Thank you
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4167
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/06/2010 12:44:08
mbam-log-2010-06-11 (12-44-08).txt
Scan type: Quick scan
Objects scanned: 116966
Time elapsed: 5 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-11 13:35:53
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Dan\LOCALS~1\Temp\kxtdapoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xEE349C7A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xEE349B36]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xEE34A0EA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xEE34A014]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xEE34970C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xEE349C10]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xEE34964C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xEE3496B0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xEE349D30]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xEE34A1B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xEE349CF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xEE349E70]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xEE356AC6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xEE3568EA]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xEE356A24]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2CCC 80504568 4 Bytes JMP 54EE34A0
PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP EE356A28 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!NtCreateSection 805AB38E 7 Bytes JMP EE3568EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP EE352536 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP EE353EC2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D1134 7 Bytes JMP EE356ACA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\SearchIndexer.exe[1220] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3580] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 11/06/2010 14:06:14 - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Dan\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 609.00 Mb Available Physical Memory | 60.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 155.97 Gb Free Space | 66.99% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DANS-PC
Current User Name: Dan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/06/11 13:37:33 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\My Documents\Downloads\OTL.exe
PRC - [2010/05/06 21:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 19:00:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/06/11 13:37:33 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/09/05 22:25:04 | 000,204,800 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
========== Driver Services (SafeList) ==========
DRV - [2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 21:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 21:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/11/17 10:48:02 | 000,022,304 | ---- | M] (Doug Fetter Software Wizardry) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbkt1x1.sys -- (USBKT1X1)
DRV - [2009/11/17 10:48:02 | 000,013,504 | ---- | M] (MIDIMAN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uks11ldr.sys -- (UKS11LDR)
DRV - [2009/10/25 19:25:52 | 001,502,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/11/07 00:59:52 | 000,029,312 | ---- | M] (Line 6) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l6dp.sys -- (L6DP)
DRV - [2008/11/07 00:59:42 | 000,530,560 | ---- | M] (Line 6) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L6TPortA.sys -- (L6TPortA)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/09/05 22:25:30 | 001,246,456 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/03/31 18:04:52 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qword.com/?s=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/02 12:19:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/02 16:11:47 | 000,000,000 | ---D | M]
[2010/06/02 12:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2010/06/11 11:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\fd8xuabc.default\extensions
[2010/06/04 11:59:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\fd8xuabc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/11 11:44:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/16 11:47:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008/08/16 18:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2008/08/16 18:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2008/08/16 18:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2008/05/21 09:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2008/05/21 09:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2008/05/21 09:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/08/16 18:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2008/08/16 18:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2010/04/01 17:56:49 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/04/01 17:56:50 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/04/01 17:56:50 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/04/01 17:56:50 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [IDTSysTrayApp] C:\WINDOWS\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [Workflow] E:\Workflow.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: qword.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/25 18:48:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/10/25 19:00:02 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: midi1 - C:\WINDOWS\System32\usbkt1x1.dll (Doug Fetter Software Wizardry)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ==========
[2010/06/08 11:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Windows Search
[2010/06/05 11:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Tracing
[2010/06/05 11:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2010/06/05 11:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/06/05 11:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/06/05 11:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/06/05 11:32:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/06/05 11:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/06/05 11:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/06/05 11:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/06/04 14:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\FLAC
[2010/06/03 18:18:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/03 18:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/03 18:17:22 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Dan\Desktop\erunt_setup.exe
[2010/06/03 18:09:42 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\TFC.exe
[2010/06/03 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/06/03 12:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/06/03 12:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/06/03 12:14:38 | 000,000,000 | ---D | C] -- C:\6602246ab05bcd683ce93ec01ef664
[2010/06/03 11:56:04 | 000,000,000 | ---D | C] -- C:\NBget
[2010/06/02 17:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\NBget
[2010/06/02 17:42:41 | 000,000,000 | ---D | C] -- C:\Versalsoft
[2010/06/02 17:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Versalsoft
[2010/06/02 17:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\Universal
[2010/06/02 17:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Smith Micro
[2010/06/02 17:08:37 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/06/02 17:08:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/06/02 13:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2010/06/02 12:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\WinRAR
[2010/06/02 12:31:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/06/02 12:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Mozilla
[2010/06/02 12:09:42 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/05/28 11:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/05/28 11:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Identities
[2010/05/28 11:16:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Windows Desktop Search
[2010/05/28 11:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/05/28 11:16:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/05/25 12:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Malwarebytes
[2010/05/25 12:17:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/25 12:17:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/25 12:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/25 12:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/20 22:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\gtk-2.0
[2010/05/20 22:46:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\.thumbnails
[2010/05/20 22:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\.gimp-2.6
[2010/05/20 22:43:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\My Documents\gegl-0.0
[2010/05/20 22:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010/05/20 22:39:14 | 018,234,256 | ---- | C] ( ) -- C:\Documents and Settings\Dan\Desktop\gimp-2.6.8-i686-setup.exe
[2010/05/11 16:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/05/11 16:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/05/11 16:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Desktop\new CC bill_files
[2010/05/11 12:17:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/05/09 19:24:26 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/09 19:24:25 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/09 19:24:24 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/09 19:24:23 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/09 19:24:22 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/09 19:24:22 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/09 19:24:21 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/09 19:24:05 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/09 19:24:05 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/05/09 19:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/05/09 19:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/09 19:21:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/05/09 19:21:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/04/12 14:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/12 14:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Temp
[2010/04/12 14:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Google
[2010/03/30 18:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/30 18:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/18 20:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Facebook
[2010/03/18 20:42:07 | 002,114,184 | ---- | C] (Facebook, Inc.) -- C:\Install_Facebook_Plug-In_1.0.3.exe
========== Files - Modified Within 90 Days ==========
[2010/06/11 14:04:19 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\Dan\NTUSER.DAT
[2010/06/11 13:59:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/11 13:59:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/11 12:32:24 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Dan\ntuser.ini
[2010/06/11 12:20:09 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 11:59:33 | 000,539,460 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/11 11:59:33 | 000,456,618 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/11 11:59:33 | 000,075,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/11 11:59:01 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/11 11:57:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 09:45:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/08 10:28:40 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/07 23:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/05 11:38:17 | 000,043,920 | ---- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/05 11:33:23 | 000,001,839 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Windows Live Messenger .lnk
[2010/06/04 14:30:39 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FLAC Frontend.lnk
[2010/06/03 18:18:01 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\NTREGOPT.lnk
[2010/06/03 18:18:01 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\ERUNT.lnk
[2010/06/03 18:17:25 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Dan\Desktop\erunt_setup.exe
[2010/06/03 18:09:44 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\TFC.exe
[2010/06/03 11:52:52 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\pdfxls2.dll
[2010/06/02 17:42:55 | 000,000,049 | ---- | M] () -- C:\WINDOWS\drprofile.dat
[2010/06/02 12:19:27 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/28 11:16:38 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/05/28 10:56:38 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2010/05/25 12:17:23 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/20 22:46:42 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\Dan\.recently-used.xbel
[2010/05/20 22:43:13 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/20 22:39:53 | 018,234,256 | ---- | M] ( ) -- C:\Documents and Settings\Dan\Desktop\gimp-2.6.8-i686-setup.exe
[2010/05/11 16:30:17 | 000,032,653 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\new CC bill.htm
[2010/05/11 12:51:58 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/11 12:51:58 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/05/09 19:24:26 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/05/09 19:24:22 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/05/09 19:19:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\prvlcl.dat
[2010/05/06 21:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/05/06 21:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 21:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 21:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 21:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/04 20:03:05 | 005,738,481 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\E300_camera manual.pdf
[2010/05/04 18:09:27 | 000,831,553 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\20100504 180744.m4a
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/27 20:20:49 | 000,559,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\McCormack House Directions.pdf.doc
[2010/04/27 14:27:00 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Technical Operator - Sound.doc
[2010/04/16 09:10:46 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/18 20:42:08 | 002,114,184 | ---- | M] (Facebook, Inc.) -- C:\Install_Facebook_Plug-In_1.0.3.exe
========== Files Created - No Company Name ==========
[2010/06/05 11:33:23 | 000,001,839 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Windows Live Messenger .lnk
[2010/06/04 14:30:39 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FLAC Frontend.lnk
[2010/06/03 18:18:01 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\NTREGOPT.lnk
[2010/06/03 18:18:01 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\ERUNT.lnk
[2010/06/02 17:42:55 | 000,000,049 | ---- | C] () -- C:\WINDOWS\drprofile.dat
[2010/06/02 12:19:27 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/28 11:16:38 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/05/28 10:56:38 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2010/05/25 12:17:23 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/20 22:46:42 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\Dan\.recently-used.xbel
[2010/05/20 22:43:13 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/11 16:49:22 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/05/11 16:30:16 | 000,032,653 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\new CC bill.htm
[2010/05/09 19:24:26 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/05/04 22:36:24 | 000,831,553 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\20100504 180744.m4a
[2010/05/04 20:03:04 | 005,738,481 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\E300_camera manual.pdf
[2010/04/27 20:20:49 | 000,559,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\McCormack House Directions.pdf.doc
[2010/04/20 13:35:20 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Internet Explorer.lnk
[2010/04/01 11:44:01 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Technical Operator - Sound.doc
[2009/11/27 15:28:31 | 000,000,369 | ---- | C] () -- C:\WINDOWS\GearBox.ini
[2009/11/03 21:12:15 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/11/03 21:12:15 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/03 18:49:32 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll
[2009/11/03 18:49:30 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini
[2009/10/30 16:43:24 | 000,020,886 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2009/10/25 21:22:48 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010/05/09 19:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/11/17 15:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2009/11/27 15:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Line 6
[2009/11/17 10:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2009/11/03 20:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/15 11:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/06/02 12:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/12 15:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/26 18:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/16 22:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Cakewalk
[2009/10/30 14:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Citrix
[2010/03/18 20:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Facebook
[2010/05/20 22:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\gtk-2.0
[2009/10/28 11:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\ICAClient
[2009/11/17 11:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Line 6
[2009/11/17 10:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Propellerhead Software
[2010/06/11 13:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Spotify
[2010/02/15 11:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Trusteer
[2010/05/28 11:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Windows Desktop Search
[2010/06/08 11:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Windows Search
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/10/25 18:48:24 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/11 12:51:58 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/10/25 18:48:24 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/18 20:42:08 | 002,114,184 | ---- | M] (Facebook, Inc.) -- C:\Install_Facebook_Plug-In_1.0.3.exe
[2009/10/25 18:48:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/25 18:48:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2002/01/05 04:38:38 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\msvci70.dll
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/10/30 14:54:05 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
[2010/06/11 13:59:47 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2009/12/03 11:33:16 | 000,000,189 | ---- | M] () -- C:\Setup.log
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009/10/25 20:36:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/10/25 20:36:31 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/10/25 20:36:31 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2008/04/14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< End of report >
OTL Extras logfile created on: 11/06/2010 13:41:04 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Dan\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 461.00 Mb Available Physical Memory | 45.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 155.99 Gb Free Space | 67.00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DANS-PC
Current User Name: Dan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8006:TCP" = 8006:TCP:*:Enabled:BitComet 8006 TCP
"8006:UDP" = 8006:UDP:*:Enabled:BitComet 8006 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\WINDOWS\LMIB.tmp\lmi_rescue.exe" = C:\WINDOWS\LMIB.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"E:\D-Link.exe" = E:\D-Link.exe:*:Enabled:Setup Wizard Template -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AC3Filter\ac3config.exe" = C:\Program Files\AC3Filter\ac3config.exe:*:Enabled:AC3Filter Config -- ()
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE55714B-B67C-4D08-97AE-0CF4AC5A3A77}" = StuffIt Expander 2010
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"AC3File_is1" = AC3File 0.7b
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"BitComet" = BitComet 1.15
"Cakewalk VST Adapter 4.4.4.0" = Cakewalk VST Adapter 4.4.4.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DreamStation DXi2" = DreamStation DXi2
"ERUNT_is1" = ERUNT 1.1j
"Excel to PDF Converter_is1" = Excel to PDF Converter 3.00
"FLAC" = FLAC 1.2.1b (remove only)
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"GPL Ghostscript_is1" = Docudesk GPL Ghostscript 8.15
"ie8" = Windows Internet Explorer 8
"KeyStation1x1" = USB Keyboard Device 1.0.1.0
"Line 6 Uninstaller" = Line 6 Uninstaller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PROSet" = Intel® PRO Network Connections Drivers
"Sonar Producer Edition v4.0.3" = Sonar Producer Edition v4.0.3
"Spotify" = Spotify
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02/06/2010 07:16:20 | Computer Name = DANS-PC | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....028F20EEE4.crt>
with error: The specified server cannot perform the requested operation.
Error - 02/06/2010 09:50:41 | Computer Name = DANS-PC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAN\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES
LIBRARY.ITL> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 02/06/2010 11:53:04 | Computer Name = DANS-PC | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 02/06/2010 11:53:06 | Computer Name = DANS-PC | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 02/06/2010 12:46:20 | Computer Name = DANS-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x02c35346.
Error - 02/06/2010 12:46:30 | Computer Name = DANS-PC | Source = Application Error | ID = 1001
Description = Fault bucket 1161067261.
Error - 04/06/2010 09:39:46 | Computer Name = DANS-PC | Source = Windows Search Service | ID = 3013
Description = The entry <MAPI://{S-1-5-21-583907252-2077806209-1801674531-1004}/PERSONAL
FOLDERS($65AFAB9E)/X/OUTBOX/????????????????????????> in the hash map cannot be
updated. Context: Application, SystemIndex Catalog Details: A device attached to
the system is not functioning. (0x8007001f)
Error - 04/06/2010 09:39:46 | Computer Name = DANS-PC | Source = Windows Search Service | ID = 3013
Description = The entry <MAPI://{S-1-5-21-583907252-2077806209-1801674531-1004}/PERSONAL
FOLDERS($65AFAB9E)/X/OUTBOX/????????????????????????> in the hash map cannot be
updated. Context: Application, SystemIndex Catalog Details: A device attached to
the system is not functioning. (0x8007001f)
Error - 07/06/2010 06:33:45 | Computer Name = DANS-PC | Source = Windows Search Service | ID = 3013
Description = The entry <MAPI://{S-1-5-21-583907252-2077806209-1801674531-1004}/PERSONAL
FOLDERS($65AFAB9E)/X/OUTBOX/????????????????????????> in the hash map cannot be
updated. Context: Application, SystemIndex Catalog Details: A device attached to
the system is not functioning. (0x8007001f)
Error - 07/06/2010 06:33:45 | Computer Name = DANS-PC | Source = Windows Search Service | ID = 3013
Description = The entry <MAPI://{S-1-5-21-583907252-2077806209-1801674531-1004}/PERSONAL
FOLDERS($65AFAB9E)/X/OUTBOX/????????????????????????> in the hash map cannot be
updated. Context: Application, SystemIndex Catalog Details: A device attached to
the system is not functioning. (0x8007001f)
[ System Events ]
Error - 05/06/2010 08:08:35 | Computer Name = DANS-PC | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 05/06/2010 08:23:35 | Computer Name = DANS-PC | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 05/06/2010 08:23:35 | Computer Name = DANS-PC | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 11/06/2010 06:23:23 | Computer Name = DANS-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 77.99.186.175 for the Network Card with network
address 0013721229A9 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 11/06/2010 06:23:45 | Computer Name = DANS-PC | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.11
on the Network Card with network address 0013721229A9.
Error - 11/06/2010 07:32:01 | Computer Name = DANS-PC | Source = Service Control Manager | ID = 7034
Description = The Ati HotKey Poller service terminated unexpectedly. It has done
this 1 time(s).
Error - 11/06/2010 07:32:02 | Computer Name = DANS-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 11/06/2010 07:32:02 | Computer Name = DANS-PC | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 11/06/2010 07:32:02 | Computer Name = DANS-PC | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 11/06/2010 07:32:02 | Computer Name = DANS-PC | Source = Service Control Manager | ID = 7034
Description = The SeaPort service terminated unexpectedly. It has done this 1 time(s).
< End of report >