IE, Firefox nor Netscape are affected.
Anti virus: avira antivir premium
Opera: Opera/9.64 (Windows NT 5.1; U; en) Presto/2.1.1
Last 7 days have been cleaning system of various virus/ malware:
one being: worm.wim32.netsky
other malware was caught and delt with.
Unable to identify this last(?) remaining infection.
I have worked my way through your Virus, Spyware and Trojan removal cleaning guide:
Latest Logs:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/12/02 20:31
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xAD27A000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xB0332000 Size: 8192 File Visible: No Signed: -
Status: -
Name: PCI_PNP0416
Image Path: \Driver\PCI_PNP0416
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xAA2F7000 Size: 49152 File Visible: No Signed: -
Status: -
Name: spij.sys
Image Path: spij.sys
Address: 0xB9EA6000 Size: 1052672 File Visible: No Signed: -
Status: -
Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xba6c8ace
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xba6c8ac4
#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xba6c8ad3
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xba6c8add
#: 071 Function Name: NtEnumerateKey
Status: Hooked by "spij.sys" at address 0xb9ec5ca4
#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "spij.sys" at address 0xb9ec6032
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xba6c8ae2
#: 119 Function Name: NtOpenKey
Status: Hooked by "spij.sys" at address 0xb9ea70c0
#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xba6c8ab0
#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xba6c8ab5
#: 160 Function Name: NtQueryKey
Status: Hooked by "spij.sys" at address 0xb9ec610a
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "spij.sys" at address 0xb9ec5f8a
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xba6c8aec
#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xba6c8ae7
#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xba6c8ad8
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xba6c8abf
==EOF==
OTL logfile created on: 12/3/2009 7:46:28 PM - Run 2
OTL by OldTimer - Version 3.1.11.4 Folder = F:\Zip files\Virus prevention\Geeks to go
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.59% Memory free
2.18 Gb Paging File | 1.78 Gb Available in Paging File | 81.79% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.18 Gb Total Space | 43.93 Gb Free Space | 30.47% Space Free | Partition Type: NTFS
Drive D: | 5.25 Gb Total Space | 0.76 Gb Free Space | 14.56% Space Free | Partition Type: FAT32
Unable to calculate disk information.
Drive F: | 148.65 Gb Total Space | 28.28 Gb Free Space | 19.02% Space Free | Partition Type: NTFS
Drive G: | 144.18 Gb Total Space | 45.19 Gb Free Space | 31.35% Space Free | Partition Type: NTFS
Drive H: | 5.26 Gb Total Space | 0.77 Gb Free Space | 14.68% Space Free | Partition Type: FAT32
Drive I: | 148.64 Gb Total Space | 28.36 Gb Free Space | 19.08% Space Free | Partition Type: NTFS
Computer Name: BASEMENT2
Current User Name: Compaq_Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009/11/30 18:15:37 | 00,535,552 | ---- | M] (OldTimer Tools) -- F:\Zip files\Virus prevention\Geeks to go\OTL.exe
PRC - [2009/11/25 12:08:28 | 00,390,672 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessLasso.exe
PRC - [2009/11/25 12:08:28 | 00,224,272 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessGovernor.exe
PRC - [2009/04/17 08:56:40 | 00,194,817 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2009/04/01 14:46:23 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/12 11:44:40 | 00,432,897 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2008/09/11 00:28:52 | 02,199,552 | ---- | M] () -- C:\Program Files\EasyHR\capslock\ezcaps.exe
PRC - [2008/05/01 23:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2008/02/13 18:02:22 | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files\Free Download Manager\fdm.exe
PRC - [2008/01/26 08:47:18 | 00,295,424 | ---- | M] (funkytoad.com) -- C:\Program Files\Homer\Homer.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/30 15:59:34 | 00,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 07:35:26 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2003/08/01 18:28:24 | 00,474,624 | ---- | M] (Constantin Kaplinsky) -- C:\Program Files\TightVNC\WinVNC.exe
========== Modules (SafeList) ==========
MOD - [2009/11/30 18:15:37 | 00,535,552 | ---- | M] (OldTimer Tools) -- F:\Zip files\Virus prevention\Geeks to go\OTL.exe
MOD - [2008/05/01 23:15:35 | 00,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/08/31 20:41:53 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2004/08/04 13:00:00 | 00,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/06/05 12:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/04/17 08:56:40 | 00,194,817 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2009/04/01 14:46:23 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/02/12 11:44:40 | 00,432,897 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2008/08/07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/08/08 17:51:48 | 00,410,904 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/04/13 11:20:22 | 00,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2005/08/02 16:18:49 | 00,086,016 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2003/08/01 18:28:24 | 00,474,624 | ---- | M] (Constantin Kaplinsky) -- C:\Program Files\TightVNC\WinVNC.exe -- (winvnc)
========== Driver Services (SafeList) ==========
DRV - [2009/06/17 21:32:24 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/03/30 09:33:07 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/03/24 15:08:22 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/03/19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/13 11:50:02 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/18 18:07:01 | 00,018,816 | ---- | M] (RIF) -- C:\WINDOWS\system32\drivers\dvd43llh.sys -- (dvd43llh)
DRV - [2007/12/27 15:58:05 | 00,400,864 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2007/12/27 15:58:05 | 00,032,768 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2007/12/27 15:57:59 | 00,120,992 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/03/07 18:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/02/06 16:02:00 | 00,123,939 | ---- | M] () -- C:\WINDOWS\system32\drivers\kqemu.sys -- (kqemu)
DRV - [2006/02/02 15:19:54 | 00,005,365 | ---- | M] () -- C:\WINDOWS\system32\drivers\NetProbe.sys -- (NetProbe)
DRV - [2005/08/02 16:10:13 | 00,032,512 | ---- | M] (CACE Technologies) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/04/20 11:00:56 | 02,317,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/12 11:42:16 | 00,011,904 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 11:08:44 | 00,247,296 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/10/26 10:22:50 | 00,002,410 | ---- | M] () -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [2004/08/04 06:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/08/03 23:00:00 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/03 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2004/07/16 16:47:14 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004/06/29 19:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/05/12 13:47:10 | 00,065,295 | R--- | M] (Columbia Data Products, Inc.) -- C:\WINDOWS\System32\DRIVERS\otman5.sys -- (otman5)
DRV - [2004/05/08 19:21:44 | 00,035,840 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/03/10 15:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003/07/18 18:58:20 | 00,036,992 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/16 14:27:40 | 00,043,264 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/07/12 00:28:56 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/07/29 23:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 23:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [1999/09/10 07:06:00 | 00,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 3E 25 7D 05 36 89 30 4A 9A 2B A8 25 58 9E 57 FA [binary data]
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: [email protected]:1.11.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {B922D405-6D13-4A2B-AE89-08A030DA4402}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: {c5b3582c-e7dd-4a5d-98b4-fd607be30b3f}:1.0
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:/WINDOWS/system32/drivers/etc/proxy"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/08 19:34:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/18 09:20:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2009/10/30 07:13:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2009/11/18 09:20:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2009/07/01 20:13:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2009/11/18 09:20:49 | 00,000,000 | ---D | M]
[2009/05/28 22:17:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/05/28 22:17:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2009/11/27 16:12:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions
[2009/11/23 19:51:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/11/30 18:04:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions\{c5b3582c-e7dd-4a5d-98b4-fd607be30b3f}
[2009/02/05 21:21:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions\[email protected]
[2008/11/24 20:22:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions\[email protected]
[2009/10/24 21:28:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions\[email protected]
[2009/10/24 21:28:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\f5gyr9e0.default\extensions\[email protected]
[2009/11/27 16:12:13 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/30 20:12:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2009/07/30 20:12:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
O1 HOSTS File: (3763938 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts:
O1 - Hosts: 127.0.0.1 0-29.com
O1 - Hosts: 127.0.0.1 www.0-29.com
O1 - Hosts: 127.0.0.1 127.0.0.1
O1 - Hosts: 127.0.0.1 www.000000000000000.info
O1 - Hosts: 127.0.0.1 000info.com
O1 - Hosts: 127.0.0.1 error.000webhost.com
O1 - Hosts: 127.0.0.1 www.000x.us
O1 - Hosts: 127.0.0.1 001soft.cn
O1 - Hosts: 127.0.0.1 001y.com
O1 - Hosts: 127.0.0.1 001yl.com
O1 - Hosts: 127.0.0.1 007arcadegames.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 download.007guard.com
O1 - Hosts: 127.0.0.1 install.007guard.com
O1 - Hosts: 127.0.0.1 the.007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 www.install.007guard.com
O1 - Hosts: 127.0.0.1 www.the.007guard.com
O1 - Hosts: 127.0.0.1 coming1.007webs.com
O1 - Hosts: 127.0.0.1 coming2.007webs.com
O1 - Hosts: 127.0.0.1 coming3.007webs.com
O1 - Hosts: 127.0.0.1 coming4.007webs.com
O1 - Hosts: 127.0.0.1 coming5.007webs.com
O1 - Hosts: 123390 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - File not found
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProcessLassoManagementConsole] C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Easy Caps Lock.lnk = C:\Program Files\EasyHR\capslock\ezcaps.exe ()
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Homer.exe.lnk = C:\Program Files\Homer\Homer.exe (funkytoad.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktopChanges = [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: ClassicShell = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 109 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} https://wcrln11.mei-...et/iNotes6W.cab (iNotes6 Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.1_02)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O20 - AppInit_DLLs: (C:\WINDOWS\System32\esent(3)32.dll) - C:\WINDOWS\system32\esent(3)32.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\20054e0c703: DllName - C:\WINDOWS\System32\esent(3)32.dll - C:\WINDOWS\system32\esent(3)32.dll ()
O27 - HKLM IFEO\taskmgr.exe: Debugger - "F:\ZIP FILES\SYSTEM INTERNALS\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {FA010552-4A27-4cb1-A1BB-3E2D697F1639} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/15 12:38:18 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2004/10/15 12:38:18 | 00,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 00,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 00,000,053 | -HS- | M] () - H:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2ffe0d2f-dae8-11dc-beec-0011d888a34d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ffe0d2f-dae8-11dc-beec-0011d888a34d}\Shell\AutoRun\command - "" = Q:\autorun.exe -- File not found
O33 - MountPoints2\{2ffe0d2f-dae8-11dc-beec-0011d888a34d}\Shell\phone\command - "" = Q:\autorun.exe -- File not found
O33 - MountPoints2\{2ffe0d30-dae8-11dc-beec-0011d888a34d}\Shell\AutoRun\command - "" = R:\magicJack\autorun.exe -- File not found
O33 - MountPoints2\{2ffe0d30-dae8-11dc-beec-0011d888a34d}\Shell\phone\command - "" = R:\magicJack\autorun.exe -- File not found
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c7eaf834-7138-11d9-a02f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c7eaf834-7138-11d9-a02f-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2009/11/30 18:34:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2009/11/30 18:34:52 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/30 18:34:49 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/30 18:34:49 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/30 18:34:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/30 18:33:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/30 18:32:12 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/11/30 18:10:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC
[2009/11/29 22:34:23 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/11/28 14:30:36 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\temp.000
[2009/11/28 14:28:52 | 00,000,000 | ---D | C] -- C:\Program Files\HJT_CS
[2009/11/27 15:58:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinRAR
[2009/11/27 15:56:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\305604971
[2009/11/09 08:01:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/11/07 07:59:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2007/11/01 19:48:11 | 05,650,708 | ---- | C] (Asymetrix) -- C:\Program Files\PMIQIIL.exe
========== Files - Modified Within 30 Days ==========
[2009/12/03 19:46:26 | 00,002,089 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703P.manifest
[2009/12/03 19:46:20 | 00,005,609 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703C.manifest
[2009/12/03 16:26:45 | 00,125,952 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/03 10:09:19 | 00,000,615 | ---- | M] () -- C:\WINDOWS\System32\CuJNEicCmH4p7.vbs
[2009/12/03 07:45:19 | 00,000,549 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703O.manifest
[2009/12/03 07:45:19 | 00,000,011 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703S.manifest
[2009/12/03 07:45:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/03 07:45:11 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/03 04:52:15 | 14,155,776 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.dat
[2009/12/03 04:52:15 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini
[2009/12/03 02:54:47 | 10,240,256 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\C backup up to G.bul
[2009/12/03 02:54:47 | 00,000,668 | ---- | M] () -- C:\WINDOWS\tasks\Double Image Backup C backup up to G.bu 1.job
[2009/12/03 02:47:23 | 01,549,568 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\F backup up to I.bul
[2009/12/03 02:47:23 | 00,000,668 | ---- | M] () -- C:\WINDOWS\tasks\Double Image Backup F backup up to I.bu 1.job
[2009/12/02 22:32:17 | 00,000,615 | ---- | M] () -- C:\WINDOWS\System32\6mDfoz2YQMwWbel.vbs
[2009/12/02 22:21:26 | 00,436,510 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/02 22:21:26 | 00,069,704 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/02 22:21:24 | 00,515,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/30 22:04:59 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/30 18:32:12 | 00,000,658 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\NTREGOPT.lnk
[2009/11/30 05:40:03 | 00,000,344 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/11/30 05:39:52 | 00,425,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/30 02:02:14 | 00,000,379 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/11/28 14:40:42 | 00,001,466 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/11/28 14:30:36 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\temp.000
[2009/11/28 14:26:59 | 00,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009/11/28 14:26:58 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009/11/27 17:25:18 | 03,763,938 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2009/11/27 17:25:18 | 03,763,938 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/11/27 15:56:59 | 00,203,776 | -HS- | M] () -- C:\WINDOWS\System32\unrar.exe
[2009/11/27 15:56:38 | 00,121,856 | ---- | M] () -- C:\WINDOWS\System32\esent(3)32.dll
[2009/11/27 15:55:35 | 00,121,856 | ---- | M] () -- C:\WINDOWS\System32\encn326032.dll
[2009/11/27 15:52:53 | 00,121,856 | ---- | M] () -- C:\WINDOWS\System32\fxsperf32.dll
[2009/11/27 15:18:12 | 00,000,283 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/26 00:15:00 | 04,296,463 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Ollies 176.pdf
[2009/11/23 19:30:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/11/10 20:18:03 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
========== Files Created - No Company Name ==========
[2009/12/03 10:09:19 | 00,000,615 | ---- | C] () -- C:\WINDOWS\System32\CuJNEicCmH4p7.vbs
[2009/12/02 22:32:17 | 00,000,615 | ---- | C] () -- C:\WINDOWS\System32\6mDfoz2YQMwWbel.vbs
[2009/11/30 18:32:12 | 00,000,658 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\NTREGOPT.lnk
[2009/11/27 16:53:04 | 00,000,379 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/11/27 15:56:59 | 00,203,776 | -HS- | C] () -- C:\WINDOWS\System32\unrar.exe
[2009/11/27 15:56:38 | 00,121,856 | ---- | C] () -- C:\WINDOWS\System32\esent(3)32.dll
[2009/11/27 15:56:38 | 00,005,609 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703C.manifest
[2009/11/27 15:56:38 | 00,002,089 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703P.manifest
[2009/11/27 15:56:38 | 00,000,549 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703O.manifest
[2009/11/27 15:56:38 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\02000000ff93e951703S.manifest
[2009/11/27 15:55:35 | 00,121,856 | ---- | C] () -- C:\WINDOWS\System32\encn326032.dll
[2009/11/27 15:52:53 | 00,121,856 | ---- | C] () -- C:\WINDOWS\System32\fxsperf32.dll
[2009/11/26 00:15:00 | 04,296,463 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Ollies 176.pdf
[2009/09/02 20:36:41 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/07/30 20:10:02 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/03/01 13:03:43 | 00,000,026 | ---- | C] () -- C:\WINDOWS\ExplorerXP.INI
[2008/11/01 22:06:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/11/01 22:05:06 | 00,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/10/29 18:07:41 | 00,000,193 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2008/10/16 21:28:58 | 00,002,026 | ---- | C] () -- C:\WINDOWS\td.ini
[2008/08/02 21:45:21 | 00,003,896 | ---- | C] () -- C:\WINDOWS\scad3.INI
[2008/02/10 17:39:40 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/11/15 21:36:14 | 02,293,848 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2007/11/01 19:48:19 | 00,005,738 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2007/11/01 19:48:13 | 13,186,656 | ---- | C] () -- C:\Program Files\setupw.exe
[2007/11/01 19:48:13 | 00,240,843 | ---- | C] () -- C:\Program Files\pmiquest.zip
[2007/11/01 19:48:13 | 00,027,137 | ---- | C] () -- C:\Program Files\Pmiuser3.dbt
[2007/11/01 19:48:13 | 00,026,624 | ---- | C] () -- C:\Program Files\question.rpt
[2007/11/01 19:48:13 | 00,023,552 | ---- | C] () -- C:\Program Files\PMIQUEST.NDX
[2007/11/01 19:48:13 | 00,023,040 | ---- | C] () -- C:\Program Files\progress.rpt
[2007/11/01 19:48:13 | 00,015,757 | ---- | C] () -- C:\Program Files\Repdetai.dbf
[2007/11/01 19:48:13 | 00,001,024 | ---- | C] () -- C:\Program Files\Pmiuser3.ndx
[2007/11/01 19:48:13 | 00,000,706 | ---- | C] () -- C:\Program Files\Pmiuser3.dbf
[2007/11/01 19:48:13 | 00,000,465 | ---- | C] () -- C:\Program Files\Rephead.dbf
[2007/11/01 19:48:12 | 05,244,416 | ---- | C] () -- C:\Program Files\PMIQUEST.DBT
[2007/11/01 19:48:12 | 00,232,130 | ---- | C] () -- C:\Program Files\PMIQUEST.DBF
[2007/11/01 19:48:12 | 00,041,992 | ---- | C] () -- C:\Program Files\Pmiqhelp.chm
[2007/11/01 19:48:12 | 00,001,024 | ---- | C] () -- C:\Program Files\PMINOTES.NDX
[2007/11/01 19:48:12 | 00,001,024 | ---- | C] () -- C:\Program Files\PMINOTES.DBT
[2007/11/01 19:48:12 | 00,000,775 | ---- | C] () -- C:\Program Files\pminotes.zip
[2007/11/01 19:48:12 | 00,000,214 | ---- | C] () -- C:\Program Files\PMINOTES.DBF
[2007/11/01 19:48:11 | 00,098,334 | ---- | C] () -- C:\Program Files\4_b019.bmp
[2007/11/01 19:48:11 | 00,098,334 | ---- | C] () -- C:\Program Files\4_b018.bmp
[2007/11/01 19:48:11 | 00,098,334 | ---- | C] () -- C:\Program Files\4_b017.bmp
[2007/11/01 19:48:11 | 00,092,166 | ---- | C] () -- C:\Program Files\4_B040.bmp
[2007/11/01 19:48:11 | 00,088,518 | ---- | C] () -- C:\Program Files\2_C037.bmp
[2007/11/01 19:48:11 | 00,087,606 | ---- | C] () -- C:\Program Files\4_A036.bmp
[2007/11/01 19:48:11 | 00,079,854 | ---- | C] () -- C:\Program Files\4_B001.bmp
[2007/11/01 19:48:11 | 00,074,838 | ---- | C] () -- C:\Program Files\4_B029.bmp
[2007/11/01 19:48:11 | 00,073,314 | ---- | C] () -- C:\Program Files\4_C028.bmp
[2007/11/01 19:48:11 | 00,051,462 | ---- | C] () -- C:\Program Files\2_I019.bmp
[2007/11/01 19:48:11 | 00,048,958 | ---- | C] () -- C:\Program Files\2_C033.bmp
[2007/11/01 19:48:11 | 00,043,378 | ---- | C] () -- C:\Program Files\5_a027.bmp
[2007/11/01 19:48:11 | 00,043,318 | ---- | C] () -- C:\Program Files\6_A023.bmp
[2007/11/01 19:48:11 | 00,040,402 | ---- | C] () -- C:\Program Files\2_I024.bmp
[2007/11/01 19:48:11 | 00,040,270 | ---- | C] () -- C:\Program Files\4_B007.bmp
[2007/11/01 19:48:11 | 00,039,454 | ---- | C] () -- C:\Program Files\5_b011.bmp
[2007/11/01 19:48:11 | 00,038,570 | ---- | C] () -- C:\Program Files\Copy of 2_C009.bmp
[2007/11/01 19:48:11 | 00,034,942 | ---- | C] () -- C:\Program Files\5_c006.bmp
[2007/11/01 19:48:11 | 00,034,774 | ---- | C] () -- C:\Program Files\5_i022.bmp
[2007/11/01 19:48:11 | 00,033,370 | ---- | C] () -- C:\Program Files\4_A014.bmp
[2007/11/01 19:48:11 | 00,032,830 | ---- | C] () -- C:\Program Files\2_i009.bmp
[2007/11/01 19:48:11 | 00,031,934 | ---- | C] () -- C:\Program Files\9_b037.bmp
[2007/11/01 19:48:11 | 00,031,862 | ---- | C] () -- C:\Program Files\5_a023.bmp
[2007/11/01 19:48:11 | 00,031,262 | ---- | C] () -- C:\Program Files\temp.bmp
[2007/11/01 19:48:11 | 00,030,774 | ---- | C] () -- C:\Program Files\5_i024.bmp
[2007/11/01 19:48:11 | 00,028,910 | ---- | C] () -- C:\Program Files\7_B024.bmp
[2007/11/01 19:48:11 | 00,022,726 | ---- | C] () -- C:\Program Files\5_b035.bmp
[2007/11/01 19:48:11 | 00,022,510 | ---- | C] () -- C:\Program Files\7_b012.bmp
[2007/11/01 19:48:11 | 00,021,138 | ---- | C] () -- C:\Program Files\5_a038.bmp
[2007/11/01 19:48:11 | 00,020,266 | ---- | C] () -- C:\Program Files\5_a039.bmp
[2007/11/01 19:48:11 | 00,017,810 | ---- | C] () -- C:\Program Files\7_b037.bmp
[2007/11/01 19:48:11 | 00,016,758 | ---- | C] () -- C:\Program Files\5_i012.bmp
[2007/11/01 19:48:11 | 00,016,478 | ---- | C] () -- C:\Program Files\4_c036.bmp
[2007/11/01 19:48:11 | 00,014,358 | ---- | C] () -- C:\Program Files\5_c005.bmp
[2007/11/01 19:48:10 | 00,133,150 | ---- | C] () -- C:\Program Files\2_A037.bmp
[2007/11/01 19:48:10 | 00,097,270 | ---- | C] () -- C:\Program Files\2_B002.bmp
[2007/11/01 19:48:10 | 00,047,518 | ---- | C] () -- C:\Program Files\2_C021.bmp
[2007/11/01 19:48:10 | 00,046,486 | ---- | C] () -- C:\Program Files\2_A036.bmp
[2007/11/01 19:48:10 | 00,046,214 | ---- | C] () -- C:\Program Files\2_C017.bmp
[2007/11/01 19:48:10 | 00,044,766 | ---- | C] () -- C:\Program Files\2_C018.bmp
[2007/11/01 19:48:10 | 00,039,838 | ---- | C] () -- C:\Program Files\2_C029.bmp
[2007/11/01 19:48:10 | 00,039,126 | ---- | C] () -- C:\Program Files\2_B035.bmp
[2007/11/01 19:48:10 | 00,038,934 | ---- | C] () -- C:\Program Files\2_C013.bmp
[2007/11/01 19:48:10 | 00,038,570 | ---- | C] () -- C:\Program Files\2_C009.bmp
[2007/11/01 19:48:10 | 00,034,590 | ---- | C] () -- C:\Program Files\1_A034.bmp
[2007/11/01 19:48:10 | 00,033,530 | ---- | C] () -- C:\Program Files\2_C025.bmp
[2007/11/01 19:48:10 | 00,030,094 | ---- | C] () -- C:\Program Files\2_C005.bmp
[2007/11/01 19:48:10 | 00,000,055 | ---- | C] () -- C:\Program Files\REGINFO.TXT
[2007/11/01 18:39:16 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/10/04 19:22:00 | 00,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007/09/20 18:33:45 | 00,000,147 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2007/08/02 20:04:50 | 00,000,238 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2007/07/26 21:30:19 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2007/07/09 19:07:39 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2007/07/09 19:06:53 | 00,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2007/07/09 19:06:53 | 00,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2007/02/06 16:02:00 | 00,123,939 | ---- | C] () -- C:\WINDOWS\System32\drivers\kqemu.sys
[2006/12/10 17:45:32 | 00,000,253 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/07/02 15:55:00 | 00,000,036 | ---- | C] () -- C:\WINDOWS\UNLOCK.INI
[2006/06/26 19:19:55 | 00,000,200 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2006/06/17 15:00:33 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\espr3260.dll
[2006/06/17 15:00:32 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\MPEGWriter.dll
[2006/06/17 15:00:31 | 01,036,800 | ---- | C] () -- C:\WINDOWS\System32\libmpeg-1.0.0.dll
[2006/06/17 15:00:31 | 00,987,136 | ---- | C] () -- C:\WINDOWS\System32\liboggvorbis-1.0.0.dll
[2006/06/17 15:00:31 | 00,225,792 | ---- | C] () -- C:\WINDOWS\System32\libmpg-dec-1.0.7.dll
[2006/06/17 15:00:31 | 00,209,920 | ---- | C] () -- C:\WINDOWS\System32\libmpg-dec-1.0.4.dll
[2006/06/17 15:00:31 | 00,128,512 | ---- | C] () -- C:\WINDOWS\System32\libmpa-enc-1.0.3.dll
[2006/06/17 15:00:31 | 00,069,120 | ---- | C] () -- C:\WINDOWS\System32\libmpv-enc-1.2.5.dll
[2006/06/17 15:00:31 | 00,069,120 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2-enc-1.2.5.dll
[2006/06/17 15:00:31 | 00,058,880 | ---- | C] () -- C:\WINDOWS\System32\libmpg-mux-2.0.2.dll
[2006/06/17 15:00:31 | 00,056,320 | ---- | C] () -- C:\WINDOWS\System32\libmpv-enc-1.2.4.dll
[2006/06/17 15:00:31 | 00,050,176 | ---- | C] () -- C:\WINDOWS\System32\libmpg-mux-2.0.1.dll
[2006/06/17 15:00:31 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\libavi-dd-1.1.1.dll
[2006/06/17 15:00:31 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\libavi-dd-1.1.0.dll
[2006/06/17 15:00:30 | 00,696,832 | ---- | C] () -- C:\WINDOWS\System32\libmcl-2.8.0.dll
[2006/06/17 15:00:30 | 00,696,320 | ---- | C] () -- C:\WINDOWS\System32\libmcl-2.7.2.dll
[2006/06/17 15:00:30 | 00,675,840 | ---- | C] () -- C:\WINDOWS\System32\libmcl-2.7.1.dll
[2006/06/17 15:00:30 | 00,669,184 | ---- | C] () -- C:\WINDOWS\System32\libmcl-2.7.0.dll
[2006/06/17 15:00:30 | 00,666,112 | ---- | C] () -- C:\WINDOWS\System32\libmcl-2.6.1.dll
[2006/06/17 15:00:30 | 00,427,008 | ---- | C] () -- C:\WINDOWS\System32\libimg-2.2.9.dll
[2006/06/17 15:00:30 | 00,400,384 | ---- | C] () -- C:\WINDOWS\System32\libimg-2.2.8.dll
[2006/06/17 15:00:30 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\libmpg-dec-1.0.3.dll
[2006/06/17 15:00:30 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\libmpa-enc-1.0.2.dll
[2006/06/17 14:56:37 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/03/06 16:22:43 | 00,032,068 | ---- | C] () -- C:\WINDOWS\System32\windriver.dll
[2006/02/19 18:44:41 | 00,000,121 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2006/02/02 15:19:54 | 00,005,365 | ---- | C] () -- C:\WINDOWS\System32\drivers\NetProbe.sys
[2006/01/27 22:30:05 | 00,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2006/01/27 22:30:05 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\mmswitch.dll
[2006/01/27 22:30:05 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2006/01/27 22:30:04 | 01,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006/01/27 22:30:04 | 01,040,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006/01/27 22:30:04 | 00,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/01/27 22:30:04 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006/01/27 22:30:04 | 00,160,768 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/01/27 22:30:04 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/27 22:30:04 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2006/01/27 22:30:04 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006/01/27 22:30:02 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/01/27 22:24:06 | 00,125,952 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/27 21:34:56 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/20 21:03:39 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\nsprof.dll
[2006/01/16 22:44:37 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2006/01/16 22:43:19 | 00,103,579 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2006/01/16 22:42:47 | 00,095,285 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/08/02 16:24:01 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/01/28 23:30:48 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/01/28 14:40:21 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/28 14:37:27 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/28 14:37:27 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/28 14:37:27 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/28 14:37:27 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/28 14:37:27 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/28 14:37:27 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/01/28 13:56:46 | 00,013,974 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/01/28 13:56:33 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/01/28 13:56:09 | 00,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/01/28 13:52:10 | 00,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/28 13:37:17 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/01/28 13:21:45 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/16 15:24:26 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/09/14 01:35:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 05:14:46 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 05:14:46 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/08/04 13:00:00 | 00,002,048 | ---- | C] () -- C:\WINDOWS\PGlasetti.ini
[2004/06/16 06:38:02 | 00,000,572 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/18 07:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003/04/11 01:04:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2002/04/01 17:45:50 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL
[2001/06/23 20:20:00 | 00,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
========== LOP Check ==========
[2009/01/02 12:30:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\16 Software
[2008/02/10 17:57:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2006/01/27 21:26:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2007/07/26 22:06:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/11/01 21:59:05 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/11/30 05:43:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/03/13 23:33:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2008/02/15 05:33:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2008/12/05 16:51:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2007/07/29 20:20:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2007/12/08 07:22:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\openlp.org
[2008/12/05 16:57:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2006/02/02 20:44:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/11/01 22:04:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/12/27 16:11:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/10/17 20:39:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\shctxex.vb
[2006/02/02 19:48:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/12/03 07:45:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/05 15:03:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2009/09/05 15:00:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/09/05 15:00:13 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{29BCB588-EBE6-442B-8E92-92CDF6E017D7}
[2009/09/05 15:03:26 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{428BA3F5-8003-46AA-9B5C-D7496CECEB41}
[2009/05/06 08:15:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/01/02 12:30:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\16 Software
[2009/11/01 22:24:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Amazon
[2009/11/23 20:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Audacity
[2006/07/02 16:57:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AutoDWG
[2008/11/22 17:44:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BookmarkBridge
[2006/01/27 21:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Broderbund
[2008/11/09 17:58:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canon
[2009/03/13 23:34:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2009/06/17 21:41:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/03/13 23:34:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2009/02/17 12:28:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Desktopicon
[2007/08/22 20:28:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Easy Thumbnails
[2007/12/22 16:42:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\elefundesktops
[2006/03/06 17:59:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ethereal
[2009/12/03 19:44:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Free Download Manager
[2009/09/27 07:34:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FreshDiagnose
[2009/09/15 18:22:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo
[2007/07/11 04:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GlobalSCAPE
[2008/11/26 20:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\gtk-2.0
[2008/02/23 08:18:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InfraRecorder
[2005/01/28 14:17:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterMute
[2006/01/28 19:12:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2007/09/06 20:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\KompoZer
[2008/03/27 18:41:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/11/27 16:11:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2009/07/26 21:14:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Lunar Calendar
[2008/02/15 20:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mjusbsp
[2007/08/30 04:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NASA
[2008/04/16 10:01:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Netscape
[2008/11/01 22:49:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NewSoft
[2008/12/05 16:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2007/10/18 20:19:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OpenSong
[2006/01/21 00:08:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Opera
[2007/09/14 19:48:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OverDrive
[2009/11/30 18:46:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC
[2008/12/05 16:57:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2009/07/30 20:24:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\pdfforge
[2009/10/31 07:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ProcessLasso
[2005/01/28 14:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2008/11/01 22:05:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ScanSoft
[2009/07/30 20:24:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Search Settings
[2007/08/19 10:46:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\yoclient
[2009/12/03 02:54:47 | 00,000,668 | ---- | M] () -- C:\WINDOWS\Tasks\Double Image Backup C backup up to G.bu 1.job
[2009/12/03 02:47:23 | 00,000,668 | ---- | M] () -- C:\WINDOWS\Tasks\Double Image Backup F backup up to I.bu 1.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008/04/14 00:06:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
< MD5 for: ATAPI.SYS >
[2008/04/14 00:10:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 23:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 23:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/05/13 16:46:00 | 00,028,797 | R--- | M] () MD5=44A530F1B53063CD8E3CEE119784919E -- C:\Perl\lib\auto\Win32\EventLog\EventLog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/04 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\sp2qfe\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\sp2qfe\netlogon.dll
[2004/08/04 13:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/04 13:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 13:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004/08/04 13:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004/08/04 13:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 13:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D90AE79E
< End of report >
OTL Extras logfile created on: 12/3/2009 7:46:28 PM - Run 2
OTL by OldTimer - Version 3.1.11.4 Folder = F:\Zip files\Virus prevention\Geeks to go
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.59% Memory free
2.18 Gb Paging File | 1.78 Gb Available in Paging File | 81.79% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.18 Gb Total Space | 43.93 Gb Free Space | 30.47% Space Free | Partition Type: NTFS
Drive D: | 5.25 Gb Total Space | 0.76 Gb Free Space | 14.56% Space Free | Partition Type: FAT32
Unable to calculate disk information.
Drive F: | 148.65 Gb Total Space | 28.28 Gb Free Space | 19.02% Space Free | Partition Type: NTFS
Drive G: | 144.18 Gb Total Space | 45.19 Gb Free Space | 31.35% Space Free | Partition Type: NTFS
Drive H: | 5.26 Gb Total Space | 0.77 Gb Free Space | 14.68% Space Free | Partition Type: FAT32
Drive I: | 148.64 Gb Total Space | 28.36 Gb Free Space | 19.08% Space Free | Partition Type: NTFS
Computer Name: BASEMENT2
Current User Name: Compaq_Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with SpySubtract...] -- "C:\Program Files\InterMute\SpySubtract\SpySub.exe" "-sc" "%1" (InterMute, Inc.)
Directory [UnzipThemAll] -- "C:\Program Files\UnzipThemAll\UnzipThemAll.exe" "%1" (Hervé Thouzard)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9420:TCP" = 9420:TCP:*:Enabled:Red Swoosh
"5000:UDP" = 5000:UDP:*:Enabled:Red Swoosh
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Inc.)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Tidy Favorites\TidyFavorites.exe" = C:\Program Files\Tidy Favorites\TidyFavorites.exe:*:Enabled:TidyFavorites -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe:*:Disabled:BackWeb for Presario -- File not found
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:Earthlink -- File not found
"C:\Program Files\TightVNC\WinVNC.exe" = C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (Constantin Kaplinsky)
"C:\Program Files\CommunityTSC\TSC\D2OL.exe" = C:\Program Files\CommunityTSC\TSC\D2OL.exe:*:Enabled:LaunchAnywhere GUI -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Tidy Favorites\TidyFavorites.exe" = C:\Program Files\Tidy Favorites\TidyFavorites.exe:*:Enabled:TidyFavorites -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{061CE7E5-0115-4BB6-8381-47C602B98C7D}" = ActivePerl 5.10.0 Build 1003
"{06230E02-2B7E-11D2-92D0-0040051BD005}" = OLYMPUS CAMEDIA Master 2.5
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA}" = PC-Doctor for Windows
"{0CCC3C86-FBC9-4844-A603-F6CC1CBE877E}" = DI-O 5.00.0038.0
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F177611-70E6-4194-B2DD-CAA1B5EBC0F9}" = Bookmark Converter 3.2 (beta 2)
"{10402A72-27D4-4352-81BE-C6B20C1864ED}" = 3-Bible Concordance
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{16D9439B-DF3D-43D1-A727-4B335300D07A}" = OverDrive Media Console
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1EE7343D-BBE3-4A8B-8E62-B81683BCAB8E}" = BE Downloadable Edition
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369CA47D-4D51-42E2-8DC6-A869794BD04E}" = Network Probe 1.2.1
"{3F695596-85E6-4224-BC70-538F9036797A}" = MovieShop
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP
"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1
"{50974B3A-B8D5-4C7B-9D23-ED0EC9517B45}" = PL-2303 USB-to-Serial
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{79EFF529-C306-41DC-81D9-17F181DF287A}" = DoISO
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Seagate DiscWizard
"{81CFDC81-A76D-4098-A8A8-D2BC21340D51}" = Bible Mapper 3
"{83C03FBE-4492-4133-BBAB-421CD88ADA32}" = OpenOffice.org 2.3
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{913B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Project Professional 2002
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97D86AAF-0473-4457-A35F-066C84E83CB0}" = e-Sword
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.6
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AED0B5AC-0771-4600-9777-9C4C910EBE09}" = Open Workbench
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B3164E9E-BE08-4F3B-94BC-C6D09C0205E1}" = Nokia Connectivity Cable Driver
"{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B40DED06-B52E-4970-8689-578D162638ED}" = DWGSee DWG Viewer
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 5.3
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BFCD5069-52AC-4B3F-902A-CDC5CD5D21DA}" = Dwg2Img
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7793EE8-F666-4E6B-9827-76468679480E}" = Tweakui Powertoy for Windows XP
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E74DCA14-4FD8-4640-BF13-F002614A5733}" = MediaShop Digital Studio 2
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E7F4FA40-B85C-4960-A4FC-D2654D3C7591}" = InstaVerse
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"4U AVI MPEG Converter_is1" = 4U AVI MPEG Converter (version 2.3.8)
"7-Zip" = 7-Zip 4.58 beta
"Aaron's WebVacuum 2_is1" = Aaron's WebVacuum 2
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"Aspi Installer" = Aspi Installer
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BE Downloadable Edition" = BE Downloadable Edition
"Bookmarkbridge" = BookmarkBridge 0.76
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem (05/22/2008 3.8)
"Canon MX310 series User Registration" = Canon MX310 series User Registration
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CommunityTSC 3.0" = CommunityTSC 3.0
"CommunityTSC 3.0(1)" = CommunityTSC 3.0(1)
"CommunityTSC 3.0(2)" = CommunityTSC 3.0(2)
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"CuteFTP" = CuteFTP
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Desktop Lunar Calendar" = Desktop Lunar Calendar 1.67
"Drag And View DWG" = Drag And View DWG
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD43_is1" = DVD43 v4.3.1
"Easy HR Caps Lock" = Easy HR Caps Lock
"Easy Thumbnails_is1" = Easy Thumbnails (Remove only)
"EasyCleaner" = EasyCleaner
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Elite FTP" = Elite FTP
"ERUNT_is1" = ERUNT 1.1j
"Ethereal" = Ethereal 0.10.14
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"ExplorerXP" = ExplorerXP (remove only)
"File Writer output plugin" = File Writer output plugin for WinAMP 2 v1.17© (remove only)
"FLV Player" = FLV Player 2.0 (build 25)
"FLV Player1.33 FC" = FLV Player
"FLV Player2.0 " = FLV Player
"Foxit PDF Creator" = Foxit PDF Creator
"Free Download Manager_is1" = Free Download Manager 2.5
"FreeRIP_is1" = FreeRIP v2.941
"FreshDevices - FreshDiagnose_is1" = FreshDiagnose
"FreshDevices - FreshView_is1" = FreshView
"Fx MPEG Writer" = Fx MPEG Writer
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Help and Support Additions" = Help and Support Additions
"HijackThis" = HijackThis 2.0.2
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"HP Drive Key Boot Utility" = HP Drive Key Boot Utility
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA}" = PC-Doctor for Windows
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{E74DCA14-4FD8-4640-BF13-F002614A5733}" = MediaShop Digital Studio 2
"InstaVerse" = InstaVerse
"ispeed3_is1" = iSpeed for Windows
"iVideoMAX_is1" = iVideoMAX 3.9
"Java Web Start" = Java Web Start
"JPEG Lossless Rotator_is1" = JPEG Lossless Rotator 5.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.41 Full
"lcc-win32 (base system)_is1" = lcc-win32 version 3.2 (base system)
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.6.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobiMB Mobile Media Browser" = MobiMB Mobile Media Browser
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MrSID Viewer" = MrSID Viewer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NASA World Wind 1.4" = NASA World Wind 1.4
"NasBackup" = NasBackup 1.06rc1
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Netscape (7.1)" = Netscape (7.1)
"Netscape Navigator (9.0.0.6)" = Netscape Navigator (9.0.0.6)
"Nolo's Will Forms" = Nolo's Will Forms
"NTI CD-Maker 2000 Plus" = NTI CD-Maker 2000 Plus
"Online help of lcc-win32_is1" = Online help of lcc-win32
"OpenLP" = OpenLP
"openlp.org Songs Importer_is1" = openlp.org Songs Importer 1.0
"openlp.org_is1" = openlp.org 1.0 (Release Candidate 5)
"OpenSong_is1" = OpenSong Version 1.1
"OSS Media Converter Pro_is1" = OSS Media Converter Pro 5.6.0.4
"oSync" = oSync
"PlayFLV" = PlayFLV
"PokerStars" = PokerStars
"ProcessLasso" = Process Lasso
"PS2" = PS2
"QEMU Accelerator Module" = QEMU Accelerator Module 1.3.0pre11
"RealPlayer 6.0" = RealPlayer
"RexEdit" = RexEdit 0.2.8 (beta)
"Scribus 1.3.3" = Scribus 1.3.3.9
"SiS VGA Driver" = SiS VGA Utilities
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"SpySubtract" = SpySubtract
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"ST6UNST #1" = AstroGrep2.0.29
"ST6UNST #2" = HJT_CS
"SwitcherCAD III" = LTspice/SwCADIII
"The SWORD Project" = The SWORD Project
"Thumbs" = Thumbs
"TightVNC_is1" = TightVNC 1.2.9
"TradeManager" = TradeManager
"Type Fonts" = Type Fonts
"Unlocker" = Unlocker 1.8.7
"UnzipThemAll_is1" = UnzipThemAll 1.3
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.4.2
"WinGTK-2_is1" = GTK+ 2.8.18-1 runtime environment
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.40-beta-2
"WinPcapInst" = WinPcap 3.1
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wondershare PPT2DVD update trial to full_is1" = Wondershare PPT2DVD 5.5.0.319
"Wondershare PPT2DVD_is1" = Wondershare PPT2DVD 5.5.0.319
"Writing with Symbols 2000 (v2)" = Writing with Symbols 2000 (v2)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XBTB01621.XBTB01621Toolbar" = iMesh MediaBar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/27/2009 4:56:41 PM | Computer Name = BASEMENT2 | Source = Application Error | ID = 1000
Description = Faulting application update_for_media_player_(kb972036).exe, version
0.0.0.0, faulting module update_for_media_player_(kb972036).exe, version 0.0.0.0,
fault address 0x00001b30.
Error - 11/28/2009 9:37:40 AM | Computer Name = BASEMENT2 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module esent(3)32.dll, version 0.0.0.0, fault address 0x0000ee15.
Error - 11/28/2009 3:31:55 PM | Computer Name = BASEMENT2 | Source = MsiInstaller | ID = 11706
Description = Product: SmartSound Quicktracks Plugin -- Error 1706.No valid source
could be found for product SmartSound Quicktracks Plugin. The Windows Installer
cannot continue.
Error - 11/29/2009 8:54:24 AM | Computer Name = BASEMENT2 | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.2180, faulting module
unknown, version 0.0.0.0, fault address 0x77124c05.
Error - 11/30/2009 6:56:27 PM | Computer Name = BASEMENT2 | Source = Avira AntiVir | ID = 4122
Description = Unable to load file <AVEvtLog>. Returned error code:
Error - 11/30/2009 7:29:50 PM | Computer Name = BASEMENT2 | Source = Application Error | ID = 1000
Description = Faulting application sysrestorepoint.exe, version 1.3.0.0, faulting
module kernel32.dll, version 5.1.2600.3541, fault address 0x00012a6b.
Error - 11/30/2009 7:30:17 PM | Computer Name = BASEMENT2 | Source = Application Error | ID = 1000
Description = Faulting application sysrestorepoint.exe, version 1.3.0.0, faulting
module kernel32.dll, version 5.1.2600.3541, fault address 0x00012a6b.
Error - 11/30/2009 11:34:33 PM | Computer Name = BASEMENT2 | Source = ESENT | ID = 490
Description = svchost (1120) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.log"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 12/1/2009 8:27:54 PM | Computer Name = BASEMENT2 | Source = ESENT | ID = 490
Description = svchost (1104) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.log"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 12/1/2009 8:28:54 PM | Computer Name = BASEMENT2 | Source = Application Error | ID = 1000
Description = Faulting application sysrestorepoint.exe, version 1.3.0.0, faulting
module kernel32.dll, version 5.1.2600.3541, fault address 0x00012a6b.
[ System Events ]
Error - 12/2/2009 10:26:20 PM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7034
Description = The PIXMA Extended Survey Program service terminated unexpectedly.
It has done this 1 time(s).
Error - 12/2/2009 11:16:15 PM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Acronis Scheduler2 Service
service to connect.
Error - 12/2/2009 11:16:15 PM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7000
Description = The Acronis Scheduler2 Service service failed to start due to the
following error: %%1053
Error - 12/2/2009 11:16:15 PM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PIXMA Extended Survey
Program service to connect.
Error - 12/2/2009 11:16:15 PM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7000
Description = The PIXMA Extended Survey Program service failed to start due to the
following error: %%1053
Error - 12/3/2009 8:45:13 AM | Computer Name = BASEMENT2 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.102 for the Network Card with network
address 0011D888A34D has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 12/3/2009 8:46:03 AM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Acronis Scheduler2 Service
service to connect.
Error - 12/3/2009 8:46:03 AM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7000
Description = The Acronis Scheduler2 Service service failed to start due to the
following error: %%1053
Error - 12/3/2009 8:46:03 AM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PIXMA Extended Survey
Program service to connect.
Error - 12/3/2009 8:46:03 AM | Computer Name = BASEMENT2 | Source = Service Control Manager | ID = 7000
Description = The PIXMA Extended Survey Program service failed to start due to the
following error: %%1053
< End of report >
Malwarebytes' Anti-Malware 1.41
Database version: 3283
Windows 5.1.2600 Service Pack 2
12/3/2009 7:26:39 PM
mbam-log-2009-12-03 (19-26-39).txt
Scan type: Quick Scan
Objects scanned: 117879
Time elapsed: 9 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
FYI:
Websites that are attempted to being opened: ( butchered to make them inefective)
http://media2.tmlatn...proved/404.html
http://www.registryd...11_html pop ups
http://www.fullsail...._campaign=GDBSO
http://cpvfeed.media....., and sit-ups.
http://cpvfeed.media.....k, l pull-ups
http://cpvfeed.media...g elite fitness
http://www.amazon.co.....alias=apparel
http://media2.tmlatn...proved/404.html
http://bridge1.admar...onducive/l=COND
http://www.dig4me.co...01.html?1499820