I ran a new george (combo fix) scan, I ran another MBAM scan and no malicious items were found (however I could not update MBAM because of a 732(0,) error), and I also ran an OTL scan.
Logs below:George scan logComboFix 10-01-29.09 - Owner 01/30/2010 11:16:29.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.703.356 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\george.exe.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FILE ::
"c:\docume~1\Owner\LOCALS~1\Temp\YPCXSY.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MRTRATE
-------\Legacy_YPCXSY
-------\Service_mrtRate
-------\Service_YPCXSY
((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-30 )))))))))))))))))))))))))))))))
.
2010-01-24 15:37 . 2010-01-24 15:37 -------- d-sh--w- c:\documents and settings\Administrator.MAIN.001\PrivacIE
2010-01-23 20:38 . 2010-01-23 20:39 -------- d-----w- c:\program files\ERUNT
2010-01-23 20:14 . 2010-01-23 20:14 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-23 14:03 . 2010-01-23 14:03 -------- d-----w- c:\documents and settings\Administrator.MAIN.000\PrivacIE
2010-01-23 13:58 . 2010-01-23 13:58 -------- d-----w- c:\documents and settings\Administrator.MAIN.000\Application Data\Malwarebytes
2010-01-23 13:58 . 2010-01-23 13:58 -------- d-----w- c:\documents and settings\Administrator.MAIN.000\IETldCache
2010-01-23 09:20 . 2010-01-30 17:32 919336 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-22 22:27 . 2010-01-22 22:27 -------- d-----w- c:\documents and settings\Administrator.MAIN\PrivacIE
2010-01-22 22:14 . 2010-01-22 22:14 -------- d-----w- c:\documents and settings\Administrator.MAIN\Application Data\Malwarebytes
2010-01-21 03:31 . 2010-01-21 03:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Tables
2010-01-21 03:27 . 2010-01-23 20:13 -------- d-----w- c:\program files\Common Files\Nikon
2010-01-21 03:27 . 2010-01-21 03:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Nikon
2010-01-21 03:27 . 2010-01-21 03:31 -------- d-----w- c:\program files\Nikon
2010-01-21 03:27 . 2010-01-21 03:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Ultima_T15
2010-01-21 03:27 . 2010-01-21 03:31 -------- d-----w- c:\documents and settings\All Users\Application Data\EnterNHelp
2010-01-21 03:27 . 2010-01-21 03:27 -------- d-----w- c:\documents and settings\All Users\Application Data\String Comparison
2010-01-21 03:25 . 2010-01-21 03:25 -------- d-----w- c:\program files\ArcSoft
2010-01-15 02:20 . 2010-01-15 02:20 -------- d-----w- c:\documents and settings\Owner\Application Data\McAfee
2010-01-13 07:48 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-28 04:40 . 2009-02-28 22:44 -------- d-----w- c:\documents and settings\Owner\Application Data\mIRC
2010-01-27 07:45 . 2004-01-27 12:53 -------- d-----w- c:\program files\Common Files\Java
2010-01-27 07:45 . 2004-01-27 12:53 -------- d-----w- c:\program files\Java
2010-01-24 01:15 . 2008-08-09 10:18 61224 ----a-w- c:\documents and settings\Owner\GoToAssistDownloadHelper.exe
2010-01-21 03:31 . 2010-01-21 03:31 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT
2010-01-21 03:27 . 2010-01-21 03:27 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2010-01-21 03:25 . 2004-01-27 13:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-15 06:41 . 2008-05-30 02:00 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-15 04:10 . 2005-01-18 02:33 -------- d-----w- c:\program files\LeapFTP1
2010-01-15 02:19 . 2009-11-07 10:34 -------- d-----w- c:\program files\McAfee
2010-01-15 02:19 . 2009-11-07 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-12 02:41 . 2008-08-11 22:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-10 01:38 . 2009-06-16 18:48 -------- d-----w- c:\documents and settings\Owner\Application Data\Move Networks
2010-01-09 05:11 . 2005-12-05 03:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Simple Star
2010-01-07 22:07 . 2009-11-14 20:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 22:07 . 2009-11-14 20:22 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 08:21 . 2004-08-26 10:19 -------- d-----w- c:\documents and settings\Owner\Application Data\Yahoo!
2010-01-02 06:23 . 2004-08-12 19:10 -------- d-----w- c:\program files\Yahoo!
2009-12-31 16:18 . 2007-04-25 15:29 -------- d-----w- c:\program files\WrapCandy70
2009-12-31 02:01 . 2009-12-31 01:52 -------- d-----w- c:\program files\CasinoBJ
2009-12-31 01:53 . 2009-12-31 01:53 -------- d-----w- c:\program files\GSPNA
2009-12-31 01:45 . 2009-12-31 01:45 -------- d-----w- c:\program files\Zoo
2009-12-30 02:10 . 2009-12-30 02:10 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-12-30 02:10 . 2009-12-30 02:10 -------- d-----w- c:\program files\Belkin
2009-12-21 19:14 . 2004-01-21 22:20 1208832 ----a-w- c:\windows\system32\urlmon(2)(2).dll
2009-12-21 19:14 . 2004-01-21 22:16 916480 ----a-w- c:\windows\system32\wininet(2)(2).dll
2009-12-21 19:14 . 2004-01-21 22:16 916480 ------w- c:\windows\system32\wininet.dll
2009-12-21 19:14 . 2009-03-08 10:32 1985536 ----a-w- c:\windows\system32\iertutil(2)(2).dll
2009-12-21 19:14 . 2009-03-08 10:39 11070464 ----a-w- c:\windows\system32\ieframe(2)(2).dll
2009-12-17 23:14 . 2009-11-11 16:04 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 22:44 . 2009-12-16 22:44 -------- d-----w- c:\program files\Common Files\Software Update Utility
2009-12-16 22:44 . 2009-12-16 22:44 -------- d-----w- c:\documents and settings\All Users\Application Data\AIM
2009-12-16 22:44 . 2009-12-16 22:43 -------- d-----w- c:\program files\AIM
2009-12-16 22:43 . 2004-10-12 10:12 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-12-15 23:58 . 2009-12-15 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Lexmark Z2300 Series
2009-12-10 09:32 . 2009-12-10 09:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2009-12-08 23:16 . 2009-11-23 20:30 17 ---ha-w- c:\documents and settings\Owner\Local Settings\Application Data\19720201.dat
2009-12-08 23:16 . 2009-11-23 20:30 -------- d-----w- c:\documents and settings\Owner\Application Data\www.EasyGiftSoftware.com
2009-12-08 23:15 . 2009-11-23 20:30 -------- d-----w- c:\documents and settings\All Users\Application Data\www.EasyGiftSoftware.com
2009-12-08 23:15 . 2009-11-23 20:30 -------- d-----w- c:\program files\www.EasyGiftSoftware.com
2009-12-07 12:23 . 2004-01-27 14:26 -------- d-----w- c:\program files\Easy Internet signup
2009-11-30 02:08 . 2009-11-15 03:58 38632 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-23 23:34 . 2004-09-10 09:15 54120 -c--a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-21 15:51 . 2004-02-03 19:11 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-07 17:01 . 2004-01-27 11:48 80795 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-07 16:58 . 2009-11-07 16:58 307200 ----a-w- c:\windows\PCHealth\HelpCtr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Presario\XPHNARP4EN\plugin\bin\pchnotify.exe
2005-10-12 13:48 . 2005-10-12 13:48 121 -c--a-w- c:\program files\new household arrangement.txt
2007-06-03 00:12 . 2007-06-03 00:12 10240 -csha-w- c:\windows\rnapxs\rnapxs.dat
2005-03-20 17:04 . 2005-03-20 16:04 0 -csha-w- c:\windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2004-01-27 13:39 . 2003-02-12 03:02 61440 c:\hp\KBD\bak\KBD.EXE
2004-01-27 13:39 . 2003-02-12 03:02 61440 c:\hp\KBD\kbd.exe
2006-03-30 22:45 . 2006-03-30 22:45 313472 c:\program files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe
2005-06-07 04:46 . 2005-06-07 04:46 57344 c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\bak\apdproxy.exe
2004-08-15 20:27 . 2003-07-03 20:31 45056 c:\program files\Brother\Brmfl03a\bak\BrStDvPt.exe
2003-08-19 16:01 . 2003-08-19 16:01 110592 c:\program files\Common Files\Sonic\Update Manager\bak\sgtray.exe
2003-08-19 16:01 . 2003-08-19 16:01 110592 c:\program files\Common Files\Sonic\Update Manager\sgtray.exe
2005-06-11 13:29 . 2002-11-26 20:30 153600 c:\program files\COMPAQ\Scroll Mouse\bak\gnetmous.exe
2004-01-27 13:35 . 2003-08-21 11:23 49152 c:\program files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\bak\hphupd05.exe
2004-01-27 13:35 . 2003-08-21 11:23 49152 c:\program files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
2007-11-15 19:11 . 2007-11-15 19:11 267048 c:\program files\iTunes\bak\iTunesHelper.exe
2009-10-29 02:21 . 2009-10-29 02:21 141600 c:\program files\iTunes\iTunesHelper.exe
2004-01-27 12:53 . 2004-01-27 12:53 32881 c:\program files\Java\j2re1.4.2_03\bin\bak\jusched.exe
2004-01-27 12:53 . 2004-01-27 12:53 32881 c:\program files\Java\j2re1.4.2_03\bin\jusched.exe
2005-12-20 19:35 . 2004-09-17 13:24 61440 c:\program files\Lexmark 7100 Series\bak\ezprint.exe
2004-12-06 17:53 . 2004-12-06 17:53 286720 c:\program files\Lexmark 7100 Series\bak\fm3032.exe
2005-12-20 19:33 . 2005-01-18 09:43 196608 c:\program files\Lexmark 7100 Series\bak\lxbxmon.exe
2003-10-29 16:17 . 2003-10-29 16:17 135168 c:\program files\Multimedia Card Reader\bak\shwicon2k.exe
2003-10-29 17:17 . 2003-10-29 17:17 135168 c:\program files\Multimedia Card Reader\shwicon2k.exe
2004-01-27 14:00 . 2004-09-23 00:20 53248 c:\program files\MUSICMATCH\MUSICMATCH Jukebox\bak\mmtask.exe
2004-01-27 14:00 . 2003-12-11 09:40 53248 c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
2004-05-13 11:38 . 2004-05-13 11:38 258114 c:\program files\NZSearch\bak\hcm.exe
2007-11-15 05:43 . 2007-11-15 05:43 286720 c:\program files\QuickTime\bak\bak\qttask.exe
2009-09-05 07:54 . 2009-09-05 07:54 417792 c:\program files\QuickTime\QTTask.exe
2007-11-15 05:43 . 2007-11-15 05:43 286720 c:\program files\QuickTime\bak\bak\qttask.exe
2002-08-12 15:07 . 2002-08-12 15:07 36864 c:\program files\Scansoft\PaperPort\bak\IndexSearch.exe
2002-08-12 14:33 . 2002-08-12 14:33 45108 c:\program files\Scansoft\PaperPort\bak\pptd40nt.exe
2007-05-23 22:17 . 2006-04-20 06:35 237568 c:\program files\Walgreens\Walgreens PhotoShow 4\data\Xtras\bak\mssysmgr.exe
2007-06-30 06:55 . 2007-06-07 20:08 4670968 c:\program files\Yahoo!\Messenger\bak\YAHOOM~1.EXE
2004-01-27 14:18 . 2003-11-04 00:50 221184 c:\windows\SMINST\bak\RECGUARD.EXE
2004-01-27 14:18 . 2003-11-04 00:50 221184 c:\windows\SMINST\Recguard.exe
2007-09-21 12:27 . 2008-03-20 15:15 183 c:\windows\system\bak\hpsysdrv.DAT
2004-08-12 18:52 . 2010-01-30 17:35 246 c:\windows\system\hpsysdrv.dat
2004-01-27 12:57 . 1998-05-08 00:04 52736 c:\windows\system\bak\hpsysdrv.exe
2004-01-27 12:57 . 1998-05-08 00:04 52736 c:\windows\system\hpsysdrv.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" [N/A]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LTMSG"="LTMSG.exe 7" [X]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"HPHUPD05"="c:\program files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 49152]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-08-21 483328]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-12 61440]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-01-27 151597]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2003-11-04 221184]
"VTTimer"="VTTimer.exe" [N/A]
"PS2"="c:\windows\system32\ps2.exe" [2003-09-13 98304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-10-29 135168]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-08 1176808]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"lxdpmon.exe"="c:\program files\Lexmark Z2300 Series\lxdpmon.exe" [2007-12-07 656040]
"lxdpamon"="c:\program files\Lexmark Z2300 Series\lxdpamon.exe" [2007-12-07 16040]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"F5D7050v3"="c:\program files\Belkin\F5D7050v3\Belkinwcui.exe" [2007-10-31 1654784]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
c:\documents and settings\Owner\Start Menu\Programs\Startup\
Eyetide Launcher.lnk - c:\program files\Eyetide Media\Eyetide Viewer\EyetideController.exe [2004-10-22 827392]
spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSub.exe [2004-1-28 557056]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2004-10-12 36953]
Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMremind.exe [2009-11-11 331776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]
Quicken Scheduled Updates.lnk - c:\program files\Quicken\bagent.exe [2003-7-30 57344]
SmartUI.lnk - c:\program files\Scansoft\PaperPort\SmartUI\SmartUI.exe [2003-2-3 1568768]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe"=
"c:\\WINDOWS\\system32\\lxdpcoms.exe"=
"c:\\Program Files\\Lexmark Z2300 Series\\lxdpmon.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdppswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdptime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdpjswx.exe"=
"c:\\Program Files\\Lexmark Z2300 Series\\Diagnostics\\LXDPdiag.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
R0 MFX;MFX; [x]
R2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe -service --> c:\windows\system32\lxdpcoms.exe -service [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [11/7/2009 4:39 AM 93320]
S2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdpserv.exe [7/1/2009 2:18 PM 98984]
.
Contents of the 'Scheduled Tasks' folder
2010-01-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
2010-01-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-11-07 18:22]
2010-01-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-11-07 18:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Search_URL = hxxp://srch-qus10.hpwis.com/
mSearch Bar = hxxp://srch-qus10.hpwis.com/
uInternet Settings,ProxyOverride = localhost;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
LSP: SpSubLSP.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: west.com
Trusted Zone: westathome.com
Trusted Zone: westathome.net
Trusted Zone: workathomeagent.net
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-30 11:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\windows\system32\drivers\mfx.sys 51472 bytes executable
C:\SYZ_DAT
scan completed successfully
hidden files: 2
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\COMRes.dll
- - - - - - - > 'lsass.exe'(804)
c:\windows\system32\SpSubLSP.dll
- - - - - - - > 'explorer.exe'(3276)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\ieframe.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxdpcoms.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\McAfee\MSK\MskSrver.exe
c:\windows\system32\nvsvc32.exe
c:\progra~1\mcafee.com\agent\mcagent.exe
c:\windows\system32\wscntfy.exe
c:\windows\LTMSG.exe
c:\windows\system32\rundll32.exe
c:\windows\ALCXMNTR.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Lexmark Z2300 Series\lxdpMsdMon.exe
c:\program files\iPod\bin\iPodService.exe
c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2010-01-30 11:51:00 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-30 17:50
ComboFix2.txt 2010-01-27 08:21
Pre-Run: 11,130,429,440 bytes free
Post-Run: 11,068,256,256 bytes free
- - End Of File - - C6391555C78D65E7A62ACEC5E783F6F2
--------------------------------
OTL logOTL logfile created on: 1/30/2010 12:31:10 PM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
703.00 Mb Total Physical Memory | 251.00 Mb Available Physical Memory | 36.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 1056 2112 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.31 Gb Total Space | 10.33 Gb Free Space | 14.69% Space Free | Partition Type: NTFS
Drive D: | 4.20 Gb Total Space | 0.60 Gb Free Space | 14.26% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 263.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MAIN
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/01/30 12:29:21 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009/12/17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/10 15:39:26 | 000,079,160 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
PRC - [2009/10/29 06:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/28 20:21:26 | 000,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 000,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/02 13:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/09/17 14:29:04 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/09/16 10:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/02/23 07:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/07 04:17:00 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark Z2300 Series\lxdpmsdmon.exe
PRC - [2007/12/01 01:16:54 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdpcoms.exe
PRC - [2007/10/30 22:37:22 | 001,654,784 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
PRC - [2006/10/22 12:22:00 | 000,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004/09/07 13:47:52 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
PRC - [2003/10/29 11:17:30 | 000,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/09/16 14:19:24 | 000,237,568 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/08/21 05:15:48 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/07/14 19:52:44 | 000,040,960 | ---- | M] (Agere Systems) -- C:\WINDOWS\ltmsg.exe
PRC - [2003/07/07 18:50:08 | 000,557,056 | ---- | M] (interMute, Inc.) -- C:\Program Files\interMute\SpamSubtract\SpamSub.exe
PRC - [2003/02/11 21:02:48 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe
PRC - [2003/02/03 10:29:12 | 001,568,768 | ---- | M] (Scansoft, Inc.) -- C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
PRC - [2002/09/10 21:26:26 | 000,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
PRC - [1998/05/07 18:04:38 | 000,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system\hpsysdrv.exe
========== Modules (SafeList) ========== MOD - [2010/01/30 12:29:21 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2006/10/22 12:22:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2006/10/22 12:22:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
========== Win32 Services (SafeList) ========== SRV - [2009/12/17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/28 20:21:14 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/02 13:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/09/17 14:29:04 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/09/16 11:23:32 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 10:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/08 20:22:22 | 000,068,112 | ---- | M] (McAfee) [On_Demand | Stopped] -- C:\Program Files\McAfee\MBK\MBackMonitor.exe -- (MBackMonitor)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2007/12/01 01:16:54 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdpcoms.exe -- (lxdp_device)
SRV - [2007/12/01 01:16:47 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdpserv.exe -- (lxdpCATSCustConnectService)
SRV - [2006/10/22 12:22:00 | 000,159,810 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-qus10.hpwis.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/01/22 12:03:56 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010/01/30 11:34:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AlcxMonitor] C:\WINDOWS\ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\WINDOWS\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\kbd.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LTMSG] C:\WINDOWS\ltmsg.exe (Agere Systems)
O4 - HKLM..\Run: [lxdpamon] C:\Program Files\Lexmark Z2300 Series\lxdpamon.exe ()
O4 - HKLM..\Run: [lxdpmon.exe] C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe ()
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [VTTimer] File not found
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RecordNow!] File not found
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\pmremind.exe (Broderbund Properties LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SmartUI.lnk = C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe (Scansoft, Inc.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Eyetide Launcher.lnk = C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe (interMute, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: west.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: westathome.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: westathome.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: workathomeagent.net ([]* in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1257591609875 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/27 05:48:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/11/07 02:35:13 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891835792228352)
========== Files/Folders - Created Within 14 Days ========== [2010/01/30 12:29:17 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/01/30 11:14:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/01/30 11:14:59 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/01/30 11:14:59 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/01/30 11:14:59 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/01/27 01:57:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/01/27 01:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/23 14:40:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/23 14:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/23 14:21:57 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/01/20 21:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tables
[2010/01/20 21:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2010/01/20 21:27:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2010/01/20 21:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2010/01/20 21:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/01/20 21:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\String Comparison
[2010/01/20 21:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/01/20 21:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2009/12/10 03:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2009/11/11 10:13:58 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDPhcp.dll
[2009/11/11 10:13:58 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpinpa.dll
[2009/11/11 10:13:58 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpiesc.dll
[2009/11/11 10:13:57 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpserv.dll
[2009/11/11 10:13:57 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpusb1.dll
[2009/11/11 10:13:56 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdppmui.dll
[2009/11/11 10:13:56 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdplmpm.dll
[2009/11/11 10:13:56 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpprox.dll
[2009/11/11 10:13:54 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdphbn3.dll
[2009/11/11 10:13:52 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpcomc.dll
[2009/11/11 10:13:52 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpcomm.dll
[2009/11/07 14:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2007/12/13 19:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/09/17 10:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2006/09/17 10:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2005/03/19 09:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Motive
[2004/01/27 05:51:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2004/01/27 05:51:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2004/01/27 05:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/01/27 05:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[1 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2010/01/30 12:29:21 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/01/30 11:56:45 | 000,022,427 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/01/30 11:35:49 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/30 11:35:43 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/01/30 11:35:12 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/30 11:34:56 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/01/30 11:34:51 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/30 11:34:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/30 11:34:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/30 11:34:32 | 737,595,392 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/30 11:32:31 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/01/30 11:14:16 | 003,840,721 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\george.exe.exe
[2010/01/30 09:55:41 | 000,163,328 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WAHA Time Sheet.xls
[2010/01/26 23:55:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/23 22:45:05 | 003,213,747 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\AutoRuns.arn
[2010/01/23 19:15:29 | 000,061,224 | ---- | M] () -- C:\Documents and Settings\Owner\GoToAssistDownloadHelper.exe
[2010/01/23 14:54:29 | 000,015,507 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MVTHealthCheck_Deviation.html
[2010/01/23 14:39:01 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/01/23 14:39:01 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/01/23 14:21:58 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/01/23 03:03:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/22 19:56:03 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/20 21:31:03 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\Console
[2010/01/20 21:31:03 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\Owner\Application Data\Components
[2010/01/20 21:31:02 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/01/20 21:27:05 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\Conditionals
[2010/01/20 21:27:05 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\Owner\Application Data\Commands
[2010/01/20 21:27:05 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/01/19 17:59:55 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[1 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/01/30 11:14:59 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/01/30 11:14:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/01/30 11:14:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/01/30 11:14:59 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/01/30 11:14:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/01/27 01:56:02 | 003,840,721 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\george.exe.exe
[2010/01/24 09:41:05 | 737,595,392 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/23 22:44:46 | 003,213,747 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\AutoRuns.arn
[2010/01/23 14:54:29 | 000,015,507 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MVTHealthCheck_Deviation.html
[2010/01/23 14:39:01 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/01/23 14:39:01 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/01/23 03:20:13 | 000,919,336 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/20 21:31:03 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Console
[2010/01/20 21:31:03 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Application Data\Components
[2010/01/20 21:31:02 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/01/20 21:27:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Conditionals
[2010/01/20 21:27:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Application Data\Commands
[2010/01/20 21:27:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/01/20 09:05:22 | 005,767,168 | ---- | C] () -- C:\Documents and Settings\Owner\ntuser.dat
[2009/12/30 19:57:19 | 000,000,145 | ---- | C] () -- C:\WINDOWS\XWords2.INI
[2009/12/29 20:10:32 | 000,005,224 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2009/11/23 14:30:41 | 000,000,032 | -H-- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\art.udk
[2009/11/23 14:30:41 | 000,000,017 | -H-- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\19720201.dat
[2009/11/11 10:14:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdprwrd.ini
[2009/11/11 10:13:58 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDPinst.dll
[2009/11/11 10:13:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdpgrd.dll
[2009/11/07 04:00:15 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/11/07 04:00:15 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/07/01 14:18:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdpvs.dll
[2009/07/01 14:18:12 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdpcoin.dll
[2008/08/08 23:45:37 | 000,019,042 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\vecezovexu.dll
[2008/08/08 23:45:37 | 000,016,665 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\etozuf._sy
[2008/08/08 23:45:37 | 000,016,426 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\adisov.ban
[2008/08/08 23:04:00 | 000,017,088 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\jyduxuh.sys
[2008/08/08 23:03:59 | 000,013,369 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\otib._sy
[2008/01/09 14:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/06/07 08:32:12 | 000,003,982 | ---- | C] () -- C:\WINDOWS\kj01d.sys
[2007/06/07 08:11:28 | 000,000,241 | ---- | C] () -- C:\WINDOWS\z56k2.ini
[2007/05/23 16:18:23 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\photoshow_express_setup.txt
[2007/02/16 20:20:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/15 06:19:19 | 000,000,173 | ---- | C] () -- C:\WINDOWS\ConnMgr.ini
[2006/09/14 19:37:38 | 000,000,079 | ---- | C] () -- C:\WINDOWS\office.ini
[2006/09/14 18:50:31 | 000,000,239 | ---- | C] () -- C:\WINDOWS\tb89r.ini
[2006/04/20 20:35:06 | 000,004,247 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/01/21 13:00:21 | 000,000,078 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2006/01/21 13:00:19 | 000,000,368 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2005/12/29 10:38:57 | 000,000,035 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2005/12/20 13:43:51 | 000,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2005/10/18 23:45:58 | 000,000,427 | ---- | C] () -- C:\WINDOWS\COOK'N5.INI
[2005/10/16 15:37:06 | 000,000,094 | ---- | C] () -- C:\WINDOWS\Cook'n99.ini
[2005/10/12 07:48:54 | 000,000,121 | ---- | C] () -- C:\Program Files\new household arrangement.txt
[2005/06/18 15:19:44 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/12/10 05:28:41 | 000,000,073 | ---- | C] () -- C:\WINDOWS\webica.ini
[2004/10/24 06:09:19 | 000,169,808 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\shb.dat
[2004/08/15 14:35:39 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2004/08/15 14:35:38 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2004/08/15 14:29:16 | 000,002,189 | ---- | C] () -- C:\WINDOWS\BRMFBIDI.INI
[2004/08/15 14:28:06 | 000,000,645 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini
[2004/08/15 14:28:06 | 000,000,463 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2004/08/15 14:28:06 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2004/08/15 14:25:05 | 000,000,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2004/08/14 22:59:40 | 000,006,580 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/08/14 06:23:16 | 000,000,074 | ---- | C] () -- C:\WINDOWS\ImportClient.ini
[2004/08/13 05:45:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/01/28 02:41:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/28 02:29:45 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2004/01/28 01:57:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/01/28 01:57:29 | 000,000,451 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/01/27 08:34:23 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/01/27 08:34:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/01/27 08:34:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/01/27 08:33:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2004/01/27 08:32:01 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/01/27 08:26:56 | 000,029,216 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/01/27 08:26:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2004/01/27 08:26:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/27 08:13:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/01/27 08:07:37 | 000,000,907 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/01/27 07:23:17 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2004/01/27 07:16:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/27 07:09:01 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2004/01/27 06:49:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/01/27 06:40:50 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/27 06:40:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/27 06:40:36 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/27 05:52:57 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/27 04:41:25 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/09/23 02:19:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/05/13 13:41:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\cdlock.dll
[2003/03/07 00:53:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\hpnvr82.dll
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ========== [2005/12/20 13:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7100Series
[2009/12/16 16:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2008/12/11 13:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2008/08/09 13:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2004/08/14 04:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2004/08/14 04:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/11/08 21:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/01/20 21:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2007/06/02 18:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2009/01/31 17:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2009/12/15 17:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark Z2300 Series
[2009/08/25 08:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/12/18 14:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewSoft
[2010/01/20 21:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2005/10/16 14:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2004/08/16 02:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/01/20 21:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\String Comparison
[2005/10/16 12:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUIIMAGE
[2010/01/20 21:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tables
[2010/01/15 00:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/20 21:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/08/14 04:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/08 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\www.EasyGiftSoftware.com
[2009/11/14 21:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2005/08/21 23:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\3M
[2007/02/20 12:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\7100Series
[2007/06/07 06:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore
[2007/06/07 07:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Aim
[2009/10/07 08:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Amazon
[2007/06/02 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\F-Secure
[2004/12/10 05:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ICAClient
[2004/01/28 02:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2004/10/14 18:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2007/06/02 20:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ispnews
[2005/03/18 02:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2004/09/06 07:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2005/10/16 14:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nova Development
[2009/01/24 15:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Pogo Games
[2004/08/16 02:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PPIMAGES
[2004/01/27 08:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2009/07/02 01:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SierraHome
[2010/01/08 23:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Simple Star
[2008/08/20 21:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2006/12/31 09:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2007/06/07 06:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2009/02/22 02:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Walgreens
[2009/12/08 17:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\www.EasyGiftSoftware.com
[2010/01/15 01:26:16 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/01/01 01:00:58 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2006/08/29 12:54:45 | 013,016,383 | ---- | M] (MyWrapper, Inc. ) -- C:\MyWrapperPlatinumSetup.exe
[2008/08/09 05:15:57 | 063,425,247 | ---- | M] (McAfee, Inc.) -- C:\sdat5357.exe
< MD5 for: AGP440.SYS >[2008/08/14 15:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:AGP440.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/11/07 10:36:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009/11/07 10:36:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >[2008/08/14 15:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys
[2003/09/24 12:46:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/11/07 10:36:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2003/09/24 05:46:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009/11/07 10:36:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003/09/23 15:20:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtUninstallQ331958$\atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP237.tmp\ZAP237.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP312.tmp\ZAP312.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31B.tmp\ZAP31B.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP345.tmp\ZAP345.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36B.tmp\ZAP36B.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3ED.tmp\ZAP3ED.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47.tmp\ZAP47.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Debug\UserMode\UserMode] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ftpcache\ftpcache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Help\SBSI\Training\WXPPer\Cbz\Cbz] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Help\SBSI\Training\WXPPer\Lib\Lib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Help\SBSI\Training\WXPPer\Wave\Wave] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\chsime\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\CHTIME\Applets\Applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp98\imejp98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imjp8_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\dicts\dicts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\shared\res\res] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msapps\msinfo\msinfo] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\mui\mui] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\ERRORREP\QHEADLES\QHEADLES] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\ERRORREP\QSIGNOFF\QSIGNOFF] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\HelpCtr\BATCH\BATCH] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\HelpCtr\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\HelpCtr\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\HelpCtr\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\HelpCtr\System\DFS\DFS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHealth\HelpCtr\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PIF\PIF] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\setup.pss\setup.pss] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\355f788b6de8a3ec79e9aa172e6317f1\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\c9057d3faf4a326a2fefff7bde9fec31\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\cadf7c8240793a561791dc3bd3e91a5e\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SxsCaPendDel\SxsCaPendDel] -> \Device\__max++>\^ -> Mount Point
========== Alternate Data Streams ========== @Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07348C09
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A73EAFFB
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
And the Extras log from the OTLOTL Extras logfile created on: 1/30/2010 12:31:10 PM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
703.00 Mb Total Physical Memory | 251.00 Mb Available Physical Memory | 36.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 1056 2112 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.31 Gb Total Space | 10.33 Gb Free Space | 14.69% Space Free | Partition Type: NTFS
Drive D: | 4.20 Gb Total Space | 0.60 Gb Free Space | 14.26% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 263.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MAIN
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\WINDOWS\system32\lxdpcoms.exe" = C:\WINDOWS\system32\lxdpcoms.exe:*:Enabled:Z2300 Series Server -- ( )
"C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe" = C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdppswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdppswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdptime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdptime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdpjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdpjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\Lexmark Z2300 Series\Diagnostics\LXDPdiag.exe" = C:\Program Files\Lexmark Z2300 Series\Diagnostics\LXDPdiag.exe:*:Enabled: -- ()
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0613467F-A45E-4CB1-9ECE-1F3DD79FB927}" = Easy Internet Sign-up
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0861E87B-24D7-4E7C-B11B-54F86E5C5199}" = hpg8200
"{092eeeee-9fdd-4895-a568-0818c96beb6c}" = AiO_Scan
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{14B4E017-ACDF-4DB0-9D94-8988F5F0145A}" = hpg4600
"{152D98A0-1A4A-11DE-72AE-0C3234F92CD6}" = Baseball Mogul 2010 patch to 12.12
"{15B9DC72-73F9-4d99-9E28-848D66DA8D99}" = HP Photo & Imaging 3.5 - HP Devices
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{20CF99FC-2CE7-4AA4-966E-A4B11C0662B4}" = hpg3970
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 18
"{29B39FB2-5ADF-4F94-BC82-13942871DD0D}" = CameraDrivers
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2A304FDE-F4E3-446D-AA0D-31425C897B71}" = PrintMaster 12
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{31C2F32D-C5DD-4583-8181-B48591CA231C}" = RapidPlayer v5.0 ActiveX Control
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{483616D1-867E-46F8-BEC7-3C6475933908}" = Adobe Photoshop Album Starter Edition
"{49FA793C-785E-47E9-93DF-BD442B0B45D1}" = McAfee Virtual Technician
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"{54e854d5-d5d4-452d-9c75-b39f5625b5fb}" = Readme
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{60758250-C8CF-47EB-8CB6-E0C3B84D8207}" = PSShortcutsP
"{6661C844-F72D-44ED-823A-24862F2D1650}" = Print Artist Craft & Party Maker
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" =
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92B736B0-18EB-11DE-72AE-03391B6A2CD6}" = Baseball Mogul 2010
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = RecordNow!
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9F4EEA0C-7174-4BD3-89AF-7AB2F9F6AEDD}" = hpmdtab
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{AD17BC8E-4A5D-4E59-8640-10DF36E9EB75}" = hpg5530
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{bb6cac2a-1fa0-471a-bc3c-ade699c39f3c}" = Fax
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BE66348A-E83F-4982-941F-DFF2F742B851}" = Microsoft Office Live Meeting 2007
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c330461f-c4a9-4fc7-af5d-c158e0b56aa7}" = AiOSoftware
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{ec7d7a6a-31cb-4810-826f-74171bef44f1}" = AIOMinimal
"{ED869D8B-6C7E-44C7-9F2F-BD5436849C61}" = hpg2436
"{EF9967D8-1999-4260-ACC2-86901AA36650}" = Multimedia Card Reader
"{F126B3FA-EC90-4065-A71A-F99FD5AB2A2A}" = Crossword Puzzle Addict
"{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
"{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}" = HP PSC & OfficeJet 3.0
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"05E21449-3BA3-42BF-BBDA-95205F4EA40A" = Polar Bowler from Compaq (remove only)
"26DC0ED6-93A7-43C1-8DC5-EC16079580F9" = Orbital from Compaq (remove only)
"29FF6D07-4A15-41F1-9D5E-E0F3A58012C6" = Bounce Symphony from Compaq (remove only)
"2FDCC229-354D-4279-ABEF-CE17E355BFFA" = Five Card Frenzy from Compaq (remove only)
"75528D5F-DD82-402E-BA7C-045B7DC6A712" = Blasterball 2 from Compaq (remove only)
"8A225900-C06D-41DD-B66C-43840D472758" = Otto from Compaq (remove only)
"8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E" = Slyder from Compaq (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_7" = AIM 7
"Alphabet Names" = Alphabet Names
"BackWeb-1940576 Uninstaller" = Compaq Connections
"BroadJump Client Foundation" = BroadJump Client Foundation
"C679AA5F-C2C8-4EA8-9CD1-504A39AEC264" = Excavation from Compaq (remove only)
"Casino Poker" = Casino Poker
"CasinoBJ" = CasinoBJ
"CoffeeCup PixConverter" = CoffeeCup PixConverter
"Compaq Instant Support" = Compaq Instant Support
"ERUNT_is1" = ERUNT 1.1j
"F07504C6-20C5-4BFE-83A0-523FB2455E72" = Blackhawk Striker from Compaq (remove only)
"FA7F5211-C629-4711-BD82-7DFFB08CB518" = Overball from Compaq (remove only)
"Horoscopes" = Horoscopes
"HP Photo & Imaging" = HP Image Zone 3.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{0613467F-A45E-4CB1-9ECE-1F3DD79FB927}" = Easy Internet Sign-up
"InstallShield_{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"InstallShield_{EF9967D8-1999-4260-ACC2-86901AA36650}" = Multimedia Card Reader
"Lexmark Z2300 Series" = Lexmark Z2300 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Driver" = NVIDIA Display Driver
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Ethernet Driver" = NVIDIA Ethernet Driver
"NVIDIA GART Driver" = NVIDIA GART Driver
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 6.0" = RealOne Player
"Shockwave" = Shockwave
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpamSubtract" = SpamSubtract
"TextTwist Deluxe" = TextTwist Deluxe
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Companion
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bce6e03966db8ddc" = WAH Assistant - 1
"f7f9cabe8c290ac7" = West At Home Gateway V2 - 1
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 12/21/2009 2:19:11 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 9:56:35 AM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 9:56:48 AM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 1:58:55 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 1:59:10 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 1:59:30 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 2:00:02 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/22/2009 4:35:27 PM | Computer Name = MAIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 wrapcandyprofessional.exe, P2 7.3.3065.32149,
P3 4836e80a, P4 system.windows.forms, P5 2.0.0.0, P6 4889dee7, P7 1521, P8 17,
P9 system.invalidoperationexception, P10 NIL.
Error - 12/23/2009 2:51:13 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
Error - 12/23/2009 11:11:41 PM | Computer Name = MAIN | Source = nview_info | ID = 11141121
Description =
[ System Events ]
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7031
Description = The McAfee Proxy Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7031
Description = The McAfee Services service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7031
Description = The McAfee Network Agent service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7034
Description = The lxdp_device service terminated unexpectedly. It has done this
1 time(s).
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s).
Error - 1/30/2010 1:16:26 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 1/30/2010 1:35:34 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the lxdpCATSCustConnectService
service to connect.
Error - 1/30/2010 1:35:34 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The lxdpCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/30/2010 1:35:34 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2
< End of report >