I do not know if I have got malware. But suddenly about a week ago, the internet service became very slow, and suffered frequent freezes - links, refresh button, stop button, etc, just not responding at all; even deleting text in the navigation bar (where the www's go - sorry this may not be the correct name) was sluggish - the backspace curser would go across but the text was not deleted.
I ran Avast Free. CC Cleaner Free, and ASC Free, all of which did not show any malware.
But something is very wrong!
My laptop is an old Acer Travelmate, so I do not expect superb performance, but it was quite acceptable until about a week ago. I have not knowingly acted in away that is likely to cause the problem (I believe); perhaps update downloads of Avast, ASC, and Windows Defender are possible culprits.
I see that there have been similar topics previously, but the investigations all seemed to require the OTL log, so after about 10 attempts I did manage to get this to work, and the log is pasted below.
I do hope that you are able to assist, as things are abominable now.
OTL logfile created on: 04/12/2011 16:52:17 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Tom J Pike\My Documents\Op System
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
766.98 Mb Total Physical Memory | 245.49 Mb Available Physical Memory | 32.01% Memory free
1.83 Gb Paging File | 1.11 Gb Available in Paging File | 60.78% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 54.34 Gb Free Space | 72.91% Space Free | Partition Type: NTFS
Computer Name: ACER-5GI5Q0UBZJ | User Name: Tom J Pike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/04 16:51:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom J Pike\My Documents\Op System\OTL.scr
PRC - [2011/11/29 01:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/11/29 01:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/11/12 10:42:50 | 001,647,448 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/11/08 01:04:36 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/11/07 21:28:26 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/08/12 06:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/07/07 08:49:42 | 000,376,352 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2011/07/07 08:49:40 | 001,706,544 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe
PRC - [2008/04/14 07:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2003/02/16 20:52:08 | 000,504,832 | ---- | M] (Acer) -- C:\Program Files\Acer\Notebook Manager\almxptray.exe
PRC - [2001/10/25 02:02:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
========== Modules (No Company Name) ==========
MOD - [2011/12/04 15:40:29 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/12/04 15:40:28 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/12/04 02:10:31 | 001,642,496 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11120302\algo.dll
MOD - [2011/12/03 02:57:15 | 001,641,984 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11120201\algo.dll
MOD - [2011/11/30 12:37:19 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/11/30 12:37:19 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/29 22:40:55 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11120302\aswRep.dll
MOD - [2011/11/29 22:40:55 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11120201\aswRep.dll
MOD - [2011/10/30 20:57:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/10/23 08:06:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2011/10/23 08:04:57 | 000,676,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SolutoCleanup\34a40c4b206ad3b6a26879a2f0d2fcf0\SolutoCleanup.ni.dll
MOD - [2011/10/23 08:04:54 | 000,510,464 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDataAggregation\737362a798bd39d8141cb83feca07f6f\PCGDataAggregation.ni.dll
MOD - [2011/10/23 08:04:51 | 000,380,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\a79f2bfb22f4f2ee34229fae443b29c7\PCGBootVisualizingCore.ni.dll
MOD - [2011/10/23 08:04:48 | 000,410,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCatalogItemFootp#\cd60b5212d828a87513ecc14f9cb2976\PCGCatalogItemFootprint.ni.dll
MOD - [2011/10/23 08:04:46 | 000,725,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBrowsersProbe\97cb84f74d7fdb7e6269fcb4f2ea7d6f\PCGBrowsersProbe.ni.dll
MOD - [2011/10/23 08:04:43 | 000,354,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGSAProbe\b78041303aac807e619ffb1a2dd057ea\PCGSAProbe.ni.dll
MOD - [2011/10/23 08:04:41 | 000,102,912 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCatalogItemCache\0ecb10fe443b6443283ffc45aedcf110\PCGCatalogItemCache.ni.dll
MOD - [2011/10/23 08:04:39 | 000,047,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGEntities\57fe69b436e00fc503b706c9e170e264\PCGEntities.ni.dll
MOD - [2011/10/23 08:04:38 | 000,886,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGClientCommunicat#\7e2391646092a1c445735d9f8f54d677\PCGClientCommunication.ni.dll
MOD - [2011/10/23 08:04:34 | 000,125,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SolutoUpdateService\37d57538a7bbd4f14acb147674ad3af8\SolutoUpdateService.ni.dll
MOD - [2011/10/23 08:04:32 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGUpgrader\dc6b51d9dff7defe30125ccf96d07a95\PCGUpgrader.ni.dll
MOD - [2011/10/23 08:04:30 | 001,252,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SolutoService\41e1763bddf3fa18d6657871e9788257\SolutoService.ni.exe
MOD - [2011/10/23 08:03:59 | 000,644,096 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\1005c78185057602a9854e51822b707a\PCGPostBootResources.ni.dll
MOD - [2011/10/23 08:03:59 | 000,057,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\c6de41a2518384bb82bcb414233f847a\PCGHIDProbe.ni.dll
MOD - [2011/10/23 08:03:57 | 000,039,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\8caa19ca7948e8c58215a3bea8311b9e\PCGRSPProbe.ni.dll
MOD - [2011/10/23 08:03:48 | 002,327,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\f36a967ddaae73774dfb7e3df7c95013\Community.CsharpSqlite.ni.dll
MOD - [2011/10/23 08:03:46 | 000,100,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\d1b78475fd571b27e9f55dd9f2a5cb24\Interop.IWshRuntimeLibrary.ni.dll
MOD - [2011/10/23 08:03:45 | 000,064,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\7936f032160cef5cae2cc8ef91455b1f\PCGUsersCenter.ni.dll
MOD - [2011/10/23 08:03:44 | 002,984,448 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\95b112fbd7b5460d3484e25815f12ca5\PCGClientCommon.ni.dll
MOD - [2011/10/23 08:03:37 | 000,195,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\b4cf359dca4929ca9ff71548ae7693bc\PCGBootVisualizingCommon.ni.dll
MOD - [2011/10/23 08:03:30 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\1a2a4a32ea3559a221304122fadc1e12\PCGConfiguration.ni.dll
MOD - [2011/10/23 08:03:29 | 000,766,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\f0a3fccd64c2e64230e2faccbfc9fa16\System.Data.SqlServerCe.ni.dll
MOD - [2011/10/23 08:03:25 | 003,473,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDatabase\204795627e680388c0209c1d206f19de\PCGDatabase.ni.dll
MOD - [2011/10/23 08:03:18 | 000,665,088 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\406bfd7e433fe354f8b0f99e79468a02\PCGAzureShared.ni.dll
MOD - [2011/10/23 08:03:18 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\a8e5691a1ce1425f41a43d36f6331e08\PCGAzureEntityFramework.ni.dll
MOD - [2011/10/23 08:03:16 | 001,248,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCommunication\70aacd34e93d527e8f383328d3d4a0c6\PCGCommunication.ni.dll
MOD - [2011/10/23 08:03:12 | 000,170,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\7ff563f6c23204eb7e00bf1a3bdb7550\PCGDriverProbe.ni.dll
MOD - [2011/10/23 08:03:09 | 002,845,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\45329293420a9f9324e47f9d2d0361e5\PCGPreCompiled.ni.dll
MOD - [2011/10/23 08:03:04 | 001,454,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json\b1f99f291fc946099309c3f5bad9a7d5\Newtonsoft.Json.ni.dll
MOD - [2011/10/23 08:02:59 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/23 08:02:28 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MOD - [2011/10/23 08:02:27 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MOD - [2011/10/23 08:02:24 | 000,572,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\6a4df134093bb7394a7b8fe019dd180a\Ionic.Zip.Reduced.ni.dll
MOD - [2011/10/23 08:02:23 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
MOD - [2011/10/23 08:02:22 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
MOD - [2011/10/23 08:02:20 | 000,939,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
MOD - [2011/10/23 08:02:17 | 002,268,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGFramework\4fa996a7b0e74304be2e2d6f19714342\PCGFramework.ni.dll
MOD - [2011/10/23 08:01:58 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/23 08:01:55 | 001,985,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Soluto\36d32f4b3eb6a51200590dffb2144d33\Soluto.ni.exe
MOD - [2011/10/23 08:00:46 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
MOD - [2011/10/23 07:48:27 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/23 07:48:12 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/23 07:47:36 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/23 07:47:08 | 002,516,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll
MOD - [2011/10/23 07:46:54 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/23 07:46:36 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
MOD - [2011/10/23 07:42:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/23 07:41:36 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/23 07:38:03 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/23 07:37:44 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/07/21 09:00:59 | 000,516,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/07/07 08:35:04 | 000,071,216 | ---- | M] () -- C:\Program Files\Soluto\PCGDllExportInspector.dll
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/11/29 01:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/08/12 06:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/07 08:49:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2001/10/25 02:02:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)
========== Driver Services (SafeList) ==========
DRV - [2011/11/29 00:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/29 00:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/29 00:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/29 00:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/29 00:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/29 00:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/29 00:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/11/07 21:30:20 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_32301.sys -- (RapportCerberus_32301)
DRV - [2011/11/07 21:28:40 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/11/07 21:28:38 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/07/22 23:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/21 09:00:59 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2011/07/13 04:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/07 08:34:08 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Soluto.sys -- (Soluto)
DRV - [2009/12/07 17:12:36 | 000,078,336 | ---- | M] (PC Dynamics, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SafDskNT.sys -- (SafDskNT)
DRV - [2006/08/02 22:09:00 | 000,674,560 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w70n51.sys -- (w70n51) Intel®
DRV - [2003/01/20 22:44:36 | 000,569,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/01/13 10:31:46 | 000,006,538 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acernbm.sys -- (acernbm)
DRV - [2002/12/13 03:17:00 | 000,227,887 | ---- | M] (O2 Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2mmb.sys -- (CONAN)
DRV - [2002/12/10 11:00:00 | 000,218,240 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Expsab2.sys -- (LEX_AS_NIC_SERVICE)
DRV - [2002/12/09 15:29:00 | 000,005,441 | ---- | M] (O2 Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbxfilt.sys -- (mbxfilt)
DRV - [2002/11/27 14:46:28 | 000,730,700 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002/11/08 13:13:50 | 000,020,579 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2002/10/18 11:07:00 | 001,156,672 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/09/11 00:45:50 | 000,041,728 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
O1 HOSTS File: ([2002/08/29 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe (Acer)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1234401941019 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49DA7465-B378-4C01-BBD8-4183DBEFF8D5}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msref {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\msref.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) -C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Tom J Pike\My Documents\My Pictures\Picasa\Backgrounds\picasabackground.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tom J Pike\My Documents\My Pictures\Picasa\Backgrounds\picasabackground.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{76e7afe1-0ea9-11de-a1f4-0004234b85a7}\Shell - "" = AutoRun
O33 - MountPoints2\{76e7afe1-0ea9-11de-a1f4-0004234b85a7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76e7afe1-0ea9-11de-a1f4-0004234b85a7}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{76e7afe2-0ea9-11de-a1f4-0004234b85a7}\Shell - "" = AutoRun
O33 - MountPoints2\{76e7afe2-0ea9-11de-a1f4-0004234b85a7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76e7afe2-0ea9-11de-a1f4-0004234b85a7}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/03 15:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom J Pike\My Documents\Proformas
[2011/12/03 11:55:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tom J Pike\Recent
[2011/12/02 15:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 5
[2011/12/02 15:32:39 | 029,918,440 | ---- | C] (IObit ) -- C:\Program Files\asc-setup.exe
[2011/11/30 12:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom J Pike\Application Data\SUPERAntiSpyware.com
[2011/11/30 12:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom J Pike\Start Menu\Programs\SUPERAntiSpyware
[2011/11/30 12:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/11/30 12:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/11/30 12:34:07 | 013,151,264 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware.exe
[2011/11/29 15:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/11/29 15:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/11/07 21:28:38 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/04 15:48:50 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/04 15:42:41 | 000,001,572 | ---- | M] () -- C:\WINDOWS\System32\.lck
[2011/12/04 15:42:39 | 000,002,328 | ---- | M] () -- C:\WINDOWS\System32\.rsp
[2011/12/04 15:42:02 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/12/04 15:39:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/04 15:38:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/04 15:38:47 | 804,311,040 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/03 15:35:12 | 000,000,449 | ---- | M] () -- C:\Documents and Settings\Tom J Pike\My Documents\Passwords.rtf
[2011/12/02 15:34:55 | 000,000,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quick Care.lnk
[2011/12/02 15:34:54 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 5.lnk
[2011/12/02 15:33:04 | 029,918,440 | ---- | M] (IObit ) -- C:\Program Files\asc-setup.exe
[2011/11/30 12:35:52 | 000,001,682 | ---- | M] () -- C:\Documents and Settings\Tom J Pike\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/30 12:34:37 | 013,151,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware.exe
[2011/11/29 15:40:45 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/11/29 15:36:04 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/29 15:13:35 | 000,001,516 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Recuva.lnk
[2011/11/29 01:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/29 01:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/29 00:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/29 00:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/29 00:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/29 00:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/29 00:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/29 00:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/29 00:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/29 00:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/03 15:35:12 | 000,000,449 | ---- | C] () -- C:\Documents and Settings\Tom J Pike\My Documents\Passwords.rtf
[2011/12/02 15:34:55 | 000,000,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quick Care.lnk
[2011/12/02 15:34:54 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 5.lnk
[2011/11/30 12:35:52 | 000,001,682 | ---- | C] () -- C:\Documents and Settings\Tom J Pike\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/29 15:40:45 | 000,000,658 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/11/29 15:13:35 | 000,001,516 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Recuva.lnk
[2011/09/19 10:51:36 | 000,177,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/09/09 11:19:11 | 013,852,708 | ---- | C] () -- C:\Program Files\BlueTooth_Widcomm_1.3.2.7_XPx86.zip
[2011/08/26 14:31:23 | 001,366,104 | ---- | C] () -- C:\Program Files\BOIE8_ENUS_MSCOM_XP.EXE
[2011/06/03 21:02:12 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/11/18 09:06:48 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\Tom J Pike\Application Data\burnaware.ini
[2009/06/17 08:58:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2009/02/22 08:54:59 | 000,000,131 | ---- | C] () -- C:\WINDOWS\CRC.INI
[2009/02/12 19:32:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/02/12 05:22:39 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2009/02/12 05:22:39 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2009/02/12 05:22:39 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2009/02/12 05:22:39 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2009/02/12 05:22:39 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2009/02/12 05:09:32 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/02/23 09:40:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/02/21 14:11:41 | 000,006,538 | ---- | C] () -- C:\WINDOWS\System32\drivers\acernbm.sys
[2003/02/21 14:09:03 | 000,000,042 | ---- | C] () -- C:\WINDOWS\AcrobatSetupStatus.ini
[2003/02/21 14:02:28 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2003/02/21 13:11:09 | 001,969,664 | ---- | C] () -- C:\WINDOWS\PQDISK.EXE
[2003/02/21 13:11:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMOVE.EXE
[2003/02/21 13:11:09 | 000,029,796 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/02/21 13:11:09 | 000,000,240 | ---- | C] () -- C:\WINDOWS\PQDISK.INI
[2003/02/21 13:10:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/02/21 13:04:42 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/02/21 13:03:29 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/02/21 12:59:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/02/21 12:58:42 | 000,335,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/11/15 17:45:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2000/04/18 09:02:00 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[1980/01/01 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[1980/01/01 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[1980/01/01 00:00:00 | 000,435,822 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980/01/01 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[1980/01/01 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1980/01/01 00:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1980/01/01 00:00:00 | 000,069,368 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980/01/01 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[1980/01/01 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[1980/01/01 00:00:00 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1980/01/01 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1980/01/01 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2010/07/25 17:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/10/25 15:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/12/02 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/10/25 15:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/07/16 13:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2010/02/09 13:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2009/06/28 15:42:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2011/10/01 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom J Pike\Application Data\ImgBurn
[2003/02/21 14:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom J Pike\Application Data\InterTrust
[2011/12/03 11:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom J Pike\Application Data\IObit
[2010/03/13 14:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom J Pike\Application Data\Trusteer
[2011/12/04 15:42:02 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 04/12/2011 16:52:17 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Tom J Pike\My Documents\Op System
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
766.98 Mb Total Physical Memory | 245.49 Mb Available Physical Memory | 32.01% Memory free
1.83 Gb Paging File | 1.11 Gb Available in Paging File | 60.78% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 54.34 Gb Free Space | 72.91% Space Free | Partition Type: NTFS
Computer Name: ACER-5GI5Q0UBZJ | User Name: Tom J Pike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.scr [@ = scrfile] -- "%1" /S "%3"
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S "%3"
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Soluto\Soluto.exe" = C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray -- (Soluto)
"C:\Program Files\Soluto\SolutoService.exe" = C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service -- (Soluto)
"C:\Program Files\Soluto\SolutoConsole.exe" = C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console -- (Soluto)
"C:\Program Files\Soluto\SolutoUpdateService.exe" = C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service -- (Soluto)
"C:\Program Files\FrostWire 5\FrostWire.exe" = C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01892453-6095-4825-BB73-78BE918B42CB}" = Soluto
"{062DAE57-6A6D-4364-B16F-A43C83282177}" = O2Micro MultiMediaBay Windows Driver Installer
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 29
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37D67C45-8484-4398-B5C1-3CAE19FDDF22}" = EPSON PRINT Image Framer Tool1.1
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C2FA1ED-8248-42DF-A78A-48D40133129E}" = Acer Notebook Manager
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{B2EFE303-A594-11D5-95EB-005004BC1C65}" = EPSON PhotoQuicker3.2
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BurnAware Free_is1" = BurnAware Free 3.5
"Canon Digital Camera USB WIA Driver" = Canon Digital Camera USB WIA Driver
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"Canon Utilities RAW Image Converter" = Canon Utilities RAW Image Converter
"CCleaner" = CCleaner
"Encarta Encyclopedia 2000 Z" = Microsoft Encarta Encyclopedia 2000 World English
"Encarta Virtual Globe 2000 Z" = Microsoft Encarta Interactive World Atlas 2000
"EPSON Printer and Utilities" = EPSON Printer Software
"ESC880 Guide" = ESC880 Guide
"ESP830 PSolver" = ESP830 Problem Solver
"FileCD" = NTI FileCD
"FrostWire 5" = FrostWire 5.1.4
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoRecord" = Canon PhotoRecord
"Picasa 3" = Picasa 3
"Rapport_msi" = Rapport
"Recuva" = Recuva
"RemoteCapture" = Canon Utilities RemoteCapture 2.2
"SafeHouseExplorer" = SafeHouse Explorer 3.01
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TravelMate 800 screensaver" = TravelMate 800 screensaver
"Unlocker" = Unlocker 1.9.1
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"XP Smoker Free Edition_is1" = XP Smoker Free Edition 6.0
"YTdetect" = Yahoo! Detect
"ZoomBrowserEXDeInstall" = Canon Utilities ZoomBrowser EX
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26/03/2011 02:25:45 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 26/03/2011 02:25:45 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 26/03/2011 02:25:46 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 26/03/2011 02:25:46 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 26/03/2011 03:52:34 | Computer Name = ACER-5GI5Q0UBZJ | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80240016, P2 begininstall, P3 install, P4
1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL,
P10 NIL.
Error - 31/03/2011 10:08:06 | Computer Name = ACER-5GI5Q0UBZJ | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80240022, P2 processdownloadresults, P3
download, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8
NIL, P9 NIL, P10 NIL.
Error - 04/04/2011 03:44:13 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 04/04/2011 03:44:13 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Thanks in anticipation of any help that you may offer.
DocTom.
Error - 04/04/2011 03:44:16 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 04/04/2011 03:44:16 | Computer Name = ACER-5GI5Q0UBZJ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
[ System Events ]
Error - 30/10/2011 02:50:06 | Computer Name = ACER-5GI5Q0UBZJ | Source = PSched | ID = 14103
Description = QoS [Adapter {49DA7465-B378-4C01-BBD8-4183DBEFF8D5}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.
Error - 05/11/2011 22:08:15 | Computer Name = ACER-5GI5Q0UBZJ | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.
Error - 05/11/2011 22:17:00 | Computer Name = ACER-5GI5Q0UBZJ | Source = PSched | ID = 14103
Description = QoS [Adapter {49DA7465-B378-4C01-BBD8-4183DBEFF8D5}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.
Error - 24/11/2011 06:21:00 | Computer Name = ACER-5GI5Q0UBZJ | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 0004234B85A7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 24/11/2011 07:23:32 | Computer Name = ACER-5GI5Q0UBZJ | Source = PSched | ID = 14103
Description = QoS [Adapter {49DA7465-B378-4C01-BBD8-4183DBEFF8D5}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.
Error - 29/11/2011 04:51:20 | Computer Name = ACER-5GI5Q0UBZJ | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Soluto PCGenome Core
Service service to connect.
Error - 29/11/2011 04:51:20 | Computer Name = ACER-5GI5Q0UBZJ | Source = Service Control Manager | ID = 7000
Description = The Soluto PCGenome Core Service service failed to start due to the
following error: %%1053
Error - 03/12/2011 03:48:03 | Computer Name = ACER-5GI5Q0UBZJ | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC000009A'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.
Error - 03/12/2011 04:24:42 | Computer Name = ACER-5GI5Q0UBZJ | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'attrib' on the volume 'HarddiskVolume1'. It has stopped
monitoring the volume.
< End of report >