Thank you for any input you can give me!
Renee Seay
Here are the logs:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/26 00:29
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: F:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA866D000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: F:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA5C0000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: F:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA4904000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 012 Function Name: NtAlertResumeThread
Status: Hooked by "<unknown>" at address 0x8a3902e8
#: 013 Function Name: NtAlertThread
Status: Hooked by "<unknown>" at address 0x8a2cb338
#: 017 Function Name: NtAllocateVirtualMemory
Status: Hooked by "<unknown>" at address 0x8a596208
#: 031 Function Name: NtConnectPort
Status: Hooked by "<unknown>" at address 0x8a5386c0
#: 043 Function Name: NtCreateMutant
Status: Hooked by "<unknown>" at address 0x8a542248
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x8a4ed270
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "F:\Program Files\Symantec\SYMEVENT.SYS" at address 0xa8c4b350
#: 083 Function Name: NtFreeVirtualMemory
Status: Hooked by "<unknown>" at address 0x8a5476e8
#: 089 Function Name: NtImpersonateAnonymousToken
Status: Hooked by "<unknown>" at address 0x8a542308
#: 091 Function Name: NtImpersonateThread
Status: Hooked by "<unknown>" at address 0x8a390268
#: 108 Function Name: NtMapViewOfSection
Status: Hooked by "<unknown>" at address 0x8a3212b8
#: 114 Function Name: NtOpenEvent
Status: Hooked by "<unknown>" at address 0x8a2f6090
#: 123 Function Name: NtOpenProcessToken
Status: Hooked by "<unknown>" at address 0x8a2e62e8
#: 129 Function Name: NtOpenThreadToken
Status: Hooked by "<unknown>" at address 0x8a2f1420
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "<unknown>" at address 0x8a320080
#: 206 Function Name: NtResumeThread
Status: Hooked by "<unknown>" at address 0x8a365318
#: 213 Function Name: NtSetContextThread
Status: Hooked by "<unknown>" at address 0x8a30a758
#: 228 Function Name: NtSetInformationProcess
Status: Hooked by "<unknown>" at address 0x8a3065c0
#: 229 Function Name: NtSetInformationThread
Status: Hooked by "<unknown>" at address 0x8a333978
#: 247 Function Name: NtSetValueKey
Status: Hooked by "F:\Program Files\Symantec\SYMEVENT.SYS" at address 0xa8c4b580
#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x8a2f6058
#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x8a5180d0
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x8a2dfa60
#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x8a310448
#: 267 Function Name: NtUnmapViewOfSection
Status: Hooked by "<unknown>" at address 0x8a391448
#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "<unknown>" at address 0x8a593960
==EOF==
Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3
11/26/2009 12:23:12 AM
mbam-log-2009-11-26 (00-23-12).txt
Scan type: Quick Scan
Objects scanned: 110511
Time elapsed: 2 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 11/26/2009 12:50:30 AM - Run 1
OTL by OldTimer - Version 3.1.10.1 Folder = L:\Fix the comp
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
C: Drive not present or media not loaded
Drive D: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 12.68 Gb Total Space | 0.43 Gb Free Space | 3.39% Space Free | Partition Type: FAT32
Drive G: | 24.40 Gb Total Space | 20.78 Gb Free Space | 85.14% Space Free | Partition Type: FAT32
Drive H: | 195.77 Gb Total Space | 181.06 Gb Free Space | 92.49% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 24.41 Gb Total Space | 9.89 Gb Free Space | 40.52% Space Free | Partition Type: NTFS
Drive L: | 1.91 Gb Total Space | 0.50 Gb Free Space | 26.02% Space Free | Partition Type: FAT
Computer Name: SEAY-01
Current User Name: Renee
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/11/25 23:56:26 | 00,531,456 | ---- | M] (OldTimer Tools) -- L:\Fix the comp\OTL.exe
PRC - [2009/07/27 19:19:10 | 00,199,184 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2009/07/01 19:13:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/01 19:13:40 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/12/09 16:09:30 | 00,068,136 | ---- | M] () -- F:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008/10/27 10:27:18 | 00,317,992 | ---- | M] (Gigabyte) -- F:\Program Files\Gigabyte\GBTUpd\RunUpd.exe
PRC - [2008/09/18 09:14:10 | 00,880,640 | ---- | M] (brother) -- F:\Program Files\Brownie\BrStsWnd.exe
PRC - [2008/08/26 01:51:18 | 16,851,456 | R--- | M] (Realtek Semiconductor Corp.) -- F:\WINDOWS\RTHDCPL.EXE
PRC - [2008/08/20 22:05:56 | 00,573,440 | ---- | M] (ATI Technologies Inc.) -- F:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/08/20 22:05:56 | 00,573,440 | ---- | M] (ATI Technologies Inc.) -- F:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/06/09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- F:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/06/09 10:16:32 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 12:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe
PRC - [2008/04/14 12:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/14 08:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008/04/14 08:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\snmp.exe
PRC - [2008/04/14 08:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/03/25 17:21:56 | 00,219,656 | ---- | M] () -- F:\Program Files\Gigabyte\ET6\GUI.exe
PRC - [2008/02/08 11:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.) -- F:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2008/01/30 04:52:22 | 00,106,496 | ---- | M] (WDC) -- F:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
PRC - [2008/01/30 04:50:26 | 00,438,272 | ---- | M] (WDC) -- F:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
PRC - [2008/01/11 12:54:44 | 00,090,112 | ---- | M] (brother) -- F:\Program Files\Brownie\brpjp04a.exe
PRC - [2007/12/01 17:38:16 | 00,038,400 | R--- | M] () -- F:\Program Files\Corel\Corel MediaOne\CorelIOMonitor.exe
PRC - [2007/07/17 11:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007/07/17 11:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007/06/27 19:04:00 | 01,213,736 | ---- | M] (Nero AG) -- F:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- F:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) -- F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/06/25 08:47:24 | 01,629,480 | ---- | M] (Nero AG) -- F:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007/06/25 08:47:12 | 01,552,680 | ---- | M] (Nero AG) -- F:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007/06/25 08:47:02 | 01,057,064 | ---- | M] (Nero AG) -- F:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2007/06/05 13:20:32 | 00,177,704 | ---- | M] () -- F:\WINDOWS\system32\PSIService.exe
PRC - [2006/10/27 15:23:04 | 00,347,432 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Office\Office12\WINWORD.EXE
PRC - [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006/10/26 20:24:54 | 00,098,632 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
PRC - [2006/10/24 19:33:00 | 00,125,120 | ---- | M] (Symantec Corporation) -- F:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/10/24 19:32:50 | 01,813,184 | ---- | M] (Symantec Corporation) -- F:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/10/24 19:32:40 | 00,031,424 | ---- | M] (Symantec Corporation) -- F:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/07/19 19:26:12 | 00,169,632 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/07/19 19:26:06 | 00,192,160 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/07/19 19:26:04 | 00,052,896 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/04/11 17:13:38 | 01,160,848 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2006/03/15 15:04:20 | 00,425,984 | ---- | M] (MSI Technology, Corp.) -- F:\Program Files\MSI\Common\RaUI.exe
PRC - [2005/02/17 07:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/12/14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\wdfmgr.exe
========== Modules (SafeList) ==========
MOD - [2009/11/25 23:56:26 | 00,531,456 | ---- | M] (OldTimer Tools) -- L:\Fix the comp\OTL.exe
MOD - [2008/04/14 12:00:00 | 01,054,208 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/14 08:00:00 | 00,185,344 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\wbem\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (NeroRegInCDSrv)
SRV - [2009/07/01 19:13:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/12/09 16:09:30 | 00,068,136 | ---- | M] () -- F:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2008/11/20 15:18:52 | 00,136,120 | ---- | M] (Google) -- F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/08/20 22:05:56 | 00,573,440 | ---- | M] (ATI Technologies Inc.) -- F:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008/08/20 21:05:00 | 00,593,920 | ---- | M] () -- F:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2008/06/09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- F:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/04/14 08:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 08:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 08:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 08:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 08:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/30 04:52:22 | 00,106,496 | ---- | M] (WDC) -- F:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2007/06/29 19:16:56 | 00,800,040 | ---- | M] (Nero AG) -- F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- F:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/06/25 08:47:12 | 01,552,680 | ---- | M] (Nero AG) -- F:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007/06/05 13:20:32 | 00,177,704 | ---- | M] () -- F:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/24 19:32:54 | 00,116,416 | ---- | M] (symantec) -- F:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/10/24 19:32:50 | 01,813,184 | ---- | M] (Symantec Corporation) -- F:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/10/24 19:32:40 | 00,031,424 | ---- | M] (Symantec Corporation) -- F:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/08/25 12:00:40 | 02,528,960 | ---- | M] (Symantec Corporation) -- F:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/08/07 16:03:02 | 00,214,720 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/07/19 19:26:12 | 00,169,632 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/07/19 19:26:06 | 00,192,160 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/04/11 17:13:38 | 01,160,848 | ---- | M] (Symantec Corporation) -- F:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = F:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: F:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/01 19:13:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Program Files\Mozilla Firefox\components [2009/06/11 15:11:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Program Files\Mozilla Firefox\plugins [2009/06/11 15:11:58 | 00,000,000 | ---D | M]
[2009/06/11 15:12:22 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Mozilla\Extensions
[2009/06/11 15:12:22 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/11 15:12:22 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Mozilla\Firefox\Profiles\0y4ptdy0.default\extensions
[2009/07/03 11:20:28 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Mozilla\Firefox\Profiles\0y4ptdy0.default\extensions\[email protected]
O1 HOSTS File: (734 bytes) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Dictionary.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Dictionary.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [Alcmtr] F:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BrStsWnd] F:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [ccApp] F:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Corel File Shell Monitor] F:\Program Files\Corel\Corel MediaOne\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] F:\Program Files\Corel\Corel MediaOne\Corel PhotoDownloader.exe File not found
O4 - HKLM..\Run: [EasyTuneVI] F:\Program Files\Gigabyte\ET6\ETcall.exe ()
O4 - HKLM..\Run: [GBTUpd] F:\Program Files\Gigabyte\GBTUpd\PreRun.exe (PreRun)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [GrooveMonitor] G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [InCD] F:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [ISUSPM Startup] F:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] G:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] F:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SecurDisc] F:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vptray] F:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [WD Drive Manager] F:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [LightScribe Control Panel] F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\MSI Wireless Utility.lnk = F:\Program Files\MSI\Common\RaUI.exe (MSI Technology, Corp.)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = F:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: F:\Documents and Settings\Renee\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = G:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - F:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - G:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - G:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - F:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - F:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - F:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - F:\WINDOWS\system32\NavLogon.dll - F:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - F:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/06 07:26:23 | 00,000,309 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - J:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5554885e-2984-11de-ac9d-002421432eca}\Shell - "" = AutoRun
O33 - MountPoints2\{5554885e-2984-11de-ac9d-002421432eca}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5554885e-2984-11de-ac9d-002421432eca}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- [2007/10/23 02:45:39 | 01,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - F:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - File not found
NetSvcs: Ias - F:\WINDOWS\system32\ias [2009/04/12 05:07:40 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - F:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16892059130527744)
========== Files/Folders - Created Within 14 Days ==========
[2009/11/26 00:20:07 | 00,000,000 | ---D | C] -- F:\Documents and Settings\Renee\Application Data\Malwarebytes
[2009/11/26 00:20:04 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/26 00:20:03 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbam.sys
[2009/11/26 00:20:03 | 00,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/25 01:31:50 | 00,000,000 | -HSD | C] -- F:\FOUND.000
[2009/11/16 11:45:11 | 00,000,000 | ---D | C] -- F:\Documents and Settings\Renee\Application Data\QuosaDDM
[1 F:\WINDOWS\System32\drivers\*.tmp files -> F:\WINDOWS\System32\drivers\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2009/11/26 00:51:30 | 00,612,736 | ---- | M] () -- F:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/26 00:51:30 | 00,507,192 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2009/11/26 00:51:30 | 00,093,160 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2009/11/26 00:47:52 | 00,024,944 | ---- | M] () -- F:\WINDOWS\System32\drivers\GVTDrv.sys
[2009/11/26 00:47:52 | 00,000,004 | ---- | M] () -- F:\WINDOWS\System32\GVTunner.ref
[2009/11/26 00:47:46 | 00,000,441 | ---- | M] () -- F:\WINDOWS\Brownie.ini
[2009/11/26 00:47:38 | 00,017,488 | ---- | M] (Windows ® 2000 DDK provider) -- F:\WINDOWS\gdrv.sys
[2009/11/26 00:47:02 | 00,000,006 | -H-- | M] () -- F:\WINDOWS\tasks\SA.DAT
[2009/11/26 00:47:00 | 00,044,964 | ---- | M] () -- F:\WINDOWS\System32\ativvaxx.cap
[2009/11/26 00:47:00 | 00,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2009/11/26 00:46:56 | 34,880,75776 | -HS- | M] () -- F:\hiberfil.sys
[2009/11/26 00:41:18 | 03,145,728 | -H-- | M] () -- F:\Documents and Settings\Renee\NTUSER.DAT
[2009/11/26 00:40:56 | 00,000,178 | -HS- | M] () -- F:\Documents and Settings\Renee\ntuser.ini
[2009/11/26 00:20:08 | 00,000,466 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/26 00:16:22 | 00,000,402 | ---- | M] () -- F:\Documents and Settings\Renee\Desktop\ERUNT.lnk
[2009/11/25 01:28:22 | 00,008,192 | ---- | M] () -- F:\WINDOWS\$NtUninstallKB973540_WM9$
[2009/11/25 01:28:18 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB951066$
[2009/11/25 01:28:14 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB954459$
[2009/11/25 01:28:08 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB951748$
[2009/11/25 01:27:54 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB971486$
[2009/11/25 01:27:50 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB960803$
[2009/11/25 01:27:46 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB973815$
[2009/11/25 01:27:38 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB958644$
[2009/11/25 01:27:34 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB955069$
[2009/11/25 01:27:30 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB956802$
[2009/11/25 01:27:18 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB923561$
[2009/11/25 01:27:14 | 00,008,192 | -H-- | M] () -- F:\WINDOWS\$NtUninstallKB971961$
[2009/11/25 00:11:04 | 00,002,393 | ---- | M] () -- F:\Documents and Settings\Renee\Desktop\Microsoft Office Word 2007.lnk
[2009/11/24 23:48:42 | 00,043,008 | ---- | M] () -- F:\Documents and Settings\Renee\MSD final draft.doc
[2009/11/24 20:17:22 | 00,000,162 | -H-- | M] () -- F:\Documents and Settings\Renee\~$D final draft.doc
[2009/11/24 12:46:12 | 00,002,399 | ---- | M] () -- F:\Documents and Settings\Renee\Desktop\Microsoft Office Outlook 2007.lnk
[2009/11/24 09:26:32 | 00,013,646 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2009/11/23 13:45:20 | 00,000,426 | ---- | M] () -- F:\WINDOWS\BRWMARK.INI
[2009/11/20 10:16:02 | 00,000,284 | ---- | M] () -- F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 F:\WINDOWS\System32\drivers\*.tmp files -> F:\WINDOWS\System32\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/26 00:20:07 | 00,000,466 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/26 00:16:20 | 00,000,402 | ---- | C] () -- F:\Documents and Settings\Renee\Desktop\ERUNT.lnk
[2009/11/25 01:28:20 | 00,008,192 | ---- | C] () -- F:\WINDOWS\$NtUninstallKB973540_WM9$
[2009/11/25 01:28:16 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB951066$
[2009/11/25 01:28:12 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB954459$
[2009/11/25 01:28:06 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB951748$
[2009/11/25 01:27:53 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB971486$
[2009/11/25 01:27:49 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB960803$
[2009/11/25 01:27:45 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB973815$
[2009/11/25 01:27:36 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB958644$
[2009/11/25 01:27:32 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB955069$
[2009/11/25 01:27:28 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB956802$
[2009/11/25 01:27:17 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB923561$
[2009/11/25 01:27:12 | 00,008,192 | -H-- | C] () -- F:\WINDOWS\$NtUninstallKB971961$
[2009/11/24 20:17:21 | 00,000,162 | -H-- | C] () -- F:\Documents and Settings\Renee\~$D final draft.doc
[2009/11/23 13:59:01 | 00,043,008 | ---- | C] () -- F:\Documents and Settings\Renee\MSD final draft.doc
[2009/07/11 17:31:50 | 00,000,034 | ---- | C] () -- F:\WINDOWS\NPinfotl.INI
[2009/06/12 01:36:34 | 06,428,108 | -H-- | C] () -- F:\Documents and Settings\Renee\Local Settings\Application Data\IconCache.db
[2009/06/11 14:56:58 | 00,071,000 | ---- | C] () -- F:\Documents and Settings\Renee\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/11 14:56:38 | 00,000,062 | -HS- | C] () -- F:\Documents and Settings\Renee\Application Data\desktop.ini
[2009/06/10 20:05:47 | 00,000,114 | ---- | C] () -- F:\WINDOWS\System32\brlmw03a.ini
[2009/06/10 20:05:46 | 00,009,853 | ---- | C] () -- F:\WINDOWS\HL-2170W.INI
[2009/06/10 19:24:32 | 00,000,146 | ---- | C] () -- F:\WINDOWS\BRVIDEO.INI
[2009/06/10 19:24:32 | 00,000,000 | ---- | C] () -- F:\WINDOWS\brmx2001.ini
[2009/06/10 19:23:34 | 00,000,426 | ---- | C] () -- F:\WINDOWS\BRWMARK.INI
[2009/06/10 19:22:31 | 00,000,441 | ---- | C] () -- F:\WINDOWS\Brownie.ini
[2009/04/15 17:06:40 | 00,000,069 | ---- | C] () -- F:\WINDOWS\NeroDigital.ini
[2009/04/12 22:52:46 | 00,278,984 | ---- | C] () -- F:\WINDOWS\System32\drivers\atksgt.sys
[2009/04/12 22:52:45 | 00,025,416 | ---- | C] () -- F:\WINDOWS\System32\drivers\lirsgt.sys
[2009/04/12 22:04:40 | 00,003,140 | -HS- | C] () -- F:\WINDOWS\System32\KGyGaAvL.sys
[2009/04/12 22:04:40 | 00,000,008 | RHS- | C] () -- F:\WINDOWS\System32\EBC19265BB.sys
[2009/04/12 22:00:46 | 00,024,944 | ---- | C] () -- F:\WINDOWS\System32\drivers\GVTDrv.sys
[2009/04/12 21:11:02 | 00,021,791 | ---- | C] () -- F:\WINDOWS\System32\smtpctrs.ini
[2009/04/12 21:11:02 | 00,001,037 | ---- | C] () -- F:\WINDOWS\System32\ntfsdrct.ini
[2009/04/12 21:10:44 | 00,038,576 | ---- | C] () -- F:\WINDOWS\System32\w3ctrs.ini
[2009/04/12 21:10:44 | 00,010,225 | ---- | C] () -- F:\WINDOWS\System32\axperf.ini
[2009/04/12 21:10:42 | 00,011,435 | ---- | C] () -- F:\WINDOWS\System32\infoctrs.ini
[2009/04/12 21:10:41 | 00,001,793 | ---- | C] () -- F:\WINDOWS\System32\fxsperf.ini
[2009/04/12 19:34:24 | 00,000,000 | ---- | C] () -- F:\WINDOWS\vpc32.INI
[2009/04/12 19:07:55 | 00,290,918 | ---- | C] () -- F:\WINDOWS\System32\Install7x.dll
[2009/04/12 18:11:29 | 00,354,816 | ---- | C] () -- F:\WINDOWS\System32\psisdecd.dll
[2009/04/12 17:27:49 | 00,000,000 | ---- | C] () -- F:\WINDOWS\control.ini
[2009/04/12 17:24:48 | 00,000,037 | ---- | C] () -- F:\WINDOWS\vbaddin.ini
[2009/04/12 17:24:48 | 00,000,036 | ---- | C] () -- F:\WINDOWS\vb.ini
[2009/04/12 17:24:17 | 00,013,223 | ---- | C] () -- F:\WINDOWS\System32\tslabels.ini
[2009/04/12 17:24:16 | 00,001,931 | ---- | C] () -- F:\WINDOWS\System32\msdtcprf.ini
[2009/04/12 05:15:36 | 00,612,736 | ---- | C] () -- F:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/12 05:15:36 | 00,004,161 | ---- | C] () -- F:\WINDOWS\ODBCINST.INI
[2009/04/12 05:15:09 | 00,000,062 | -HS- | C] () -- F:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/04/14 12:00:00 | 01,288,192 | ---- | C] () -- F:\WINDOWS\System32\quartz.dll
[2008/04/14 12:00:00 | 01,015,477 | ---- | C] () -- F:\WINDOWS\System32\esentprf.ini
[2008/04/14 12:00:00 | 00,733,696 | ---- | C] () -- F:\WINDOWS\System32\qedwipes.dll
[2008/04/14 12:00:00 | 00,562,176 | ---- | C] () -- F:\WINDOWS\System32\qedit.dll
[2008/04/14 12:00:00 | 00,498,742 | ---- | C] () -- F:\WINDOWS\System32\dxmasf.dll
[2008/04/14 12:00:00 | 00,386,048 | ---- | C] () -- F:\WINDOWS\System32\qdvd.dll
[2008/04/14 12:00:00 | 00,355,112 | ---- | C] () -- F:\WINDOWS\System32\msjetoledb40.dll
[2008/04/14 12:00:00 | 00,279,040 | ---- | C] () -- F:\WINDOWS\System32\qdv.dll
[2008/04/14 12:00:00 | 00,270,848 | ---- | C] () -- F:\WINDOWS\System32\sbe.dll
[2008/04/14 12:00:00 | 00,252,928 | ---- | C] () -- F:\WINDOWS\System32\compatUI.dll
[2008/04/14 12:00:00 | 00,199,168 | ---- | C] () -- F:\WINDOWS\System32\ir32_32.dll
[2008/04/14 12:00:00 | 00,192,512 | ---- | C] () -- F:\WINDOWS\System32\qcap.dll
[2008/04/14 12:00:00 | 00,186,880 | ---- | C] () -- F:\WINDOWS\System32\encdec.dll
[2008/04/14 12:00:00 | 00,094,282 | ---- | C] () -- F:\WINDOWS\System32\msencode.dll
[2008/04/14 12:00:00 | 00,070,656 | ---- | C] () -- F:\WINDOWS\System32\amstream.dll
[2008/04/14 12:00:00 | 00,059,904 | ---- | C] () -- F:\WINDOWS\System32\devenum.dll
[2008/04/14 12:00:00 | 00,053,478 | ---- | C] () -- F:\WINDOWS\System32\tcpmon.ini
[2008/04/14 12:00:00 | 00,042,809 | ---- | C] () -- F:\WINDOWS\System32\key01.sys
[2008/04/14 12:00:00 | 00,042,537 | ---- | C] () -- F:\WINDOWS\System32\keyboard.sys
[2008/04/14 12:00:00 | 00,035,648 | ---- | C] () -- F:\WINDOWS\System32\ntio411.sys
[2008/04/14 12:00:00 | 00,035,424 | ---- | C] () -- F:\WINDOWS\System32\ntio412.sys
[2008/04/14 12:00:00 | 00,035,328 | ---- | C] () -- F:\WINDOWS\System32\mciqtz32.dll
[2008/04/14 12:00:00 | 00,034,560 | ---- | C] () -- F:\WINDOWS\System32\ntio804.sys
[2008/04/14 12:00:00 | 00,034,560 | ---- | C] () -- F:\WINDOWS\System32\ntio404.sys
[2008/04/14 12:00:00 | 00,033,840 | ---- | C] () -- F:\WINDOWS\System32\ntio.sys
[2008/04/14 12:00:00 | 00,029,370 | ---- | C] () -- F:\WINDOWS\System32\ntdos411.sys
[2008/04/14 12:00:00 | 00,029,274 | ---- | C] () -- F:\WINDOWS\System32\ntdos412.sys
[2008/04/14 12:00:00 | 00,029,146 | ---- | C] () -- F:\WINDOWS\System32\ntdos804.sys
[2008/04/14 12:00:00 | 00,029,146 | ---- | C] () -- F:\WINDOWS\System32\ntdos404.sys
[2008/04/14 12:00:00 | 00,027,866 | ---- | C] () -- F:\WINDOWS\System32\ntdos.sys
[2008/04/14 12:00:00 | 00,027,097 | ---- | C] () -- F:\WINDOWS\System32\country.sys
[2008/04/14 12:00:00 | 00,015,360 | ---- | C] () -- F:\WINDOWS\System32\tsd32.dll
[2008/04/14 12:00:00 | 00,014,336 | ---- | C] () -- F:\WINDOWS\System32\msdmo.dll
[2008/04/14 12:00:00 | 00,013,312 | ---- | C] () -- F:\WINDOWS\System32\win87em.dll
[2008/04/14 12:00:00 | 00,012,082 | ---- | C] () -- F:\WINDOWS\System32\rsvp.ini
[2008/04/14 12:00:00 | 00,010,240 | ---- | C] () -- F:\WINDOWS\System32\scriptpw.dll
[2008/04/14 12:00:00 | 00,010,110 | ---- | C] () -- F:\WINDOWS\System32\mqperf.ini
[2008/04/14 12:00:00 | 00,009,029 | ---- | C] () -- F:\WINDOWS\System32\ansi.sys
[2008/04/14 12:00:00 | 00,006,877 | ---- | C] () -- F:\WINDOWS\System32\pschdprf.ini
[2008/04/14 12:00:00 | 00,004,768 | ---- | C] () -- F:\WINDOWS\System32\himem.sys
[2008/04/14 12:00:00 | 00,004,126 | ---- | C] () -- F:\WINDOWS\System32\msdxmlc.dll
[2008/04/14 12:00:00 | 00,003,458 | ---- | C] () -- F:\WINDOWS\System32\rasctrs.ini
[2008/04/14 12:00:00 | 00,002,891 | ---- | C] () -- F:\WINDOWS\System32\perfci.ini
[2008/04/14 12:00:00 | 00,002,732 | ---- | C] () -- F:\WINDOWS\System32\perfwci.ini
[2008/04/14 12:00:00 | 00,002,656 | ---- | C] () -- F:\WINDOWS\System32\netware.drv
[2008/04/14 12:00:00 | 00,001,405 | ---- | C] () -- F:\WINDOWS\msdfmap.ini
[2008/04/14 12:00:00 | 00,001,152 | ---- | C] () -- F:\WINDOWS\System32\perffilt.ini
[2008/04/14 12:00:00 | 00,000,552 | ---- | C] () -- F:\WINDOWS\win.ini
[2008/04/14 12:00:00 | 00,000,343 | ---- | C] () -- F:\WINDOWS\System32\prodspec.ini
[2008/04/14 12:00:00 | 00,000,231 | ---- | C] () -- F:\WINDOWS\system.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- F:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- F:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- F:\WINDOWS\System32\gthrctr.ini
[2007/02/09 15:33:58 | 00,030,808 | ---- | C] () -- F:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2007/02/09 15:33:58 | 00,029,779 | ---- | C] () -- F:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2007/02/09 15:33:58 | 00,026,489 | ---- | C] () -- F:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2007/02/09 15:33:58 | 00,026,040 | ---- | C] () -- F:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2001/08/17 22:36:28 | 00,157,696 | ---- | C] () -- F:\WINDOWS\System32\paqsp.dll
========== LOP Check ==========
[2009/04/12 05:14:52 | 00,000,000 | --SD | M] -- F:\Documents and Settings\All Users\Application Data\Microsoft
[2009/04/12 18:01:40 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Nero
[2009/04/12 18:04:10 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Ahead
[2009/04/12 18:15:32 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ATI
[2009/04/12 19:25:50 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WinZip
[2009/04/12 19:31:50 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Symantec
[2009/04/12 19:35:54 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Adobe
[2009/04/12 21:19:10 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\InstallShield
[2009/04/12 21:25:24 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Corel
[2009/04/12 21:36:50 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Roxio
[2009/04/12 21:37:16 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Sonic
[2009/04/12 21:37:18 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Uninstall
[2009/04/12 22:22:48 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\LightScribe
[2009/04/15 02:12:42 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Intuit
[2009/04/15 19:35:44 | 00,000,000 | --SD | M] -- F:\Documents and Settings\All Users\Application Data\WD
[2009/04/15 22:11:38 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Memeo
[2009/06/10 18:51:04 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Brother
[2009/06/11 00:20:38 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/09/05 13:49:46 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\NOS
[2009/10/27 00:44:10 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009/10/29 00:44:10 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\McAfee
[2009/11/07 16:10:04 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Apple
[2009/11/07 16:10:32 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/11/26 00:20:04 | 00,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/12 05:14:52 | 00,000,000 | --SD | M] -- F:\Documents and Settings\Renee\Application Data\Microsoft
[2009/06/11 14:56:50 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Identities
[2009/06/11 14:56:58 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\ATI
[2009/06/11 15:02:06 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Help
[2009/06/11 15:03:38 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Adobe
[2009/06/11 15:03:38 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\AdobeUM
[2009/06/11 15:04:06 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Macromedia
[2009/06/11 15:04:24 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/06/11 15:04:26 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\U3
[2009/06/11 15:12:22 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Mozilla
[2009/06/12 16:21:10 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\SecondLife
[2009/06/12 16:30:52 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Windows Desktop Search
[2009/06/28 16:35:16 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Windows Search
[2009/07/01 19:12:38 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Sun
[2009/07/10 18:37:16 | 00,000,000 | R--D | M] -- F:\Documents and Settings\Renee\Application Data\Brother
[2009/07/11 17:01:20 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Corel
[2009/07/20 16:02:46 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\webex
[2009/09/03 23:54:04 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\InstallShield
[2009/11/16 11:45:12 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\QuosaDDM
[2009/11/26 00:20:08 | 00,000,000 | ---D | M] -- F:\Documents and Settings\Renee\Application Data\Malwarebytes
[2008/04/14 08:00:00 | 00,000,065 | RH-- | M] () -- F:\WINDOWS\Tasks\desktop.ini
[2009/11/26 00:47:02 | 00,000,006 | -H-- | M] () -- F:\WINDOWS\Tasks\SA.DAT
[2009/11/20 10:16:02 | 00,000,284 | ---- | M] () -- F:\WINDOWS\Tasks\AppleSoftwareUpdate.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[1 F:\WINDOWS\system32\drivers\*.tmp files -> F:\WINDOWS\system32\drivers\*.tmp -> ]
< MD5 for: ATAPI.SYS >
[2008/04/14 12:00:00 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- F:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 08:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- F:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 12:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- F:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/14 08:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- F:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 12:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- F:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/14 08:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- F:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 12:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- F:\WINDOWS\system32\scecli.dll
< End of report >
OTL Extras logfile created on: 11/26/2009 12:50:30 AM - Run 1
OTL by OldTimer - Version 3.1.10.1 Folder = L:\Fix the comp
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
C: Drive not present or media not loaded
Drive D: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 12.68 Gb Total Space | 0.43 Gb Free Space | 3.39% Space Free | Partition Type: FAT32
Drive G: | 24.40 Gb Total Space | 20.78 Gb Free Space | 85.14% Space Free | Partition Type: FAT32
Drive H: | 195.77 Gb Total Space | 181.06 Gb Free Space | 92.49% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 24.41 Gb Total Space | 9.89 Gb Free Space | 40.52% Space Free | Partition Type: NTFS
Drive L: | 1.91 Gb Total Space | 0.50 Gb Free Space | 26.02% Space Free | Partition Type: FAT
Computer Name: SEAY-01
Current User Name: Renee
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- F:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "G:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "F:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "F:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "G:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "F:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "F:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- G:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "F:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "F:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\Installation\Setupx.exe" = E:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup -- File not found
"F:\Program Files\Gigabyte\EasySaver\UpdExe.exe" = F:\Program Files\Gigabyte\EasySaver\UpdExe.exe:*:Enabled:Exe File -- (GIGABYTE)
"F:\Program Files\Gigabyte\EasySaver\GBTUpd.exe" = F:\Program Files\Gigabyte\EasySaver\GBTUpd.exe:*:Enabled:GBTUpd.exe -- (GIGABYTE)
"F:\Program Files\Gigabyte\GBTUpd\GBTUpd.exe" = F:\Program Files\Gigabyte\GBTUpd\GBTUpd.exe:*:Enabled:GBTUpd.exe -- (GIGABYTE)
"F:\Program Files\Gigabyte\GBTUpd\RunUpd.exe" = F:\Program Files\Gigabyte\GBTUpd\RunUpd.exe:*:Enabled:RunUpd -- (Gigabyte)
"H:\Neverwinter\nwn2main.exe" = H:\Neverwinter\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main -- (Obsidian Entertainment, Inc.)
"H:\Neverwinter\nwn2main_amdxp.exe" = H:\Neverwinter\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD -- (Obsidian Entertainment, Inc.)
"H:\Neverwinter\nwupdate.exe" = H:\Neverwinter\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater -- (Obsidian Entertainment, Inc.)
"H:\Neverwinter\nwn2server.exe" = H:\Neverwinter\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server -- (Obsidian Entertainment, Inc.)
"F:\Program Files\SecondLife\SLVoice.exe" = F:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice -- File not found
"G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"G:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = G:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"F:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe" = F:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe:*:Enabled:BRAdmin Light -- (Brother Industries, Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022C4B5F-4A59-48DD-08A6-6EC5832DBFFE}" = Catalyst Control Center Localization Chinese Standard
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B8.1208.1
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1148CE6F-6956-6ED3-1DBF-0A0046427A3E}" = CCC Help Swedish
"{1350E13C-A031-6574-961B-367DE4721E86}" = Catalyst Control Center Graphics Light
"{14A776EF-3904-3C55-508F-BB093954391E}" = Catalyst Control Center Localization Dutch
"{19762EA5-8279-8FA8-5F16-7DEEF571E5D6}" = CCC Help Russian
"{1A90FD8B-8A64-8B83-D486-E507AEC997EF}" = Catalyst Control Center Graphics Full Existing
"{1D4C0096-98D0-5290-A5F7-AAA05121FA0A}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 14
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2E73FAB9-7713-D109-24DB-28339CB7A3CC}" = Catalyst Control Center Localization Norwegian
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{30517D85-B2C9-5920-77B2-6034DDC90B7C}" = CCC Help Czech
"{33CFCF98-F8D6-4549-B469-6F4295676D83}" = Symantec AntiVirus
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35A6DE92-DE2E-9FBB-C919-B9CA5079116D}" = Catalyst Control Center Localization Turkish
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{39C1585C-1004-5091-180A-5AFCA3D505C2}" = Catalyst Control Center Localization Thai
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B8.0717.01
"{41269776-CF11-AADD-A1A9-6E1701877F88}" = CCC Help Norwegian
"{455B46A4-17C2-DDDA-F695-7F157E2C6160}" = Catalyst Control Center Localization Danish
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B08.1212.1
"{4E10FFCA-5C09-6E8E-4DA4-B71FFC58C435}" = CCC Help Korean
"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"{4E568350-98BF-A31B-4E90-B23428023916}" = Catalyst Control Center Localization Spanish
"{51B833D8-66B0-4E72-92B9-4E4977EF37F2}" = WD Drive Manager (x86)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5827D56B-9A4D-6858-95C9-28B2D46F56EB}" = CCC Help German
"{5954C9DD-80C5-27FB-67FA-1DF0B5E2565A}" = Catalyst Control Center Localization Portuguese
"{5B6844F3-8C27-C589-E519-9AAE0AC87407}" = CCC Help Dutch
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DC1DF0D-8B08-30D9-5F5F-857ADC69201A}" = Catalyst Control Center Graphics Full New
"{5DDBDE45-EB70-DC65-6D06-6D25906E7797}" = CCC Help Japanese
"{5E075172-D826-3CFC-51F4-C9E6CF6D0690}" = CCC Help Spanish
"{618EB4D7-7D67-9126-7D63-CA39F93673DE}" = Catalyst Control Center Graphics Previews Common
"{67F5A666-181F-8AA1-0D4E-BAD64AD43B42}" = CCC Help Chinese Standard
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FB4970-45D2-1EA4-F131-A95EB60FFDDF}" = CCC Help Italian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A053172-1F36-0307-4CA0-6AA9317EBCC1}" = CCC Help Turkish
"{6B6F61D0-BBD0-E91F-8639-6EF30206ABD2}" = Catalyst Control Center Localization Japanese
"{71389CB1-6B6D-6FC2-0B74-0357D1ADC41E}" = CCC Help Finnish
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736D005A-96E3-3B70-836C-14C80A137862}" = CCC Help French
"{8124C5F0-D59A-DEFE-C3F7-02697D9BE53E}" = CCC Help Thai
"{82357963-7536-629A-F921-A3E72A5E124C}" = Catalyst Control Center Localization Korean
"{8625D3E5-2159-3FA4-3A74-AB306360E63E}" = Catalyst Control Center Localization Russian
"{888FAC3D-87CB-AB4C-EC2C-D17E0C4418E7}" = Catalyst Control Center Localization French
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89FF3A82-A88F-4035-9E95-6E03B7BA9D9B}" = Catalyst Control Center Localization Swedish
"{8E5EDE0A-6B13-A0E2-7F00-5C2660C9F771}" = Catalyst Control Center Localization Hungarian
"{8EE7E7B0-CEA9-E3FD-A63F-B27F49E9EC42}" = CCC Help Portuguese
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{9418FEE4-28B4-96FD-C398-42654B956376}" = Skins
"{94AF0F78-E983-BD4B-1A26-80F2FBD5487C}" = Catalyst Control Center Localization Czech
"{9749C770-90C4-EE5A-D3BB-287F53622104}" = Catalyst Control Center Core Implementation
"{9952EC25-5089-44FC-A0EA-628E6035E3F7}" = Brother HL-2170W
"{99FC30C1-60A7-205F-1A00-367506E756F2}" = Catalyst Control Center Localization Greek
"{9F36EDCC-81A8-5D37-9EB1-8BF6D96CAA23}" = Catalyst Control Center Localization Finnish
"{A0100CB5-E6CE-F516-59C1-28CF0195A875}" = ccc-core-preinstall
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A336E48B-A46E-81B5-936E-5A9A8D7FE3D8}" = CCC Help Hungarian
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A4CCE9FD-4A40-5669-97B3-262672CD6C38}" = CCC Help Greek
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.04
"{B325EFE1-1301-5BC4-8788-B1C7D3702ED1}" = CCC Help Polish
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B9A81070-616D-4E93-BE02-CEE651343204}" = WD Anywhere Backup
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C8430789-D948-0314-C36B-A7D78AB67013}" = ccc-core-static
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2FFEB2-AC62-8DE2-8806-7C263437F132}" = CCC Help English
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{D0F69BED-0B44-8D65-5834-6A74D8F83805}" = Catalyst Control Center Localization Chinese Traditional
"{DB0BA61A-8295-4211-85F7-184FC2591033}" = Nero 7 Essentials
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.17.0002
"{DD45D741-53D9-80CF-D097-31131DD9C0B0}" = CCC Help Chinese Traditional
"{DE5730BC-81FB-633F-039D-5D8C8F787EDF}" = Catalyst Control Center Localization German
"{E5FEB4A0-1480-F22B-9822-B56BA6172421}" = ccc-utility
"{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B08.0908.01
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EFF1802C-C1F1-03EC-F3E0-51048DF0009F}" = Catalyst Control Center Localization Italian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F308B531-AB20-4A79-8F5E-83071FE5BE60}" = Q-Share Ver.1.2
"{F46606AF-1E39-4E95-9C64-5B156DF7068A}" = Roxio Buzz
"{F9C22FF2-639F-1016-7926-9A1B06CDD516}" = Catalyst Control Center Localization Polish
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FCD71234-2287-41D2-96AD-3D3C66D60FBC}" = MSI Wireless LAN Card
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B08.1212.1
"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Picasa 3" = Picasa 3
"Windows Media Format Runtime" = Windows Media Format Runtime
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/11/2009 3:24:19 PM | Computer Name = SEAY-01 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog
Error - 7/11/2009 4:09:33 PM | Computer Name = SEAY-01 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
Error - 7/11/2009 8:24:10 PM | Computer Name = SEAY-01 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3439, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 7/22/2009 4:54:05 PM | Computer Name = SEAY-01 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
Error - 7/22/2009 4:55:11 PM | Computer Name = SEAY-01 | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Risk: Trojan Horse in File: E:\BONUS Files\Windows
Port Scanner\PORTER.EXE by: Auto-Protect scan. Action: Clean failed : Quarantine
failed. Action Description: The file was left unchanged.
Error - 7/22/2009 4:55:11 PM | Computer Name = SEAY-01 | Source = Symantec AntiVirus | ID = 16711685
Description = Risk Found!Risk: Trojan Horse in File: E:\BONUS Files\Windows Port
Scanner\PORTER.EXE by: Auto-Protect scan. Action: Clean failed : Quarantine failed
: Access denied. Action Description: The file was left unchanged.
Error - 7/22/2009 4:55:11 PM | Computer Name = SEAY-01 | Source = Symantec AntiVirus | ID = 16711685
Description = Risk Found!Risk: Trojan Horse in File: e:\bonus files\windows port
scanner\PORTER.EXE by: Auto-Protect scan. Action: Clean failed : Quarantine failed.
Action Description: The file was left unchanged.
Error - 7/22/2009 4:55:12 PM | Computer Name = SEAY-01 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Risk: Trojan Horse in File: E:\BONUS Files\Windows
Port Scanner\PORTER.EXE by: Auto-Protect scan. Action: Clean failed : Quarantine
failed : Access denied. Action Description: Risk was partially removed.
Error - 8/6/2009 12:18:38 AM | Computer Name = SEAY-01 | Source = MsiInstaller | ID = 11905
Description = Product: Ask Toolbar -- Error 1905.Module F:\Program Files\Ask.com\GenericAskToolbar.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.
Error - 8/18/2009 11:52:48 PM | Computer Name = SEAY-01 | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3498, faulting module
npswf32.dll, version 10.0.32.18, fault address 0x0004f2df.
[ System Events ]
Error - 11/19/2009 8:08:24 PM | Computer Name = SEAY-01 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.
Error - 11/22/2009 8:12:26 PM | Computer Name = SEAY-01 | Source = Service Control Manager | ID = 7000
Description = The Nero Registry InCD Service service failed to start due to the
following error: %%2
Error - 11/22/2009 8:12:57 PM | Computer Name = SEAY-01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 11/22/2009 8:12:57 PM | Computer Name = SEAY-01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 11/22/2009 8:13:00 PM | Computer Name = SEAY-01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 11/22/2009 8:13:00 PM | Computer Name = SEAY-01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 11/22/2009 8:13:00 PM | Computer Name = SEAY-01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 11/22/2009 8:13:00 PM | Computer Name = SEAY-01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 11/22/2009 8:18:35 PM | Computer Name = SEAY-01 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.2.4 for the Network Card with network
address 002421432ECA has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 11/22/2009 8:19:13 PM | Computer Name = SEAY-01 | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 192.168.2.3
with the system having network hardware address 00:1D:72:BA:42:DF. Network operations
on this system may be disrupted as a result.
< End of report >