Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

locked out


  • Please log in to reply

#1
techk1957

techk1957

    New Member

  • Member
  • Pip
  • 4 posts
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-28 22:29:36
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kwnyapoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----
OTL logfile created on: 1/28/2010 10:30:00 PM - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 249.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 62.02 Gb Free Space | 83.23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-47AC4EBAAE
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/28 22:22:41 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2010/01/15 21:09:37 | 00,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/11 13:13:38 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgtray.exe
PRC - [2009/12/01 19:33:30 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
PRC - [2009/12/01 19:33:30 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
PRC - [2009/12/01 19:33:29 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe
PRC - [2009/12/01 19:33:29 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/12/01 19:33:29 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/25 19:05:45 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2009/02/03 07:15:18 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 14:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2003/07/28 14:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2003/02/07 00:03:00 | 00,114,741 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\dla\tfswctrl.exe


========== Modules (SafeList) ==========

MOD - [2010/01/28 22:22:41 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (RoxLiveShare10)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - [2009/12/01 19:33:29 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/12/01 19:33:29 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/02/25 19:05:45 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/09 14:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/01/17 10:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2004/10/27 19:14:19 | 00,000,000 | ---D | M] [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc -- (MSDTC)
SRV - [2003/07/28 14:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 68 5F 5A E6 9C CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.0.20090922023629
FF - prefs.js..keyword.URL: "http://search.yahoo....-8&fr=ytff-&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/25 05:18:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/25 05:17:09 | 00,000,000 | ---D | M]

[2010/01/25 05:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2009/10/09 20:09:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2009/02/26 03:36:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions
[2009/10/20 05:32:30 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/01/28 14:08:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\auchbgz8.default\extensions
[2010/01/25 05:21:16 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\auchbgz8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/25 05:17:09 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/01/27 07:22:10 | 00,000,141 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\System32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\PPE.EXE (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe File not found
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme [2004/10/27 19:13:37 | 00,000,000 | ---D | M]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SeparateProcess = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 72 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1236345841453 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer....r_installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.55.5.10 209.55.5.11
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/27 19:20:25 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/10/27 19:19:21 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 14 Days ==========

[2010/01/27 06:33:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Desktopicon
[2010/01/27 06:33:39 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/01/26 13:00:28 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/26 13:00:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/01/26 12:34:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/01/26 11:19:05 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/01/26 11:17:27 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/01/26 11:16:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/01/26 11:15:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Apple
[2010/01/26 11:14:39 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/01/26 11:14:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/01/26 07:26:51 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2010/01/26 07:07:08 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2010/01/26 07:05:20 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/01/26 07:05:20 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/01/26 07:05:20 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/01/26 07:05:20 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/01/26 07:05:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/26 06:58:43 | 00,000,000 | ---D | C] -- C:\MGtools
[2010/01/26 06:50:59 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/26 06:38:58 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/01/25 05:17:08 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/01/24 23:41:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\New Folder
[2010/01/24 19:34:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2010/01/24 18:46:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Deployment
[2010/01/24 14:19:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/01/24 05:00:47 | 00,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/01/22 19:01:01 | 00,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2009/12/01 19:33:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/01 19:19:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/01 19:19:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/01 19:19:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/10/21 02:22:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2009/02/27 05:26:00 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/28 18:53:45 | 54,807,538 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/27 07:25:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/27 07:23:53 | 08,912,896 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/01/27 07:23:53 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/01/27 07:23:37 | 04,298,028 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/01/27 07:22:10 | 00,000,141 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/26 23:37:12 | 00,002,404 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/26 23:37:08 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/01/26 13:08:12 | 00,372,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100127-072210.backup
[2010/01/26 12:43:36 | 00,000,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer Troubleshooting.url
[2010/01/26 12:24:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/26 11:22:34 | 00,052,540 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/26 11:15:27 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/26 07:30:16 | 00,075,680 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/26 07:16:06 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/26 07:15:35 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100126-130812.backup
[2010/01/26 07:07:18 | 00,000,268 | RHS- | M] () -- C:\boot.ini
[2010/01/26 07:00:09 | 00,097,983 | ---- | M] () -- C:\MGlogs.zip
[2010/01/26 07:00:00 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/25 06:10:03 | 00,262,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/25 05:56:48 | 03,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb
[2010/01/25 05:17:14 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/25 00:15:28 | 00,000,805 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/25 00:15:28 | 00,000,197 | ---- | M] () -- C:\Boot.bak
[2010/01/24 23:33:19 | 00,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2010/01/24 07:03:15 | 00,372,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100124-101438.backup
[2010/01/23 05:12:18 | 00,000,194 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100124-070315.backup
[2010/01/23 03:33:16 | 00,372,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100123-051218.backup
[2010/01/23 03:16:50 | 00,000,194 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100123-033316.backup
[2010/01/22 20:36:30 | 00,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag.lnk
[2010/01/22 19:00:08 | 00,000,855 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to pagedfrg.lnk
[2010/01/21 04:50:43 | 00,000,255 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100123-031650.backup
[2010/01/21 04:50:42 | 00,000,293 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100121-045043.backup
[2010/01/19 17:09:41 | 00,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/26 12:43:36 | 00,000,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer Troubleshooting.url
[2010/01/26 11:22:34 | 00,052,540 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/26 11:19:43 | 00,002,187 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/01/26 11:15:27 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/26 07:07:18 | 00,000,197 | ---- | C] () -- C:\Boot.bak
[2010/01/26 07:07:15 | 00,260,272 | ---- | C] () -- C:\cmldr
[2010/01/26 07:05:20 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/01/26 07:05:20 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/01/26 07:05:20 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/01/26 07:05:20 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/01/26 07:05:20 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/01/26 06:58:46 | 00,097,983 | ---- | C] () -- C:\MGlogs.zip
[2010/01/25 05:17:14 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/24 14:06:58 | 03,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb
[2010/01/22 20:36:30 | 00,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag.lnk
[2010/01/22 19:00:08 | 00,000,855 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to pagedfrg.lnk
[2010/01/06 00:28:43 | 00,000,110 | ---- | C] () -- C:\WINDOWS\GMouse.ini
[2009/12/16 03:39:31 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sysReserve.ini
[2009/12/01 16:29:36 | 00,080,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\1H4WA4045.sys
[2009/10/21 02:39:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\rx_image.Cache
[2009/10/20 22:14:34 | 00,001,686 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\QuickZip45.ini
[2009/10/18 19:59:26 | 00,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/10/04 17:43:20 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2009/04/06 04:26:38 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2009/03/14 20:35:25 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2009/02/28 22:53:02 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Smiley.ico
[2009/02/28 05:47:15 | 00,000,516 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/02/27 05:26:20 | 00,000,034 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.log
[2009/02/27 05:26:00 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2009/02/27 05:26:00 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2009/02/27 05:20:17 | 00,007,680 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/26 08:18:13 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2009/02/26 08:18:13 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\Mamc32d.dll
[2009/02/26 08:18:13 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2009/02/26 08:18:13 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2009/02/26 08:18:12 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2009/02/26 08:18:12 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[2009/02/26 05:47:38 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/25 19:05:59 | 00,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2009/02/25 19:05:59 | 00,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2009/02/25 19:04:57 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2007/08/20 21:22:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 13:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/10/28 11:47:17 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/27 18:53:07 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/10/27 18:53:07 | 00,000,441 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/09/17 17:37:42 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/03/18 06:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2002/05/24 00:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 00:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2001/12/26 15:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/11/07 22:18:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3DVIA
[2009/03/26 00:38:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/10/04 18:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
[2009/11/05 18:57:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/03/14 20:33:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009/10/21 02:08:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/02/26 03:31:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2010/01/06 09:11:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/02 01:09:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2009/12/01 11:36:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2009/11/14 17:43:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Blitware
[2010/01/27 06:33:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Desktopicon
[2010/01/06 02:53:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire
[2010/01/06 09:25:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GlarySoft
[2009/10/26 00:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ImgBurn
[2009/10/03 10:40:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2009/10/18 04:22:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IObit
[2009/02/28 06:04:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2009/11/25 03:24:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2009/02/25 19:05:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2010/01/06 09:27:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Search Settings
[2009/08/31 17:07:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StarBurn
[2009/10/20 04:25:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2009/02/28 05:55:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VERITAS
[2009/12/18 01:06:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/10 13:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/02/26 02:13:22 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/10 13:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2009/02/26 02:13:22 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\System32\drivers\agp440.sys
[2004/08/04 07:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 13:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/02/26 02:13:22 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/10 13:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2009/02/26 02:13:22 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\MGtools\temp\SPF\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/08/04 06:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\MGtools\temp\NTSPU\atapi.sys
[2004/08/04 06:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 13:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/10 13:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 18:11:51 | 01,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
OTL Extras logfile created on: 1/28/2010 10:30:00 PM - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 249.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 62.02 Gb Free Space | 83.23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-47AC4EBAAE
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AMERIC~1.0A -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe" = C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe:*:Enabled:Adobe Reader 6.0 -- (Adobe Systems Incorporated)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15D9EB74-998E-4A04-B468-51C2E7B32182}" = Microsoft Picture It! Publishing 2001
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}" = Pinnacle PCI Performance Enhancer
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = MyDVD
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8855FF30-19CE-4CB1-A654-87B38369CCE1}" = Sonic RecordNow DX
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258h
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C359507C-30B1-48A6-BD9B-C7B1CC3B06D7}" = SweetIM for Messenger 2.6
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AVG8Uninstall" = AVG Free 8.5
"BitTorrent" = BitTorrent
"DVD43_is1" = DVD43 v3.5.2
"eBay Icon" = eBay Icon
"Free Window Registry Repair" = Free Window Registry Repair
"FrostWire" = FrostWire 4.18.4
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImgBurn" = ImgBurn
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Drivers" = NVIDIA Drivers
"Pinnacle Studio LINX" = Pinnacle Studio LINX
"PokerStars" = PokerStars
"S3" = VIA/S3G Display Driver
"Smart Defrag_is1" = Smart Defrag
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SystemRequirementsLab" = System Requirements Lab
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.2c
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/20/2009 1:11:12 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 11316
Description = Product: SmartSound Quicktracks Plugin -- Error 1316.A network error
occurred while attempting to read from the file C:\WINDOWS\Installer\SmartSound
Quicktracks Plugin.msi

Error - 10/21/2009 10:32:39 AM | Computer Name = YOUR-47AC4EBAAE | Source = Application Error | ID = 1000
Description = Faulting application demo32.exe, version 0.0.0.0, faulting module
user32.dll, version 5.1.2600.5512, fault address 0x00017ae4.

Error - 10/21/2009 10:46:06 AM | Computer Name = YOUR-47AC4EBAAE | Source = Application Error | ID = 1000
Description = Faulting application demo32.exe, version 0.0.0.0, faulting module
demo32.exe, version 0.0.0.0, fault address 0x00037002.

Error - 10/21/2009 11:12:59 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 10005
Description = Product: Roxio Central Data -- Please run Setup.exe

Error - 10/21/2009 11:24:47 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 11706
Description = Product: SmartSound Quicktracks Plugin -- Error 1706.No valid source
could be found for product SmartSound Quicktracks Plugin. The Windows Installer
cannot continue.

Error - 10/21/2009 9:25:52 PM | Computer Name = YOUR-47AC4EBAAE | Source = Application Error | ID = 1000
Description = Faulting application helpctr.exe, version 5.1.2600.5512, faulting
module jscript.dll, version 5.8.6001.22886, fault address 0x00014c56.

Error - 10/26/2009 2:15:50 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 11706
Description = Product: SmartSound Quicktracks Plugin -- Error 1706.No valid source
could be found for product SmartSound Quicktracks Plugin. The Windows Installer
cannot continue.

Error - 10/26/2009 6:06:35 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 11706
Description = Product: Roxio CinePlayer Decoder Pack -- Error 1706. An installation
package for the product Roxio CinePlayer Decoder Pack cannot be found. Try the
installation again using a valid copy of the installation package 'CPDP.msi'.

Error - 10/26/2009 6:06:53 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 11706
Description = Product: Roxio CinePlayer Decoder Pack -- Error 1706. An installation
package for the product Roxio CinePlayer Decoder Pack cannot be found. Try the
installation again using a valid copy of the installation package 'CPDP.msi'.

Error - 10/26/2009 6:07:59 AM | Computer Name = YOUR-47AC4EBAAE | Source = MsiInstaller | ID = 11706
Description = Product: Roxio CinePlayer Decoder Pack -- Error 1706. An installation
package for the product Roxio CinePlayer Decoder Pack cannot be found. Try the
installation again using a valid copy of the installation package 'CPDP.msi'.

[ System Events ]
Error - 1/26/2010 2:43:42 PM | Computer Name = YOUR-47AC4EBAAE | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Internet Explorer 8 for Windows XP.

Error - 1/26/2010 2:45:33 PM | Computer Name = YOUR-47AC4EBAAE | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 1/26/2010 2:45:39 PM | Computer Name = YOUR-47AC4EBAAE | Source = Service Control Manager | ID = 7024
Description = The Media Center Extender Service service terminated with service-specific
error 2147500037 (0x80004005).

Error - 1/26/2010 2:45:51 PM | Computer Name = YOUR-47AC4EBAAE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 1/26/2010 11:52:35 PM | Computer Name = YOUR-47AC4EBAAE | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 1/26/2010 11:53:13 PM | Computer Name = YOUR-47AC4EBAAE | Source = Service Control Manager | ID = 7024
Description = The Media Center Extender Service service terminated with service-specific
error 2147500037 (0x80004005).

Error - 1/26/2010 11:53:14 PM | Computer Name = YOUR-47AC4EBAAE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 1/27/2010 9:25:04 AM | Computer Name = YOUR-47AC4EBAAE | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 1/27/2010 9:25:09 AM | Computer Name = YOUR-47AC4EBAAE | Source = Service Control Manager | ID = 7024
Description = The Media Center Extender Service service terminated with service-specific
error 2147500037 (0x80004005).

Error - 1/27/2010 9:25:20 AM | Computer Name = YOUR-47AC4EBAAE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd


< End of report >
Malwarebytes' Anti-Malware 1.44
Database version: 3655
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

1/28/2010 11:05:03 PM
mbam-log-2010-01-28 (23-05-03).txt

Scan type: Quick Scan
Objects scanned: 121021
Time elapsed: 12 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\PC Doc Pro (Rogue.PCDocPro) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by techk1957, 29 January 2010 - 03:25 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP