18:37:30 | 00,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005/01/18 18:08:36 | 00,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2004/11/04 20:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2004/11/04 20:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004/10/08 12:52:32 | 00,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\LVCOMSX.EXE
PRC - [2004/04/06 13:04:38 | 00,053,248 | ---- | M] (Netscape Communications Corporation) -- C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/09/16 18:01:16 | 00,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService [Disabled | Stopped])
SRV - [2009/06/24 15:03:32 | 00,078,136 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozybackup.exe -- (mozybackup [Auto | Running])
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/05/27 03:27:04 | 29,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$DYNASCAPE [Auto | Running])
SRV - [2009/05/07 09:28:59 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/11/24 22:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Running])
SRV - [2008/11/24 22:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser [Auto | Running])
SRV - [2008/11/24 22:31:08 | 00,045,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper [Disabled | Stopped])
SRV - [2008/10/30 12:13:28 | 02,749,224 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wacom_Tablet.exe -- (TabletServiceWacom [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/05/02 02:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/02/11 15:39:29 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [On_Demand | Stopped])
SRV - [2008/01/29 17:09:02 | 00,394,704 | ---- | M] (Symantec, Inc.) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist [On_Demand | Stopped])
SRV - [2007/11/28 20:51:10 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Stopped])
SRV - [2007/11/26 16:41:43 | 00,658,432 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2007/09/29 03:56:34 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/08/09 12:10:36 | 00,081,408 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager [On_Demand | Stopped])
SRV - [2007/08/09 00:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2007/01/18 20:15:54 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/01/17 17:57:52 | 00,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL [Auto | Running])
SRV - [2007/01/09 22:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex [Auto | Running])
SRV - [2007/01/09 22:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService [Auto | Running])
SRV - [2007/01/09 22:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr [Auto | Running])
SRV - [2007/01/09 22:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr [Auto | Running])
SRV - [2006/11/09 15:30:14 | 00,065,536 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService [On_Demand | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/09/05 19:22:26 | 00,079,496 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc [On_Demand | Stopped])
SRV - [2006/09/03 01:54:52 | 00,048,272 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost [On_Demand | Stopped])
SRV - [2006/09/02 17:36:34 | 02,528,960 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2006/09/02 17:36:34 | 00,198,336 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2006/09/01 22:33:40 | 00,046,736 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore [Auto | Running])
SRV - [2006/07/06 08:14:30 | 00,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON [Auto | Running])
SRV - [2006/06/29 20:05:58 | 00,204,800 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc [Auto | Running])
SRV - [2004/04/06 13:04:38 | 00,053,248 | ---- | M] (Netscape Communications Corporation) -- C:\Program Files\Netscape Internet Service\ncupdatesvc.exe -- (NCUpdateSvc [Auto | Running])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?sourceid=navclien...UTF-8&hl=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?sourceid=navclient&ie=UTF-8&hl=en"
FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..network.proxy.no_proxies_on: "localhost,*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/19 16:06:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/14 09:11:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/15 10:24:34 | 00,000,000 | ---D | M]
[2008/08/06 17:49:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2008/08/06 17:49:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/17 18:10:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\5z16xvor.default\extensions
[2009/08/20 12:05:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\5z16xvor.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/11 07:42:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\5z16xvor.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
[2009/09/13 17:31:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\5z16xvor.default\extensions\staged-xpis
[2009/10/18 13:59:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/10 11:03:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/13 09:22:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/09/10 11:03:23 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/10 11:03:24 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/25 11:31:36 | 00,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
[2009/02/25 11:31:37 | 00,126,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcext.dll
[2009/02/25 11:31:36 | 00,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2009/09/10 11:03:26 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/03/22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2009/10/02 22:13:10 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/09/14 09:11:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/09/14 09:11:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/14 09:11:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/14 09:11:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/14 09:11:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/14 09:11:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/14 09:11:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/08/27 13:34:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/27 13:34:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/27 13:34:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/27 13:34:04 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/27 13:34:04 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/27 13:34:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/27 13:34:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (Symantec Corporation)
O2 - BHO: (PBlockHelper Class) - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\pbhelper.dll (planetscott.ca)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\System32\BAE.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [Gateway Extended Warranty] C:\Program Files\Gateway\GWCares\GWCares.exe (BillP Studios)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Bridge Cache.bc ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Bridge Cache.bct ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\sliplsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\sliplsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\sliplsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\sliplsp.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF} http://server.mymeet....com/join_a.cab (Web Conferencing)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CBFF31B5-91C0-4361-98BD-4C56D0F9CDAC} http://www.darcydaniels.com/-/_deluxeAdmin...opUploader2.cab (Drag and Drop Uploader Control)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://edelman.webe...ent/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {F89EF74A-956B-4BD3-A066-4F23DF891982} http://www.betterphoto.com/_shared/uploadI...opUploader2.cab (Drag and Drop Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/18 20:40:25 | 00,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 12:15:24 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/10/18 10:56:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/18 10:56:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/10/09 12:18:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Office Genuine Advantage
[2009/10/18 10:37:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\U3
[2009/10/18 10:52:31 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/10/18 10:56:32 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/18 10:56:33 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/18 10:56:32 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/18 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/18 10:38:10 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/18 10:38:09 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/13 21:06:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\SQL9_KB970892_ENU
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK
[2009/10/08 16:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA
[2007/01/05 11:13:51 | 00,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
========== Files - Modified Within 14 Days ==========
[2 C:\Documents and Settings\Administrator\Desktop\*.tmp files]
[2009/10/18 13:58:46 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/18 13:53:35 | 00,013,698 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Bridge Cache.bc
[2009/10/18 13:53:35 | 00,000,204 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Bridge Cache.bct
[2009/10/18 13:37:51 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/18 13:37:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/18 13:37:21 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/18 13:35:36 | 00,064,984 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000005-00211102}.rfx
[2009/10/18 13:35:36 | 00,054,320 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00211102}.rfx
[2009/10/18 13:35:36 | 00,054,320 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000002-00001102-00000005-00211102}.rfx
[2009/10/18 13:35:36 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/10/18 13:35:36 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/10/18 13:34:48 | 00,000,683 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/18 13:34:48 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/18 13:34:48 | 00,000,216 | -HS- | M] () -- C:\boot.ini
[2009/10/18 12:16:17 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DBBBB301-784B-4D96-9918-19A30C351435}.job
[2009/10/18 10:56:35 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/18 10:34:36 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/18 10:33:02 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/18 08:32:54 | 00,003,626 | ---- | M] () -- C:\WINDOWS\mozy.blk
[2009/10/18 08:32:54 | 00,002,912 | ---- | M] () -- C:\WINDOWS\mozy.flt
[2009/10/17 19:02:55 | 02,640,360 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/10/17 17:57:33 | 00,270,886 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\X-240_Pmat_AMR.pdf
[2009/10/15 19:21:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/15 10:24:34 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/10/14 17:44:46 | 00,239,616 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/13 21:16:12 | 00,597,118 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/13 21:16:12 | 00,508,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/13 21:16:12 | 00,097,068 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/13 21:12:04 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/12 07:52:16 | 00,000,580 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2009/10/05 12:38:50 | 00,000,083 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\keycodes.xml
[2009/10/05 12:26:16 | 00,000,009 | ---- | M] () -- C:\WINDOWS\Flora_Jn
========== Files - No Company Name ==========
[2009/10/18 13:56:33 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/18 13:53:21 | 00,013,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Bridge Cache.bc
[2009/10/18 13:53:21 | 00,000,204 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Bridge Cache.bct
[2009/10/18 10:56:35 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/17 17:56:14 | 00,270,886 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\X-240_Pmat_AMR.pdf
[2009/10/15 10:24:34 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/04/10 08:35:25 | 02,208,943 | ---- | C] () -- C:\Program Files\TweetDeck_0_25.air
[2009/01/14 00:47:11 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\RemoteControl.dll
[2008/12/17 15:33:05 | 00,038,502 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Comma Separated Values (Windows).ADR
[2008/05/05 16:17:59 | 00,000,260 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
[2007/12/13 11:48:09 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\securegg.dll
[2007/12/13 11:48:09 | 00,049,152 | ---- | C] () -- C:\WINDOWS\ggimgprocess.dll
[2007/12/12 18:32:18 | 00,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/12/12 18:21:49 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Installer.log
[2007/05/15 08:24:15 | 00,000,026 | ---- | C] () -- C:\WINDOWS\FPKPMSV.INI
[2007/03/27 08:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/02/19 16:49:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Flora.ini
[2007/02/09 13:42:20 | 00,013,698 | ---- | C] () -- C:\Program Files\Common Files\Adobe Bridge Cache.bc
[2007/02/09 13:42:20 | 00,000,008 | ---- | C] () -- C:\Program Files\Common Files\Adobe Bridge Cache.bct
[2007/02/09 13:26:57 | 00,027,378 | ---- | C] () -- C:\Program Files\Adobe Bridge Cache.bc
[2007/02/09 13:26:57 | 00,000,008 | ---- | C] () -- C:\Program Files\Adobe Bridge Cache.bct
[2007/02/01 19:05:29 | 00,001,790 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/01/30 19:22:08 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
[2007/01/24 10:47:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2007/01/24 10:47:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2007/01/21 22:14:23 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/01/19 16:51:26 | 00,239,616 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/19 15:06:41 | 00,000,597 | ---- | C] () -- C:\WINDOWS\DSIPRO5S.INI
[2007/01/19 11:59:14 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\FDUTL14.DLL
[2007/01/19 11:59:14 | 00,047,104 | ---- | C] () -- C:\WINDOWS\System32\Ivtrn13.dll
[2007/01/19 11:55:04 | 00,001,785 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/01/19 11:55:04 | 00,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2007/01/19 11:48:25 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2007/01/18 20:53:18 | 00,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2007/01/18 20:40:25 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2007/01/18 20:40:25 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/18 20:40:25 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2007/01/18 20:40:25 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2007/01/18 20:40:25 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2007/01/18 20:40:25 | 00,001,194 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/01/18 17:48:16 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/01/18 17:39:34 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/01/18 17:35:10 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\dsreader.dll
[2007/01/17 18:01:58 | 00,070,272 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/01/17 18:01:39 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2007/01/17 17:56:13 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2007/01/17 17:55:45 | 00,068,336 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/01/17 17:55:45 | 00,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2007/01/17 17:55:45 | 00,000,191 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/01/05 11:13:57 | 00,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/01/05 11:13:54 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2007/01/05 11:13:52 | 00,038,400 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2006/06/30 03:27:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/31 20:41:04 | 02,640,360 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2006/05/31 20:36:21 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[2006/05/31 20:17:16 | 00,001,234 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/05/31 20:17:16 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/05/31 20:17:03 | 00,000,683 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/05/31 20:17:00 | 00,000,282 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/05/31 13:23:54 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/12/20 19:24:03 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/27 14:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== LOP Check ==========
[2009/10/18 10:56:36 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2007/01/17 18:01:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATI
[2007/07/23 16:28:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Backslash
[2008/07/11 10:52:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CyberLink
[2009/01/10 11:48:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2007/05/15 08:20:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Downloaded Installations
[2007/12/17 18:17:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DSPlantCache
[2007/12/12 18:25:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FotoWire
[2007/08/09 12:10:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intuit
[2007/05/15 08:24:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Kinko's
[2007/01/17 17:57:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2008/11/18 18:01:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mioObjects
[2008/10/23 18:36:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Move Networks
[2008/08/25 13:34:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OfficeUpdate12
[2007/02/08 16:53:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2009/02/13 12:05:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Pamela
[2007/12/15 12:30:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PEERNET
[2007/01/17 17:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2008/05/05 16:17:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Template
[2008/07/15 19:01:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TimeBridge
[2009/04/10 08:37:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2009/10/18 10:39:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\U3
[2009/02/25 11:32:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WebEx
[2009/10/18 13:37:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WTablet
[2007/01/17 17:55:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
[2009/10/18 10:56:32 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/17 09:30:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/09/14 09:16:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/06 18:28:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/01/19 15:13:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2007/08/09 11:58:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2007/03/12 10:19:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2007/11/26 16:44:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2007/08/09 12:36:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2008/02/17 17:15:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kinko's
[2008/01/07 09:28:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008/12/04 15:26:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2007/01/17 17:52:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2007/01/17 17:47:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Netscape Internet Service
[2007/12/13 11:48:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PEERNET
[2007/01/21 22:11:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/01/18 20:39:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/06/29 22:33:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2007/01/17 17:55:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2007/01/18 20:41:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/12/01 14:33:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/01/17 17:55:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/02/26 19:55:44 | 00,013,698 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Bridge Cache.bc
[2008/02/26 19:55:44 | 00,000,064 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Bridge Cache.bct
[2009/10/15 19:21:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 19:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/12 07:52:16 | 00,000,580 | ---- | M] () -- C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2009/10/18 13:37:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/18 12:16:17 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DBBBB301-784B-4D96-9918-19A30C351435}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32\eventlog.dll >
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/13 17:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
========== Alternate Data Streams ==========
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9F182780
< End of report >
OTL "Extras" Log
OTL Extras logfile created on: 10/18/2009 2:02:16 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 461.88 Gb Total Space | 103.29 Gb Free Space | 22.36% Space Free | Partition Type: NTFS
Drive D: | 3.85 Gb Total Space | 1.50 Gb Free Space | 39.05% Space Free | Partition Type: FAT32
Drive E: | 504.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-24D7B2AECF
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1700:TCP" = 1700:TCP:*:Enabled:MioNet Remote Drive Access 0
"1701:TCP" = 1701:TCP:*:Enabled:MioNet Remote Drive Access 1
"1702:TCP" = 1702:TCP:*:Enabled:MioNet Remote Drive Access 2
"1703:TCP" = 1703:TCP:*:Enabled:MioNet Remote Drive Access 3
"1704:TCP" = 1704:TCP:*:Enabled:MioNet Remote Drive Access 4
"1705:TCP" = 1705:TCP:*:Enabled:MioNet Remote Drive Access 5
"1706:TCP" = 1706:TCP:*:Enabled:MioNet Remote Drive Access 6
"1707:TCP" = 1707:TCP:*:Enabled:MioNet Remote Drive Access 7
"1708:TCP" = 1708:TCP:*:Enabled:MioNet Remote Drive Access 8
"1709:TCP" = 1709:TCP:*:Enabled:MioNet Remote Drive Access 9
"1641:TCP" = 1641:TCP:*:Enabled:MioNet Remote Drive Verification
"1647:TCP" = 1647:TCP:*:Enabled:MioNet Storage Device Configuration
"5432:UDP" = 5432:UDP:*:Enabled:MioNet Storage Device Discovery
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe" = C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.)
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( )
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe" = C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems, Inc.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe:*:Enabled:QuickBooks 2007 Data Manager -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Documents and Settings\Administrator\Application Data\TimeBridge\TimeBridge Connector for Outlook\TimeBridgeConnectorForOutlook.exe" = C:\Documents and Settings\Administrator\Application Data\TimeBridge\TimeBridge Connector for Outlook\TimeBridgeConnectorForOutlook.exe:*:Enabled:TimeBridge Connector for Outlook -- File not found
"C:\Program Files\MioNet\MioNetManager.exe" = C:\Program Files\MioNet\MioNetManager.exe:*:Enabled:MioNetManager -- File not found
"C:\Program Files\MioNet\jvm\bin\MioNet.exe" = C:\Program Files\MioNet\jvm\bin\MioNet.exe:*:Enabled:MioNet -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{141988D0-7336-43A4-8817-9BD27D3E6301}" = DynaSCAPE Design
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{16645DBC-987F-4EA1-B7FE-55E112AFCA8F}" = ATI Catalyst Control Center
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (DYNASCAPE)
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3EF26ABD-1B11-43CB-852B-FB2D30528560}" = MozyHome Remote Backup
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"{4FFB0B3B-BF82-4248-A275-630AC5F7EFC5}" = Adobe Photoshop Lightroom 2.4
"{51C48D1F-9BBF-450A-BBCE-1D775AB94B15}" = FileMaker Pro 9
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{59764455-3D2B-4842-A812-E72174152788}" = DynaSCAPE Quote
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5BBEC0A2-10E9-480B-B8C6-9E5AE72441F3}" = Symantec Real Time Storage Protection Component
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype 3.8
"{5D6EC6F7-9B38-4a02-B063-97C2048B56A2}" = 7200_Help
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A012D9C-2E2E-405A-B87C-E909F5297C3F}" = Studio 10 Bonus DVD
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}" = Ad-Aware SE Personal
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
"{82EF8297-C8B2-4CA8-9430-FF2BC8C40414}" = GWCares
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9099AE3B-4C63-432A-B606-BCC9B8138FA0}" = DynaSCAPE Color
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5A994CE-3080-4D25-8937-F0F72DFD02CB}" = SymNet
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A7391302-FADF-4314-80DC-C757DAE45178}" = 7200
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.7
"{AC966B90-53CA-4710-8EEE-57ED25387872}" = 7200Trb
"{B1914265-0D07-48E0-A937-F20A76D0032D}" = Acronis True Image Home
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F54F38C8-FEDE-11D4-83D2-0090276216BF}" = PlantMaster 5.5 US National
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FFC3B772-C00A-42da-90A6-A87F4AFD73D9}" = Netscape Internet Service
"{FFC3B772-C00A-42da-90A6-A87F4AFD73E0}" = Netscape Web Accelerator
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe SVG Viewer" = Adobe SVG Viewer
"All ATI Software" = ATI - Software Uninstall Utility
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"BigFix" = BigFix
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP
"e/pop Web Conferencing Client_is1" = e/pop Web Conferencing Client
"ERUNT_is1" = ERUNT 1.1j
"getPlus®_ocx" = getPlus®_ocx
"Google Calendar Sync" = Google Calendar Sync
"Google Desktop" = Google Desktop
"gtw_logo" = gtw_logo
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"HP Photo & Imaging" = HP Image Zone 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pamela" = Pamela Pro 4.0
"Picsel Technologies Ltd - Picsel File Viewer" = Picsel File Viewer
"PIXELRULER" = PIXELRULER
"proDAD-Heroglyph-2.0" = proDAD Heroglyph 2.0
"PROSet" = Intel® PRO Network Connections Drivers
"QcDrv" = LogitechŪ Camera Driver
"Quicken 2002 Home & Business" = Quicken 2002 Home & Business
"RealPlayer 6.0" = RealPlayer Basic
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wacom Tablet Driver" = Wacom Tablet
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Abacast Client" = Abacast Client
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/16/2009 3:42:32 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1002
Description = Hanging application lightroom.exe, version 2.4.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/16/2009 3:57:23 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1001
Description = Fault bucket 1335111398.
Error - 10/17/2009 8:09:23 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1002
Description = Hanging application SetPoint.exe, version 4.60.122.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 8:10:07 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.0.1.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 8:10:19 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1001
Description = Fault bucket 1474318108.
Error - 10/17/2009 8:30:23 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.0.1.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 8:45:17 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.0.1.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 9:34:25 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.0.1.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 9:34:36 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Hang | ID = 1001
Description = Fault bucket 1474318108.
Error - 10/18/2009 1:59:23 PM | Computer Name = YOUR-24D7B2AECF | Source = Application Error | ID = 1000
Description = Faulting application bigfix.exe, version 2.0.2.3, faulting module
unknown, version 0.0.0.0, fault address 0x00a72f92.
[ System Events ]
Error - 10/18/2009 8:39:18 AM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 8:49:24 AM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 8:59:30 AM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 9:09:36 AM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 10:00:05 AM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 10:15:13 AM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 3:23:46 PM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 3:38:43 PM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 3:53:59 PM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
Error - 10/18/2009 4:11:42 PM | Computer Name = YOUR-24D7B2AECF | Source = PlugPlayManager | ID = 12
Description = The device 'RAS Async Adapter' (SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac)
disappeared from the system without first being prepared for removal.
< End of report >
