Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malicious Hijacker

Started by kallisonmk , Feb 07 2010 02:21 PM

  • Please log in to reply

#1
kallisonmk
Posted 07 February 2010 - 02:21 PM

kallisonmk

    Member

  • Member
  • PipPip
  • 18 posts
Hello I have a problem with my IE running slow and not connecting. I originally posted in WEB BROWSERS AND EMAIL. Here is the original post:

hello, I'm new here however I come here a lot and use a lot of your advice. My Internet Explorer runs very slow most of the time...as a matter of fact it too about 2 minutes to load your site. I have searched through the forums and followed a few of your suggestions to others. I ran TFC, Erunt, mbam and atf. I have also ran the 'clean registries' in my Norton 360. I also re-install IE 8 and I still am having this problem. Please help. Thanks so much.

I was then told by Broni this:

This:
+ "20-20 Shortcut Bar.lnk" "" "" "File not found: C:\2020V61\Mswin\60\SCBar.Exe"
is a malicious hijacker, so you may have more....

I suggest that you start a new topic in the Malware Removal and Spyware Removal area.

Before you start a new topic click on this link --> Malware and Spyware Cleaning Guide, Please read before starting a new topic. This will give you a few preparations to make, as well as instruction for posting your OTListIt2 log.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).


I run MBAM daily and 20-20 is a design program.

Just need help

Thanks
  • 0

Advertisements

#2
kallisonmk
Posted 07 February 2010 - 04:53 PM

kallisonmk

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here's my MBAM log:

Malwarebytes' Anti-Malware 1.44
Database version: 3643
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/7/2010 5:45:37 PM
mbam-log-2010-02-07 (17-45-37).txt

Scan type: Quick Scan
Objects scanned: 124995
Time elapsed: 12 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#3
kallisonmk
Posted 07 February 2010 - 05:02 PM

kallisonmk

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here is the RootKit Log:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-07 18:00:48
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\awkyqaoc.sys


---- System - GMER 1.0.15 ----

SSDT 89779DF0 ZwAlertResumeThread
SSDT 89AC2A48 ZwAlertThread
SSDT 897535C8 ZwAllocateVirtualMemory
SSDT 897CB918 ZwAssignProcessToJobObject
SSDT 89778730 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xA9CC8130]
SSDT 897577F0 ZwCreateMutant
SSDT 897D3470 ZwCreateSymbolicLinkObject
SSDT 897FF768 ZwCreateThread
SSDT 897D5918 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xA9CC83B0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xA9CC8910]
SSDT 89789318 ZwDuplicateObject
SSDT 897E7760 ZwFreeVirtualMemory
SSDT 897C2280 ZwImpersonateAnonymousToken
SSDT 8974A6A8 ZwImpersonateThread
SSDT 8977C828 ZwLoadDriver
SSDT 8978A260 ZwMapViewOfSection
SSDT 89821F50 ZwOpenEvent
SSDT 897853C0 ZwOpenProcess
SSDT 89791990 ZwOpenProcessToken
SSDT 89700878 ZwOpenSection
SSDT 8973D148 ZwOpenThread
SSDT 897ACC20 ZwProtectVirtualMemory
SSDT 897F05E0 ZwResumeThread
SSDT 89792A48 ZwSetContextThread
SSDT 89783A78 ZwSetInformationProcess
SSDT 897F8BA8 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xA9CC8B60]
SSDT 89A0EDB0 ZwSuspendProcess
SSDT 89764778 ZwSuspendThread
SSDT 89821E30 ZwTerminateProcess
SSDT 897647B0 ZwTerminateThread
SSDT 89791910 ZwUnmapViewOfSection
SSDT 89784980 ZwWriteVirtualMemory

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----
  • 0

#4
kallisonmk
Posted 07 February 2010 - 05:16 PM

kallisonmk

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OTL.Txt:

OTL logfile created on: 2/7/2010 6:05:20 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 45.72 Gb Free Space | 81.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-0IXMERSFHX
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/02/07 18:04:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2010/01/28 01:26:01 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009/12/20 08:58:31 | 000,320,968 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
PRC - [2009/12/20 08:58:31 | 000,214,472 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
PRC - [2009/12/13 01:39:28 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2009/03/23 21:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/02/10 11:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/05/27 00:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/16 20:10:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
PRC - [2007/03/16 20:10:42 | 001,253,376 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE


========== Modules (SafeList) ==========

MOD - [2010/02/07 18:04:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
MOD - [2009/12/13 01:39:17 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\asOEHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/28 01:26:01 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/12/24 23:27:20 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/12/13 01:39:28 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2009/02/10 11:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/03/16 20:10:46 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2003/07/28 15:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.att.net/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/07 12:56:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/07 12:56:07 | 000,000,000 | ---D | M]

[2010/02/07 12:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2010/02/07 12:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\weqzztq6.default\extensions
[2010/02/07 12:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\weqzztq6.default\extensions\staged-xpis
[2010/02/07 12:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/15 19:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/15 19:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/15 19:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/15 19:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2003/07/16 11:23:48 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\20-20 Shortcut Bar.lnk = C:\2020V61\Mswin\60\SCBar.Exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.c...eUploader57.cab (Auctiva Image Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1224601023241 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/20 15:43:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/10/20 15:43:21 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)

========== Files/Folders - Created Within 14 Days ==========

[2016/04/11 22:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Realore JanesZOO
[2016/04/11 22:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\EleFun Games
[2016/04/11 22:01:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\bigfish
[2016/04/11 22:01:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\bigfish
[2016/04/11 21:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2016/04/11 21:47:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Boolat Games
[2016/04/11 19:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Ashtons. Family Resort
[2016/04/11 19:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ashtons. Family Resort
[2016/04/11 19:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Hotel Dash - Suite Success
[2016/04/11 19:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\GameInvest
[2010/02/07 18:04:10 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/02/07 12:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
[2010/02/07 12:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Mozilla
[2010/02/07 12:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/02/02 00:46:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/01/30 02:30:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/01/28 19:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\Busytown
[2010/01/28 01:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/01/27 01:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/27 01:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/01/27 01:34:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/01/27 00:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2010/01/27 00:47:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/27 00:47:47 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/27 00:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/27 00:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/27 00:47:05 | 005,115,840 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Desktop\mbam-setup.exe
[2010/01/27 00:44:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/27 00:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/27 00:43:18 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\User\Desktop\erunt_setup.exe
[2010/01/27 00:35:58 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\TFC.exe
[2010/01/05 19:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2009/12/24 23:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/12/24 23:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/12/18 21:03:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/13 17:08:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/13 17:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/13 17:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

========== Files - Modified Within 14 Days ==========

[2016/04/11 19:02:22 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Hotel Dash.lnk
[2010/02/07 18:04:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/02/07 17:32:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/07 14:11:26 | 005,468,006 | ---- | M] () -- C:\Documents and Settings\User\My Documents\AutoRuns.arn
[2010/02/07 12:56:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/02/07 12:56:12 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/02/06 23:32:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/05 11:44:29 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/02/05 11:29:12 | 000,555,168 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/05 11:29:12 | 000,465,640 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/05 11:29:12 | 000,079,360 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/05 11:25:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/05 11:24:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/05 11:24:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/05 00:57:17 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2010/02/05 00:56:54 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010/02/05 00:00:20 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\User\My Documents\I BUY MK.doc
[2010/02/04 09:23:26 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Welcome To Kim.doc
[2010/02/03 02:31:14 | 000,641,602 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/02/03 02:30:58 | 000,002,076 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360 Premier Edition.LNK
[2010/02/03 02:13:07 | 004,322,146 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2010/02/03 01:33:34 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/02/01 16:44:15 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\User\My Documents\ITEM1.doc
[2010/02/01 15:17:19 | 000,111,616 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Mention the words.doc
[2010/01/30 02:35:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/28 14:08:51 | 000,137,976 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/28 14:02:54 | 000,420,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/27 00:47:52 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/27 00:47:20 | 005,115,840 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Desktop\mbam-setup.exe
[2010/01/27 00:44:16 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\User\Desktop\NTREGOPT.lnk
[2010/01/27 00:44:16 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\User\Desktop\ERUNT.lnk
[2010/01/27 00:43:25 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\User\Desktop\erunt_setup.exe
[2010/01/27 00:35:58 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\TFC.exe
[2010/01/25 22:36:00 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Shelf Life of Mary Kay Products.doc
[2010/01/25 15:31:05 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\User\My Documents\ITEM.doc
[2010/01/25 02:39:15 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Why pay Retail for your beloved Mary Kay products.doc

========== Files Created - No Company Name ==========

[2016/04/11 19:02:22 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Hotel Dash.lnk
[2010/02/07 14:11:24 | 005,468,006 | ---- | C] () -- C:\Documents and Settings\User\My Documents\AutoRuns.arn
[2010/02/07 12:56:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/07 12:56:12 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/02/05 11:44:29 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/02/05 00:00:19 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\User\My Documents\I BUY MK.doc
[2010/02/04 09:23:25 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Welcome To Kim.doc
[2010/02/01 15:17:19 | 000,111,616 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Mention the words.doc
[2010/01/27 20:18:02 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\User\My Documents\ITEM1.doc
[2010/01/27 00:47:52 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/27 00:44:16 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\User\Desktop\NTREGOPT.lnk
[2010/01/27 00:44:16 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\User\Desktop\ERUNT.lnk
[2010/01/25 22:36:00 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Shelf Life of Mary Kay Products.doc
[2010/01/25 15:31:04 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\User\My Documents\ITEM.doc
[2010/01/25 02:39:15 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Why pay Retail for your beloved Mary Kay products.doc
[2010/01/06 01:36:05 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/01/06 00:12:29 | 000,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/05 18:54:19 | 000,000,240 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010/01/05 17:38:17 | 000,000,139 | ---- | C] () -- C:\WINDOWS\KA.INI
[2010/01/04 13:24:34 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010/01/04 13:24:34 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2010/01/04 13:24:34 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2010/01/04 13:24:34 | 000,000,335 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010/01/04 13:24:34 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2010/01/04 13:13:57 | 000,000,844 | ---- | C] () -- C:\WINDOWS\rprtvwr.ini
[2009/12/21 04:02:57 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/12/21 04:02:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/12/21 04:02:54 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/12/21 04:02:54 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/12/21 04:02:49 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/21 04:02:49 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/12/14 23:23:29 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/14 04:09:07 | 000,241,664 | ---- | C] () -- C:\Program Files\ImportCatalog.dat
[2009/12/14 03:17:33 | 000,000,303 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2009/12/02 13:42:38 | 000,000,492 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/21 18:56:51 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/10/21 18:56:50 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/10/21 13:15:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2007/09/27 12:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/12/18 15:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2016/04/11 19:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashtons. Family Resort
[2009/12/14 05:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar
[2009/12/17 23:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/12/20 23:57:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/12/28 01:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2009/12/21 00:16:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/01/31 19:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/12/28 01:01:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009/12/21 00:17:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2009/12/18 14:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cupcakecafe
[2009/12/21 05:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/12/19 03:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2009/12/18 15:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2009/12/18 16:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3
[2009/12/19 03:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fitn17
[2009/12/18 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreshGames
[2009/12/18 15:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2009/12/19 03:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2009/12/10 20:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2009/12/17 23:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/12/13 16:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/12/13 16:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2009/12/18 17:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2009/12/18 18:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
[2009/12/19 03:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2009/12/18 18:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2009/12/18 17:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2010/01/08 10:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/12/18 16:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NevoSoft Games
[2009/12/21 03:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/12/19 04:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/12/18 16:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/12/18 15:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2009/12/19 05:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/18 18:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Valusoft
[2009/12/18 17:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualFarm
[2009/12/19 03:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XLab
[2009/12/19 03:36:49 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\User\Application Data\.#
[2009/12/18 17:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Alawar
[2016/04/11 19:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ashtons. Family Resort
[2009/12/14 02:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ATTToolbar
[2009/12/18 16:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BeachPartyCraze
[2009/12/17 23:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\blg
[2016/04/11 21:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Boolat Games
[2009/12/19 04:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Camel101
[2009/12/28 01:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Canon
[2009/12/18 17:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Dress Up Rush
[2016/04/11 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EleFun Games
[2009/12/18 18:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Fuzzy Games
[2009/12/18 17:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GameHouse
[2016/04/11 19:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GameInvest
[2009/12/18 17:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Gamelab
[2009/12/18 17:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\iWin
[2009/12/16 03:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Jane s Hotel Family Hero
[2009/12/19 03:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ludia
[2009/12/18 18:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Merscom
[2009/12/18 17:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\My Games
[2010/01/08 10:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NCH Swift Sound
[2009/12/18 16:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PetShowCraze
[2009/12/19 04:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PlayFirst
[2009/12/18 16:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sandlot Games
[2009/12/18 15:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Shape games
[2009/12/19 03:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SulusGames
[2010/01/04 12:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Uniblue
[2010/01/11 14:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2009/12/19 03:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\V-Games
[2009/12/18 18:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Valusoft
[2009/12/18 18:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ViquaSoft
[2008/10/21 12:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2009/12/14 00:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search
[2009/12/19 03:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\World-LooM
[2009/12/18 18:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\YoudaGames

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2010/01/05 19:33:24 | 027,386,280 | ---- | M] ( ) -- C:\AdbeRdr920_en_US.exe


< MD5 for: AGP440.SYS >
[2008/10/21 10:34:45 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/21 11:46:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/21 10:34:45 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/10/21 11:46:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2003/07/16 11:40:05 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/10/21 10:34:45 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/21 11:46:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/21 10:34:45 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/10/21 11:46:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/10/20 08:31:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/10/20 08:31:50 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/10/20 08:31:50 | 000,425,984 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33384BC0
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43E0EC8A
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0DFE2AE1
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E412AAF2
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52E1DB1D
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF0BC727
< End of report >


OTL Extras:

OTL Extras logfile created on: 2/7/2010 6:05:20 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 45.72 Gb Free Space | 81.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-0IXMERSFHX
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- File not found
"C:\Documents and Settings\User\Local Settings\Temp\ImInstaller\3d_magic_installer.exe" = C:\Documents and Settings\User\Local Settings\Temp\ImInstaller\3d_magic_installer.exe:*:Enabled:IncrediMail Installer -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E0479F8-180F-4054-B4F7-17EE657F90BF}" = TIPCI
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B1B2267-02C2-42EC-9EE4-EF2AE216D32C}" = The Hulk™
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = Sentinel System Driver
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AT&&T Yahoo! Messenger" = AT&T Yahoo! Messenger
"ATTToolbar" = AT&T Toolbar
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"BroadJump Client Foundation" = BroadJump Client Foundation
"Busytown" = Busytown Uninstall
"Canon MP250 series User Registration" = Canon MP250 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"Diner Dash Seasonal Snack Pack1.0" = Diner Dash Seasonal Snack Pack
"Diner Dash Flo Through Time1.2" = Diner Dash Flo Through Time
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ERUNT_is1" = ERUNT 1.1j
"[bleep]'s Kitchen1.0" = [bleep]'s Kitchen
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"InstallShield_{0E0479F8-180F-4054-B4F7-17EE657F90BF}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IsoBuster_is1" = IsoBuster 2.7
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.5.1 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton 360 Premier Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Print Artist 12.0" = SierraHome Print Artist 12.0
"QuickTime" = QuickTime
"Salehoo Alert_is1" = Salehoo Alert 1.1.3
"Supermarket Management1.1.6" = Supermarket Management
"Supermarket Mania1.0" = Supermarket Mania
"Switch" = Switch Sound File Converter
"The Apprentice Los Angeles1.0" = The Apprentice Los Angeles
"Travel Agency1.0" = Travel Agency
"uTorrent" = µTorrent
"Wedding Dash - Ready Aim Love1.0.94" = Wedding Dash - Ready Aim Love
"Wedding Dash 2 - Rings Around the World1.0" = Wedding Dash 2 - Rings Around the World
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/6/2010 2:11:06 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\THE HULK.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:06 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\README.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:06 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\README.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:06 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\HELP.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:06 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\HELP.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:08 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\REGISTER.URL> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:08 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\REGISTER.URL> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/6/2010 2:11:08 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\UNINSTALL THE HULK.LNK> in the hash map cannot be updated.

Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/6/2010 2:11:08 AM | Computer Name = USER-0IXMERSFHX | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\UNIVERSAL
INTERACTIVE\THE HULK\UNINSTALL THE HULK.LNK> in the hash map cannot be updated.

Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/7/2010 11:01:22 AM | Computer Name = USER-0IXMERSFHX | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module msvcr80.dll, version 8.0.50727.4053, fault address 0x00008aa0.

[ System Events ]
Error - 12/25/2009 2:20:13 AM | Computer Name = USER-0IXMERSFHX | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.

Error - 12/25/2009 10:12:37 AM | Computer Name = USER-0IXMERSFHX | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.3 for the Network Card with network address
0014A50665E7 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a
DHCPNACK message).

Error - 12/25/2009 10:12:41 AM | Computer Name = USER-0IXMERSFHX | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 10.0.0.2 with
the system having network hardware address 00:13:D3:AB:1C:A9. Network operations
on this system may be disrupted as a result.

Error - 12/25/2009 12:56:47 PM | Computer Name = USER-0IXMERSFHX | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.

Error - 12/25/2009 12:57:13 PM | Computer Name = USER-0IXMERSFHX | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.

Error - 12/25/2009 12:57:41 PM | Computer Name = USER-0IXMERSFHX | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.2 for the Network Card with network address
0014A50665E7 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a
DHCPNACK message).

Error - 12/26/2009 3:08:40 AM | Computer Name = USER-0IXMERSFHX | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.2 for the Network Card with network address
0014A50665E7 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a
DHCPNACK message).

Error - 12/28/2009 10:58:25 PM | Computer Name = USER-0IXMERSFHX | Source = Service Control Manager | ID = 7022
Description = The Wireless Zero Configuration service hung on starting.

Error - 1/2/2010 9:59:02 AM | Computer Name = USER-0IXMERSFHX | Source = DCOM | ID = 10010
Description = The server {C2BFE331-6739-4270-86C9-493D9A04CD38} did not register
with DCOM within the required timeout.

Error - 1/4/2010 4:58:14 PM | Computer Name = USER-0IXMERSFHX | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 10.0.0.3. The machine with the IP address 10.0.0.2 did not allow
the name to be claimed by this machine.


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP