Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop extremely slow, windows restore won't work,screen captures


  • This topic is locked This topic is locked

#31
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi Sharokc -
This computer has a few things going on.
First, it is pretty low on disk space, and that makes Windows rather unhappy :angry:
You only have about %10 free space, and Windows is happiest with at least %15, but even better at %20. Things will really slow down when you get below those magic numbers. I would really like to see you free up another 5gb - 6 gb, or as close to that as you can. You can move photos and music onto an external disk and remove old unused programs. I will include the command to empty your temporary files when I have you run the OTL fix, and we can see what that does for you free space.

Second, you seem to have multiple anti virus programs installed, Symantec Endpoint Protection, and at least one AVG program. You need only one, and in this case more is not better.
I would like to remove both of the AV programs you have on there now, as Symantec is not working correctly, and AVG is a resource hog.
Step 1
Please choose one of these 2 AV programs, they are both great programs, but remember that you only need one
Microsoft Security Essentials You will want the XP english version
or
Avast!
download one of them to your desktop and do not install it yet.
Next:
Download and run the Norton Removal tool from here
run the tool and follow the instructions on screen. You may have to reboot once or twice.

Next:
Download and run the AVG removal tool from here
run the tool and follow the instructions on screen. You may have to reboot once or twice with this one as well

Finally:
Please install the AV program you have previously downloaded to your desktop. It will want to do an update and a full scan of your computer, please let it.

Step 2
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
    [createrestorepoint]
    :OTL
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
    IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
    IE - HKU\S-1-5-21-790525478-1682526488-1801674531-500\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...6E-F2EEE32490CB
    IE - HKU\S-1-5-21-790525478-1682526488-1801674531-500\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
    O4 - HKLM..\Run: [T25Z627] C:\WINDOWS\sa-77400.exe ()
    O4 - HKU\S-1-5-21-790525478-1682526488-1801674531-500..\Run: [T1136400TT4] C:\WINDOWS\system32\16276867285l.exe ()
    O20 - HKLM Winlogon: Shell - ("C:\Documents and Settings\Administrator\Templates\O42525Z\TuxO42525Z.exe") - C:\Documents and Settings\Administrator\Templates\O42525Z\TuxO42525Z.exe ()
    O20 - HKLM Winlogon: UserInit - ("C:\WINDOWS\M13616\Ja178143bLay.com") - C:\WINDOWS\M13616\Ja178143bLay.com ()
    O27 - HKLM IFEO\msconfig.exe: Debugger - C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)
    O27 - HKLM IFEO\regedit.exe: Debugger - C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)
    O31 - SafeBoot: AlternateShell - 16276867285l.exe
    :files
    C:\Documents and Settings\Administrator\Templates\O42525Z
    C:\WINDOWS\M13616
    :commands
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 3
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Scan

Posted Image

A log will be produced at C:\ADWCleaner[XX].txt please attach that in your next post

Step 3
  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.
In your next reply I would like to see:
  • OTL scan log
  • ADWCleaner log
  • RKreport.txt file

  • 0

Advertisements


#32
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
i followed your instructions and the the av i downloaded to the desktop installed ok but wouldn't ever update the database so i don't know if it's on or not. the following is the otl log from the run fix first and then the otl i ran after that.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet

Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF

0FD2A59}\ deleted successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-

9C68-4BB3-B188-DD9AF0FD2A59}\ not found.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet

Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF

0FD2A69}\ deleted successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-

9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet

Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b4

88faccf}\ deleted successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-

5616-47cd-a95f-e43b488faccf}\ not found.
Registry key

HKEY_USERS\S-1-5-21-790525478-1682526488-1801674531-

500\Software\Microsoft\Internet

Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5

EBA4A7E}\ deleted successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-

C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key

HKEY_USERS\S-1-5-21-790525478-1682526488-1801674531-

500\Software\Microsoft\Internet

Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b4

88faccf}\ deleted successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-

5616-47cd-a95f-e43b488faccf}\ not found.
Registry value

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curren

tVersion\Run\\T25Z627 not found.
File C:\WINDOWS\sa-77400.exe not found.
Registry value

HKEY_USERS\S-1-5-21-790525478-1682526488-1801674531-

500\Software\Microsoft\Windows\CurrentVersion\Run\\T

1136400TT4 deleted successfully.
File C:\WINDOWS\system32\16276867285l.exe not found.
Registry value

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\\Shell:"C:\Documents and

Settings\Administrator\Templates\O42525Z\TuxO42525Z.

exe" deleted successfully.
C:\Documents and

Settings\Administrator\Templates\O42525Z\TuxO42525Z.

exe moved successfully.
Registry value

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\\UserInit:"C:\WINDOWS\M13

616\Ja178143bLay.com" deleted successfully.
C:\WINDOWS\M13616\Ja178143bLay.com moved

successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution

Options\msconfig.exe\ deleted successfully.
C:\WINDOWS\NOTEPAD.EXE moved successfully.
Registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution

Options\regedit.exe\ deleted successfully.
File C:\WINDOWS\NOTEPAD.EXE not found.
Registry value

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\

SafeBoot\\AlternateShell deleted successfully.
========== FILES ==========
C:\Documents and

Settings\Administrator\Templates\O42525Z folder

moved successfully.
C:\WINDOWS\M13616 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 1709320996 bytes
->Temporary Internet Files folder emptied: 30344730

bytes
->Java cache emptied: 17623 bytes
->FireFox cache emptied: 80059640 bytes
->Google Chrome cache emptied: 8656675 bytes
->Flash cache emptied: 107996 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170

bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 39528

bytes

User: NetworkService
->Temp folder emptied: 30010 bytes
->Temporary Internet Files folder emptied: 616028

bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0

bytes
%systemroot%\System32\drivers .tmp files removed: 0

bytes
Windows Temp folder emptied: 4346948 bytes
%systemroot%\system32\config\systemprofile\Local

Settings\Temp folder emptied: 126263836 bytes
%systemroot%\system32\config\systemprofile\Local

Settings\Temporary Internet Files folder emptied: 0

bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,869.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on

10212012_210351

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



OTL logfile created on: 10/21/12 9:29:17 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

1023.23 Mb Total Physical Memory | 463.53 Mb Available Physical Memory | 45.30% Memory free
2.40 Gb Paging File | 1.82 Gb Available in Paging File | 75.63% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 30.46 Gb Free Space | 54.51% Space Free | Partition Type: NTFS
Drive E: | 1.83 Gb Total Space | 0.64 Gb Free Space | 34.82% Space Free | Partition Type: FAT

Computer Name: WA68A7S1J249 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/21 21:02:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/20 22:46:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/01/01 09:23:10 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2009/11/12 08:24:48 | 000,323,584 | ---- | M] (Avanquest Software) -- C:\Program Files\Cricket Broadband Connect\mPhonetools.exe
PRC - [2009/10/19 15:51:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\AvqAutorun.exe
PRC - [2009/09/23 12:21:40 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/07/28 18:43:14 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Cricket Broadband Connect\Bytemobile\bmctl.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2005/04/29 17:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
PRC - [2004/10/14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/20 22:46:39 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/01/04 03:47:42 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/10/27 14:41:38 | 000,393,216 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\ModemWiz.dll
MOD - [2009/10/19 15:51:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\AvqAutorun.exe
MOD - [2006/11/29 17:26:48 | 000,053,248 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\VObject.dll
MOD - [2005/04/29 17:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
MOD - [2005/04/29 17:15:36 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Bigfoot Networks\Killer Driver\PortManager.exe -- (Killer Port Manager)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/29 11:41:26 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2009/07/02 15:45:58 | 001,799,496 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/07/02 15:45:58 | 000,320,840 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2009/07/02 15:45:58 | 000,108,392 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/07/02 15:45:58 | 000,108,392 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/07/02 15:45:56 | 002,440,120 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/12/10 15:46:58 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/21 21:10:07 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EDE1058E-78E8-42B8-915A-781C4E7030C6}\MpKsled47f748.sys -- (MpKsled47f748)
DRV - [2010/10/07 09:40:55 | 000,050,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)
DRV - [2010/10/07 09:40:18 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/06/21 18:07:20 | 000,078,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swiwdmbus.sys -- (swiwdmbus)
DRV - [2010/06/21 17:47:13 | 000,156,544 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumxa3.sys -- (SWUMXA3)
DRV - [2010/06/21 17:46:49 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2009/10/27 02:28:48 | 000,160,400 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWVsp.sys -- (PTUMWVsp)
DRV - [2009/10/27 02:28:36 | 000,115,216 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWNET.sys -- (PTUMWNET)
DRV - [2009/10/27 02:28:30 | 000,160,400 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWMdm.sys -- (PTUMWMdm)
DRV - [2009/10/27 02:28:24 | 000,012,048 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWFLT.sys -- (PTUMWFLT)
DRV - [2009/10/27 02:28:12 | 000,022,032 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTUMWCDF.sys -- (PTUMWCDF)
DRV - [2009/10/27 02:28:02 | 000,054,544 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWBus.sys -- (PTUMWBus)
DRV - [2009/07/02 15:46:00 | 000,319,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2009/07/02 15:46:00 | 000,280,112 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2009/07/02 15:46:00 | 000,043,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2009/07/02 15:46:00 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2009/07/02 15:45:58 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2009/07/02 15:45:58 | 000,038,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WGX.SYS -- (WGX)
DRV - [2009/07/02 15:45:54 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/04/24 17:39:22 | 000,022,656 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009/04/24 17:39:20 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/01/14 02:00:00 | 000,876,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090114.024\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/01/14 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/01/14 02:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090114.024\NAVENG.SYS -- (NAVENG)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/15 07:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/03/14 13:21:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/03/14 13:19:24 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/03/14 13:18:00 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/03/14 13:15:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/03/14 13:14:52 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/14 13:12:02 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/03/14 13:10:56 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/15 17:26:18 | 001,153,728 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/01/04 08:49:00 | 000,243,712 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/09/17 11:01:50 | 000,028,672 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/09/14 12:45:24 | 000,050,560 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/08/11 16:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/09/14 16:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yahoo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google....en&shva=1#inbox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{47304EF8-38BE-417A-AEE5-20E94E237522}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\..\SearchScopes\{88070E74-CC0A-43AE-ACC3-4254A1969FAF}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{E6640DB9-AE70-4F4E-863F-1E69BBB475E4}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29: C:\PROGRA~1\MEADCO~1\npmeadax.dll (MeadCo Corp.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.97: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/23 00:23:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Cricket Broadband Connect\Bytemobile\addon\ [2012/05/19 22:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/20 22:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/30 08:11:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/13 18:35:03 | 000,000,000 | ---D | M]

[2011/02/22 08:46:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/10/19 15:39:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions
[2011/01/27 22:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/10/19 15:39:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/02/26 23:38:47 | 000,000,000 | ---D | M] (Microsoft Default Manager) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\DefaultManager@Microsoft
[2012/02/06 01:12:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/22 05:10:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/02/23 00:23:18 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/03/20 22:46:41 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/22 05:10:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/30 21:50:28 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: MeadCo's Neptune (Enabled) = C:\PROGRA~1\MEADCO~1\npmeadax.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: getPlusPlus for Adobe 16297 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/01/18 13:42:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [{F9AA8FE2-E89A-E99B-E8b8-E9AE9B9ABA99}] C:\Program Files\Cricket Broadband Connect\AvqAutoRun.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (UniPrint, a division of GFI Business Solutions Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe ()
O4 - HKCU..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (UniPrint, a division of GFI Business Solutions Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Cricket Broadband Connect.lnk = C:\Program Files\Cricket Broadband Connect\mPhonetools.exe (Avanquest Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - c:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - c:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - c:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - c:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: eset.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([accounts] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mycricket.com ([bb] http in Local intranet)
O15 - HKCU\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netflix.com ([movies] http in Trusted sites)
O15 - HKCU\..Trusted Domains: rapidsurveygroup.com ([www] http in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1286464238343 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1346393699108 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C5A7D325-20E3-4183-9FBE-BEF5359188E3} http://www.cisgroup....RapidSketch.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} http://www.rapidsurv...RSG/XUpload.ocx (Persits Software XUpload)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5}: NameServer = 10.133.20.11 10.132.20.11
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/07 09:35:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/21 21:03:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/21 19:19:38 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\system32\MpSigStub.exe
[2012/10/19 16:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2012/10/19 16:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/10/18 19:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Outlook Files
[2012/05/19 22:45:25 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe1B.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/21 21:35:00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{94F167EE-7096-4173-8F22-F4FFAB67DEAE}.job
[2012/10/21 21:19:15 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/21 21:19:04 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/10/21 21:11:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Administrator.job
[2012/10/21 21:11:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-1682526488-1801674531-500.job
[2012/10/21 21:10:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/21 21:09:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/21 21:08:05 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012/10/21 20:47:15 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1682526488-1801674531-500UA.job
[2012/10/21 17:09:18 | 000,594,922 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/21 17:09:18 | 000,117,736 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/21 16:52:45 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/10/19 16:19:40 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/10/19 15:36:08 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/10/18 22:47:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1682526488-1801674531-500Core.job
[2012/10/18 14:37:42 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-1682526488-1801674531-500.job
[2012/10/15 10:02:59 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/29 06:47:17 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Administrator.job
[2012/09/29 04:23:08 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Administrator.job
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/21 19:19:57 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/10/19 16:29:32 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/19 16:19:40 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/09/29 04:23:06 | 000,000,444 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Administrator.job
[2012/09/29 04:23:03 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Administrator.job
[2012/09/29 04:23:02 | 000,000,434 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Administrator.job
[2012/06/03 21:42:19 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2012/05/19 22:45:39 | 000,010,440 | ---- | C] () -- C:\WINDOWS\System32\ptumwcit.dll
[2012/02/14 22:51:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/29 01:21:05 | 000,398,336 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\store-pp.db
[2011/11/19 19:16:46 | 002,154,708 | ---- | C] () -- C:\Documents and Settings\Administrator\heater.JPG
[2011/11/19 17:56:06 | 000,117,383 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0766.jpg
[2011/11/19 17:56:04 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0679.jpg
[2011/11/03 01:03:08 | 001,879,252 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0801.JPG
[2011/11/03 01:03:06 | 001,704,564 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0800.JPG
[2011/11/03 01:03:04 | 002,090,740 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0799.JPG
[2011/10/11 09:16:20 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/08/07 22:28:08 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/07 22:28:08 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/03/18 20:16:09 | 000,749,532 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-790525478-1682526488-1801674531-500-0.dat
[2011/03/18 03:23:16 | 000,284,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/10 18:13:58 | 000,043,800 | ---- | C] () -- C:\Documents and Settings\Administrator\GRAY1170.jpg
[2011/03/10 18:13:57 | 000,056,803 | ---- | C] () -- C:\Documents and Settings\Administrator\GRAY1169.jpg
[2011/03/05 21:29:27 | 000,034,820 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2011/02/20 17:01:10 | 000,002,095 | ---- | C] () -- C:\Documents and Settings\Administrator\ganesa_sm.jpg
[2011/02/17 02:36:45 | 000,714,590 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2011/01/22 22:34:04 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/16 20:31:31 | 000,057,788 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/01/08 13:28:59 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/28 18:48:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dvm.INI
[2010/12/21 19:39:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 23:19:42 | 000,006,855 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PrimoPDFSet.xml
[2010/12/17 12:26:29 | 000,017,614 | ---- | C] () -- C:\Documents and Settings\Administrator\golf cart.jpg
[2010/12/08 09:18:20 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/08 09:15:42 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/10/07 10:11:04 | 000,000,194 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.old
[2010/10/07 09:53:28 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.new
[2010/10/07 09:53:28 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.bfm
[2010/02/11 21:36:32 | 003,653,120 | ---- | C] () -- C:\Program Files\SSCERuntime_x64-ENU.msi
[2010/02/11 21:36:18 | 003,164,160 | ---- | C] () -- C:\Program Files\SSCERuntime_x86-ENU.msi

========== ZeroAccess Check ==========

[2010/12/07 23:49:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 07:10:44 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009/09/23 12:21:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/01 16:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG10
[2012/03/18 10:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011/11/14 20:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.pruvan.PruvanOffice.D20FAAC2DD0C878F730FBC057EBFAB9559258FC2.1
[2012/02/19 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.w3i.musicrockstar
[2011/02/17 02:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Easy MP3 Recorder
[2011/11/17 14:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2011/03/25 15:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Harmonisoft
[2012/02/13 21:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia
[2012/02/13 21:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia Suite
[2012/02/01 09:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2011/01/20 17:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PrimoPDF
[2011/08/16 21:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sierra Wireless
[2010/12/10 11:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\UniPrint
[2010/12/17 00:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VTExtra
[2010/12/21 20:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/12/22 06:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2011/03/17 21:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2012/10/19 15:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/05/19 22:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/10/06 13:01:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/02/01 16:32:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/18 23:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iMesh
[2011/11/05 23:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012/01/08 12:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/03/17 08:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/11/05 23:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/08/16 21:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2011/08/06 04:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/01/16 14:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/18 23:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BD8912D9-3040-46C4-B96A-4C3AC7E43486}

========== Purity Check ==========



< End of report >
  • 0

#33
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi there,

Did you forget to run the ADWCleaner, and RogueKiller in my post here ?

No problem if you need more time....

You say that the new anti virus seems like it's not updating, does the castle icon in the system tray appear to be green with a white checkmark? if so then it's working ok. If not, let me know. I am going over your OTL log file now.
  • 0

#34
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
adwcleaner log

# AdwCleaner v2.005 - Logfile created 10/22/2012 at 21:53:15
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - WA68A7S1J249
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Program Files\Free Offers from Freeze.com

***** [Registry] *****

Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Found : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Found : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-790525478-1682526488-1801674531-500\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://mail.google.com/mail/?hl=en&shva=1#inbox

-\\ Mozilla Firefox v11.0 (en-US)

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\prefs.js

Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("extensions.crossriderapp1950.adsOldValue", -1);

-\\ Google Chrome v22.0.1229.94

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6083 octets] - [22/10/2012 21:53:15]

########## EOF - C:\AdwCleaner[R1].txt - [6143 octets] ##########
  • 0

#35
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
yeah i needed more time. below is the log from the roguekiller. don't really know if performance has improved. haven't been home to check it out lately but it has to be better since before now i couldn't even download anything.

RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Scan -- Date : 10/22/2012 22:24:31

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5} : NameServer (10.133.20.11 10.132.20.11) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHW2060BH +++++
--- User ---
[MBR] 953b3245beb8bf591cfb66176f71fde0
[BSP] 7201510381a75f2e2d3f040c2d01c6bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57223 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] a8f09edaf25108183af99ec59c641738
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 137 | Size: 1875 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt
  • 0

#36
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi again,
I see that you have stopzilla installed on this machine. I would be very careful with that one, I consider it kind of sketchy myself. Use MalwareBytes instead, as I recommended for your other computer.
Did you have a thumb drive, or a SD type card plugged into your computer when you ran RogueKiller? If not, can you tell me more about your e: drive?
Step 1
You still have parts of Symantec Endpoint anti virus hanging around. I would like to get rid of them, as they will interfere with your current anti virus.
Please download Cleanwipe from here
you will need to log in with the following credentials:
Login ID: cleanwipeutility
Password: CL3@nw!p3
You will need to check the box next to Cleanwipe-v12.1.1101.401.zip then click on the download button just above the check box
Once you have downloaded the utility, please follow these instructions.

Note: The zip file is password protected.
Un-Zip Password: symantec

1. Extract the file to a new folder in a convenient location, such as the Desktop, using the un-zip password provided above.
2. Browse to the new folder and execute the utility by double clicking 'CleanWipe.exe'
3. Follow the on-screen instructions.

The utility runs in verbose mode and will ask you about the components you want uninstalled. You will want to uninstall all the components.


Step 2

Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 3

  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.

Posted Image

  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 4
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

In your next reply I would like to see:
  • Did the endpoint removal go smoothly?
  • ADWcleaner log
  • RKreport.txt RogueKiller log files
  • Fresh OTL scan
  • How is the computer running? Is MSE updating properly now?

  • 0

#37
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
i don't know what stopzilla is and am happy to get rid of anything that you don't recommend. i thought i had malwarebytes but also i haven't used this machine in several months since it's performance was so bad. i found the stopzilla in the download file but it didn't show up in the add/remove programs in the control panel or in the all programs menu so i'm going to assume it's gone. there are other programs in the programs file that i don't recognize so whatever we can clean out is great. i'm expecially concerned about one called bigfoot with something in it called killer drive but i haven't done anything with that yet. i'm sending you a screenshop of the c: drive in windows explorer so you can see all the blue. don't know what's up with that. am starting on your latest instructions now and will reply again shortly with the info you requested.

thanks again so much.
so good to finally get this machine back on track. it's my favorite.
sharscreenshot4gtg102412.jpg
  • 0

#38
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
following is the info/results you asked for

# AdwCleaner v2.005 - Logfile created 10/24/2012 at 10:55:21
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - WA68A7S1J249
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Program Files\Free Offers from Freeze.com

***** [Registry] *****

Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://mail.google.com/mail/?hl=en&shva=1#inbox --> hxxp://www.google.com

-\\ Mozilla Firefox v11.0 (en-US)

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\prefs.js

C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\user.js ... Deleted !

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("extensions.crossriderapp1950.adsOldValue", -1);

*************************

AdwCleaner[R1].txt - [6212 octets] - [22/10/2012 21:53:15]
AdwCleaner[R2].txt - [5920 octets] - [24/10/2012 10:53:58]
AdwCleaner[S1].txt - [5977 octets] - [24/10/2012 10:55:21]

########## EOF - C:\AdwCleaner[S1].txt - [6037 octets] ##########


rogue cleaner left 6 files on my desktop so i've copied and pasted all 6 here

RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Scan -- Date : 10/22/2012 22:24:31

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5} : NameServer (10.133.20.11 10.132.20.11) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHW2060BH +++++
--- User ---
[MBR] 953b3245beb8bf591cfb66176f71fde0
[BSP] 7201510381a75f2e2d3f040c2d01c6bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57223 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] a8f09edaf25108183af99ec59c641738
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 137 | Size: 1875 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt


RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Scan -- Date : 10/24/2012 11:21:37

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5} : NameServer (10.133.20.11 10.132.20.11) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHW2060BH +++++
--- User ---
[MBR] 953b3245beb8bf591cfb66176f71fde0
[BSP] 7201510381a75f2e2d3f040c2d01c6bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57223 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt



RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Remove -- Date : 10/24/2012 11:21:51

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5} : NameServer (10.133.20.11 10.132.20.11) -> NOT REMOVED, USE DNSFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHW2060BH +++++
--- User ---
[MBR] 953b3245beb8bf591cfb66176f71fde0
[BSP] 7201510381a75f2e2d3f040c2d01c6bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57223 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt



RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Remove -- Date : 10/24/2012 11:21:58

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5} : NameServer (10.133.20.11 10.132.20.11) -> NOT REMOVED, USE DNSFIX

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHW2060BH +++++
--- User ---
[MBR] 953b3245beb8bf591cfb66176f71fde0
[BSP] 7201510381a75f2e2d3f040c2d01c6bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57223 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt



RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Remove -- Date : 10/24/2012 11:22:14

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5} : NameServer (10.133.20.11 10.132.20.11) -> NOT REMOVED, USE DNSFIX

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHW2060BH +++++
--- User ---
[MBR] 953b3245beb8bf591cfb66176f71fde0
[BSP] 7201510381a75f2e2d3f040c2d01c6bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57223 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt



RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Shortcuts HJfix -- Date : 10/24/2012 11:24:58

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 3 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 7 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 76 / Fail 0
My documents: Success 9 / Fail 9
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 142 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

Finished : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt


OTL logfile created on: 10/24/12 11:29:32 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

1023.23 Mb Total Physical Memory | 389.59 Mb Available Physical Memory | 38.07% Memory free
2.40 Gb Paging File | 1.86 Gb Available in Paging File | 77.53% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 30.32 Gb Free Space | 54.25% Space Free | Partition Type: NTFS

Computer Name: WA68A7S1J249 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/24 11:27:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL(1).exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/20 22:46:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/02/18 08:59:28 | 000,282,648 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/01/01 09:23:10 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2009/11/12 08:24:48 | 000,323,584 | ---- | M] (Avanquest Software) -- C:\Program Files\Cricket Broadband Connect\mPhonetools.exe
PRC - [2009/10/19 15:51:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\AvqAutorun.exe
PRC - [2009/09/23 12:21:40 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/07/28 18:43:14 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Cricket Broadband Connect\Bytemobile\bmctl.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2005/04/29 17:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
PRC - [2004/10/14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/20 22:46:39 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/01/04 03:47:42 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/01/01 09:26:30 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/10/27 14:41:38 | 000,393,216 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\ModemWiz.dll
MOD - [2009/10/19 15:51:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\AvqAutorun.exe
MOD - [2006/11/29 17:26:48 | 000,053,248 | ---- | M] () -- C:\Program Files\Cricket Broadband Connect\VObject.dll
MOD - [2005/04/29 17:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
MOD - [2005/04/29 17:15:36 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Bigfoot Networks\Killer Driver\PortManager.exe -- (Killer Port Manager)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/29 11:41:26 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/24 10:58:17 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7DBA66B3-16D6-4A80-9AC4-3FCAA7731020}\MpKsld69bd985.sys -- (MpKsld69bd985)
DRV - [2010/06/21 18:07:20 | 000,078,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swiwdmbus.sys -- (swiwdmbus)
DRV - [2010/06/21 17:47:13 | 000,156,544 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumxa3.sys -- (SWUMXA3)
DRV - [2010/06/21 17:46:49 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2009/10/27 02:28:48 | 000,160,400 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWVsp.sys -- (PTUMWVsp)
DRV - [2009/10/27 02:28:36 | 000,115,216 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWNET.sys -- (PTUMWNET)
DRV - [2009/10/27 02:28:30 | 000,160,400 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWMdm.sys -- (PTUMWMdm)
DRV - [2009/10/27 02:28:24 | 000,012,048 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWFLT.sys -- (PTUMWFLT)
DRV - [2009/10/27 02:28:12 | 000,022,032 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTUMWCDF.sys -- (PTUMWCDF)
DRV - [2009/10/27 02:28:02 | 000,054,544 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PTUMWBus.sys -- (PTUMWBus)
DRV - [2009/04/24 17:39:22 | 000,022,656 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009/04/24 17:39:20 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/15 07:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/03/14 13:21:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/03/14 13:19:24 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/03/14 13:18:00 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/03/14 13:15:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/03/14 13:14:52 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/14 13:12:02 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/03/14 13:10:56 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/15 17:26:18 | 001,153,728 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/01/04 08:49:00 | 000,243,712 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/09/17 11:01:50 | 000,028,672 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/09/14 12:45:24 | 000,050,560 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/08/11 16:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/09/14 16:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yahoo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29: C:\PROGRA~1\MEADCO~1\npmeadax.dll (MeadCo Corp.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.97: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/23 00:23:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Cricket Broadband Connect\Bytemobile\addon\ [2012/05/19 22:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/20 22:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/30 08:11:13 | 000,000,000 | ---D | M]

[2011/02/22 08:46:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/10/22 21:47:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions
[2011/01/27 22:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/10/19 15:39:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/02/26 23:38:47 | 000,000,000 | ---D | M] (Microsoft Default Manager) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\DefaultManager@Microsoft
[2012/02/06 01:12:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/22 05:10:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/02/23 00:23:18 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/03/20 22:46:41 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/22 05:10:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/30 21:50:28 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/01/18 13:42:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [{F9AA8FE2-E89A-E99B-E8b8-E9AE9B9ABA99}] C:\Program Files\Cricket Broadband Connect\AvqAutoRun.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (UniPrint, a division of GFI Business Solutions Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe ()
O4 - HKCU..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (UniPrint, a division of GFI Business Solutions Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Cricket Broadband Connect.lnk = C:\Program Files\Cricket Broadband Connect\mPhonetools.exe (Avanquest Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - c:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - c:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - c:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - c:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: eset.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([accounts] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mycricket.com ([bb] http in Local intranet)
O15 - HKCU\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netflix.com ([movies] http in Trusted sites)
O15 - HKCU\..Trusted Domains: rapidsurveygroup.com ([www] http in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1286464238343 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1346393699108 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C5A7D325-20E3-4183-9FBE-BEF5359188E3} http://www.cisgroup....RapidSketch.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} http://www.rapidsurv...RSG/XUpload.ocx (Persits Software XUpload)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5}: NameServer = 10.133.20.11 10.132.20.11
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/07 09:35:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/24 10:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CleanWipe
[2012/10/24 10:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\cleanwipe4gtg
[2012/10/22 22:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\RK_Quarantine
[2012/10/21 21:03:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/21 19:19:38 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\system32\MpSigStub.exe
[2012/10/19 16:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2012/10/19 16:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/10/18 19:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Outlook Files
[2012/05/19 22:45:25 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe1B.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/24 11:35:00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{94F167EE-7096-4173-8F22-F4FFAB67DEAE}.job
[2012/10/24 11:07:57 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/24 11:07:54 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/10/24 10:59:34 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-1682526488-1801674531-500.job
[2012/10/24 10:59:21 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Administrator.job
[2012/10/24 10:58:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/24 10:57:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/24 10:56:44 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012/10/24 10:38:05 | 000,305,713 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\error reporting 4gtg.jpg
[2012/10/24 09:58:15 | 000,401,524 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\screenshot4gtg102412.jpg
[2012/10/24 09:45:57 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-1682526488-1801674531-500.job
[2012/10/21 17:09:18 | 000,594,922 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/21 17:09:18 | 000,117,736 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/21 16:52:45 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/10/19 16:19:40 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/10/19 15:36:08 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/29 06:47:17 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Administrator.job
[2012/09/29 04:23:08 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Administrator.job
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/24 10:38:04 | 000,305,713 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\error reporting 4gtg.jpg
[2012/10/24 09:58:15 | 000,401,524 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\screenshot4gtg102412.jpg
[2012/10/21 19:19:57 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/10/19 16:29:32 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/19 16:19:40 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/09/29 04:23:06 | 000,000,444 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Administrator.job
[2012/09/29 04:23:03 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Administrator.job
[2012/09/29 04:23:02 | 000,000,434 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Administrator.job
[2012/06/03 21:42:19 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2012/05/19 22:45:39 | 000,010,440 | ---- | C] () -- C:\WINDOWS\System32\ptumwcit.dll
[2012/02/14 22:51:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/29 01:21:05 | 000,398,336 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\store-pp.db
[2011/11/19 19:16:46 | 002,154,708 | ---- | C] () -- C:\Documents and Settings\Administrator\heater.JPG
[2011/11/19 17:56:06 | 000,117,383 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0766.jpg
[2011/11/19 17:56:04 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0679.jpg
[2011/11/03 01:03:08 | 001,879,252 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0801.JPG
[2011/11/03 01:03:06 | 001,704,564 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0800.JPG
[2011/11/03 01:03:04 | 002,090,740 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0799.JPG
[2011/10/11 09:16:20 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/08/07 22:28:08 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/07 22:28:08 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/03/18 20:16:09 | 000,749,532 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-790525478-1682526488-1801674531-500-0.dat
[2011/03/18 03:23:16 | 000,284,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/10 18:13:58 | 000,043,800 | ---- | C] () -- C:\Documents and Settings\Administrator\GRAY1170.jpg
[2011/03/10 18:13:57 | 000,056,803 | ---- | C] () -- C:\Documents and Settings\Administrator\GRAY1169.jpg
[2011/02/20 17:01:10 | 000,002,095 | ---- | C] () -- C:\Documents and Settings\Administrator\ganesa_sm.jpg
[2011/02/17 02:36:45 | 000,714,590 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2011/01/22 22:34:04 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/16 20:31:31 | 000,057,788 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/01/08 13:28:59 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/28 18:48:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dvm.INI
[2010/12/21 19:39:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 23:19:42 | 000,006,855 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PrimoPDFSet.xml
[2010/12/17 12:26:29 | 000,017,614 | ---- | C] () -- C:\Documents and Settings\Administrator\golf cart.jpg
[2010/12/08 09:18:20 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/08 09:15:42 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/10/07 10:11:04 | 000,000,194 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.old
[2010/10/07 09:53:28 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.new
[2010/10/07 09:53:28 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.bfm
[2010/02/11 21:36:32 | 003,653,120 | ---- | C] () -- C:\Program Files\SSCERuntime_x64-ENU.msi
[2010/02/11 21:36:18 | 003,164,160 | ---- | C] () -- C:\Program Files\SSCERuntime_x86-ENU.msi

========== ZeroAccess Check ==========

[2010/12/07 23:49:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 07:10:44 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009/09/23 12:21:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/01 16:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG10
[2012/03/18 10:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011/11/14 20:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.pruvan.PruvanOffice.D20FAAC2DD0C878F730FBC057EBFAB9559258FC2.1
[2012/02/19 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.w3i.musicrockstar
[2011/02/17 02:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Easy MP3 Recorder
[2011/11/17 14:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2011/03/25 15:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Harmonisoft
[2012/10/24 09:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia
[2012/10/24 09:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia Suite
[2012/02/01 09:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2011/01/20 17:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PrimoPDF
[2011/08/16 21:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sierra Wireless
[2010/12/10 11:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\UniPrint
[2010/12/17 00:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VTExtra
[2010/12/21 20:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/12/22 06:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2011/03/17 21:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2012/10/19 15:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/05/19 22:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/10/06 13:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/02/01 16:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/18 23:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iMesh
[2011/11/05 23:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012/01/08 12:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/03/17 08:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/11/05 23:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/08/16 21:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2011/08/06 04:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/01/16 14:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/18 23:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BD8912D9-3040-46C4-B96A-4C3AC7E43486}

========== Purity Check ==========



< End of report >


the endpoint synantic removal appears to have been successful! YEA!!
mse icon is green so it's working fine also YEA!YEA!

waiting for further instructions.
thanks, shar :cheers:
  • 0

#39
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
update since last post

when clicking start and turn off computer hang on the "saving your settings" window and goes no further.
must hold power button down to turn off.

haven't noticed anything else yet
thanks
  • 0

#40
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi Shar,
Making you happy with this computer will also make me happy, so I am anxious to get it done :)

Don't worry about the bigfoot program you mention, it is a port manager designed to help keep games from lagging. Read about it here and here

The file names that you see in blue are files that are being compressed by Windows. At some point you probably ran Disk Cleanup, or maybe you turned on disk compression for these files. If you want to turn the compression off on a file or a folder, you will need to right click the file or folder, and select properties. From there click on the Advanced button and uncheck the box for Compress contents to save disk space. Some files and folders are automatically compressed by Windows, so I would leave anything in the Windows folder alone.

Looking at your list of programs, I would recommend that you uninstall a program called Moozy. The rest don't seem to be harmful, but you can feel free to uninstall any program that you don't use any more. There is one called Bonjour, that is part of ITunes, so don't remove that one, or ITunes might not work correctly.

For your shutdown issues, I have a program for you to run that will show me your event logs. If I don't see anything wrong in there, I have another plan to find the issue.

Step 1
Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2
Before you do the following step, I would like you to shut down your computer. If it hangs up and you have to use the power button, that's fine.
When you re start it, go right to this step. When you enter the date, please pay attention to the format, it wants date/month/year - make sure to use the current date, whenever you get to run it. I stuck in today's date as an example.

  • Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  • Double-click VEW.exe
  • Under 'Select log to query', select:
  • Application
  • System
<li>Under 'Select type to list', select:
  • Error
  • Warning
Then use the 'Date of events' or 'Number of events' as follows:

  • Click the radio button for 'Date of events'
    In the From: boxes type today's date (presuming the crash happened today) 25 10 2012
    In the To: boxes type today's date (presuming the crash happened today) 25 10 2012
    Then click the Run button.
    Notepad will open with the output log.
Please post the Output log in your next reply

In your next reply I would like to see:
  • checkup.txt
  • the log file from Vino's Event Viewer Tool
  • Other than the hangup at shutdown, how is the computer doing?

  • 0

Advertisements


#41
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
Results of screen317's Security Check version 0.99.54
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Java™ 6 Update 30
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.1.102.64 Flash Player out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox 11.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#42
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 30/10/2012 11:21:30 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No 'Application' log error events found from 30/10/2012 to 30/10/2012

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No 'Application' log warning events found from 30/10/2012 to 30/10/2012

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No 'System' log error events found from 30/10/2012 to 30/10/2012

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No 'System' log warning events found from 30/10/2012 to 30/10/2012


ill use it for a bit and let you know how it's doing.
  • 0

#43
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi,
Looks like I made a mistake in my instructions for the VEW program.:blush:
Would you try that again,
Repeat Step 2 in my last post, but please use the previous days date in the FROM boxes, and the current days date in the TO boxes.
So if you get to it today, the From date would be 29 10 2012 and the to date would be 30 10 2012
That should produce a log with some data in it.
Sorry about that.
  • 0

#44
sharokc

sharokc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
no problem. below is the log.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 01/11/2012 9:34:53 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 31/10/2012 9:20:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 237547

Log: 'Application' Date/Time: 31/10/2012 9:20:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:24 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 235578

Log: 'Application' Date/Time: 31/10/2012 9:20:24 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 235578

Log: 'Application' Date/Time: 31/10/2012 9:20:24 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:22 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 233625

Log: 'Application' Date/Time: 31/10/2012 9:20:22 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 233625

Log: 'Application' Date/Time: 31/10/2012 9:20:22 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:20 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 231672

Log: 'Application' Date/Time: 31/10/2012 9:20:20 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 231672

Log: 'Application' Date/Time: 31/10/2012 9:20:20 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:18 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 229703

Log: 'Application' Date/Time: 31/10/2012 9:20:18 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 229703

Log: 'Application' Date/Time: 31/10/2012 9:20:18 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:16 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 227750

Log: 'Application' Date/Time: 31/10/2012 9:20:16 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 227750

Log: 'Application' Date/Time: 31/10/2012 9:20:16 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 225797

Log: 'Application' Date/Time: 31/10/2012 9:20:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 225797

Log: 'Application' Date/Time: 31/10/2012 9:20:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 223828

Log: 'Application' Date/Time: 31/10/2012 9:20:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 223828

Log: 'Application' Date/Time: 31/10/2012 9:20:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 221875

Log: 'Application' Date/Time: 31/10/2012 9:20:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 221875

Log: 'Application' Date/Time: 31/10/2012 9:20:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 219922

Log: 'Application' Date/Time: 31/10/2012 9:20:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 219922

Log: 'Application' Date/Time: 31/10/2012 9:20:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 217969

Log: 'Application' Date/Time: 31/10/2012 9:20:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 217969

Log: 'Application' Date/Time: 31/10/2012 9:20:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 216000

Log: 'Application' Date/Time: 31/10/2012 9:20:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 216000

Log: 'Application' Date/Time: 31/10/2012 9:20:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:02 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 214047

Log: 'Application' Date/Time: 31/10/2012 9:20:02 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 214047

Log: 'Application' Date/Time: 31/10/2012 9:20:02 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:20:00 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 212094

Log: 'Application' Date/Time: 31/10/2012 9:20:00 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 212094

Log: 'Application' Date/Time: 31/10/2012 9:20:00 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:58 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 210125

Log: 'Application' Date/Time: 31/10/2012 9:19:58 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 210125

Log: 'Application' Date/Time: 31/10/2012 9:19:58 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:56 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 208172

Log: 'Application' Date/Time: 31/10/2012 9:19:56 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 208172

Log: 'Application' Date/Time: 31/10/2012 9:19:56 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:54 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 206219

Log: 'Application' Date/Time: 31/10/2012 9:19:54 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 206219

Log: 'Application' Date/Time: 31/10/2012 9:19:54 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:52 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 204250

Log: 'Application' Date/Time: 31/10/2012 9:19:52 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 204250

Log: 'Application' Date/Time: 31/10/2012 9:19:52 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 202297

Log: 'Application' Date/Time: 31/10/2012 9:19:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 202297

Log: 'Application' Date/Time: 31/10/2012 9:19:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 200344

Log: 'Application' Date/Time: 31/10/2012 9:19:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 200344

Log: 'Application' Date/Time: 31/10/2012 9:19:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 198375

Log: 'Application' Date/Time: 31/10/2012 9:19:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 198375

Log: 'Application' Date/Time: 31/10/2012 9:19:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 196422

Log: 'Application' Date/Time: 31/10/2012 9:19:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 196422

Log: 'Application' Date/Time: 31/10/2012 9:19:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 194469

Log: 'Application' Date/Time: 31/10/2012 9:19:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 194469

Log: 'Application' Date/Time: 31/10/2012 9:19:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 192500

Log: 'Application' Date/Time: 31/10/2012 9:19:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 192500

Log: 'Application' Date/Time: 31/10/2012 9:19:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 190547

Log: 'Application' Date/Time: 31/10/2012 9:19:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 190547

Log: 'Application' Date/Time: 31/10/2012 9:19:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:37 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 188594

Log: 'Application' Date/Time: 31/10/2012 9:19:37 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 188594

Log: 'Application' Date/Time: 31/10/2012 9:19:37 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:35 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 186625

Log: 'Application' Date/Time: 31/10/2012 9:19:35 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 186625

Log: 'Application' Date/Time: 31/10/2012 9:19:35 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 184672

Log: 'Application' Date/Time: 31/10/2012 9:19:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 184672

Log: 'Application' Date/Time: 31/10/2012 9:19:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:31 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 182719

Log: 'Application' Date/Time: 31/10/2012 9:19:31 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 182719

Log: 'Application' Date/Time: 31/10/2012 9:19:31 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:29 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 180750

Log: 'Application' Date/Time: 31/10/2012 9:19:29 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 180750

Log: 'Application' Date/Time: 31/10/2012 9:19:29 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:27 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 178797

Log: 'Application' Date/Time: 31/10/2012 9:19:27 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 178797

Log: 'Application' Date/Time: 31/10/2012 9:19:27 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 176844

Log: 'Application' Date/Time: 31/10/2012 9:19:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 176844

Log: 'Application' Date/Time: 31/10/2012 9:19:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:23 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 174875

Log: 'Application' Date/Time: 31/10/2012 9:19:23 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 174875

Log: 'Application' Date/Time: 31/10/2012 9:19:23 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:21 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 172906

Log: 'Application' Date/Time: 31/10/2012 9:19:21 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 172906

Log: 'Application' Date/Time: 31/10/2012 9:19:21 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:19 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 170953

Log: 'Application' Date/Time: 31/10/2012 9:19:19 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 170953

Log: 'Application' Date/Time: 31/10/2012 9:19:19 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 169000

Log: 'Application' Date/Time: 31/10/2012 9:19:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 169000

Log: 'Application' Date/Time: 31/10/2012 9:19:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:15 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 167031

Log: 'Application' Date/Time: 31/10/2012 9:19:15 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 167031

Log: 'Application' Date/Time: 31/10/2012 9:19:15 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:13 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 165078

Log: 'Application' Date/Time: 31/10/2012 9:19:13 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 165078

Log: 'Application' Date/Time: 31/10/2012 9:19:13 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:11 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 163125

Log: 'Application' Date/Time: 31/10/2012 9:19:11 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 163125

Log: 'Application' Date/Time: 31/10/2012 9:19:11 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:09 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 161156

Log: 'Application' Date/Time: 31/10/2012 9:19:09 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 161156

Log: 'Application' Date/Time: 31/10/2012 9:19:09 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:07 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 159203

Log: 'Application' Date/Time: 31/10/2012 9:19:07 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 159203

Log: 'Application' Date/Time: 31/10/2012 9:19:07 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:05 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 157250

Log: 'Application' Date/Time: 31/10/2012 9:19:05 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 157250

Log: 'Application' Date/Time: 31/10/2012 9:19:05 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:03 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 155281

Log: 'Application' Date/Time: 31/10/2012 9:19:03 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 155281

Log: 'Application' Date/Time: 31/10/2012 9:19:03 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:19:01 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 153328

Log: 'Application' Date/Time: 31/10/2012 9:19:01 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 153328

Log: 'Application' Date/Time: 31/10/2012 9:19:01 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:59 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 151375

Log: 'Application' Date/Time: 31/10/2012 9:18:59 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 151375

Log: 'Application' Date/Time: 31/10/2012 9:18:59 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:57 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 149406

Log: 'Application' Date/Time: 31/10/2012 9:18:57 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 149406

Log: 'Application' Date/Time: 31/10/2012 9:18:57 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 147453

Log: 'Application' Date/Time: 31/10/2012 9:18:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 147453

Log: 'Application' Date/Time: 31/10/2012 9:18:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 145500

Log: 'Application' Date/Time: 31/10/2012 9:18:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 145500

Log: 'Application' Date/Time: 31/10/2012 9:18:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:51 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 143531

Log: 'Application' Date/Time: 31/10/2012 9:18:51 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 143531

Log: 'Application' Date/Time: 31/10/2012 9:18:51 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 141578

Log: 'Application' Date/Time: 31/10/2012 9:18:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 141578

Log: 'Application' Date/Time: 31/10/2012 9:18:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 139625

Log: 'Application' Date/Time: 31/10/2012 9:18:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 139625

Log: 'Application' Date/Time: 31/10/2012 9:18:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 137656

Log: 'Application' Date/Time: 31/10/2012 9:18:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 137656

Log: 'Application' Date/Time: 31/10/2012 9:18:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 135703

Log: 'Application' Date/Time: 31/10/2012 9:18:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 135703

Log: 'Application' Date/Time: 31/10/2012 9:18:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 133750

Log: 'Application' Date/Time: 31/10/2012 9:18:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 133750

Log: 'Application' Date/Time: 31/10/2012 9:18:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 131781

Log: 'Application' Date/Time: 31/10/2012 9:18:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 131781

Log: 'Application' Date/Time: 31/10/2012 9:18:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 129828

Log: 'Application' Date/Time: 31/10/2012 9:18:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 129828

Log: 'Application' Date/Time: 31/10/2012 9:18:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:36 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 127875

Log: 'Application' Date/Time: 31/10/2012 9:18:36 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 127875

Log: 'Application' Date/Time: 31/10/2012 9:18:36 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:34 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 125906

Log: 'Application' Date/Time: 31/10/2012 9:18:34 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 125906

Log: 'Application' Date/Time: 31/10/2012 9:18:34 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:32 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 123953

Log: 'Application' Date/Time: 31/10/2012 9:18:32 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 123953

Log: 'Application' Date/Time: 31/10/2012 9:18:32 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:30 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 122000

Log: 'Application' Date/Time: 31/10/2012 9:18:30 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 122000

Log: 'Application' Date/Time: 31/10/2012 9:18:30 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:28 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 120031

Log: 'Application' Date/Time: 31/10/2012 9:18:28 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 120031

Log: 'Application' Date/Time: 31/10/2012 9:18:28 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:26 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 118062

Log: 'Application' Date/Time: 31/10/2012 9:18:26 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 118062

Log: 'Application' Date/Time: 31/10/2012 9:18:26 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:24 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 116109

Log: 'Application' Date/Time: 31/10/2012 9:18:24 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 116109

Log: 'Application' Date/Time: 31/10/2012 9:18:24 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:22 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 114156

Log: 'Application' Date/Time: 31/10/2012 9:18:22 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 114156

Log: 'Application' Date/Time: 31/10/2012 9:18:22 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:20 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 112187

Log: 'Application' Date/Time: 31/10/2012 9:18:20 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 112187

Log: 'Application' Date/Time: 31/10/2012 9:18:20 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:18 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 110234

Log: 'Application' Date/Time: 31/10/2012 9:18:18 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 110234

Log: 'Application' Date/Time: 31/10/2012 9:18:18 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:16 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 108281

Log: 'Application' Date/Time: 31/10/2012 9:18:16 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 108281

Log: 'Application' Date/Time: 31/10/2012 9:18:16 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 106312

Log: 'Application' Date/Time: 31/10/2012 9:18:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 106312

Log: 'Application' Date/Time: 31/10/2012 9:18:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 104359

Log: 'Application' Date/Time: 31/10/2012 9:18:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 104359

Log: 'Application' Date/Time: 31/10/2012 9:18:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 102406

Log: 'Application' Date/Time: 31/10/2012 9:18:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 102406

Log: 'Application' Date/Time: 31/10/2012 9:18:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 100437

Log: 'Application' Date/Time: 31/10/2012 9:18:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 100437

Log: 'Application' Date/Time: 31/10/2012 9:18:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 98484

Log: 'Application' Date/Time: 31/10/2012 9:18:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 98484

Log: 'Application' Date/Time: 31/10/2012 9:18:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 96531

Log: 'Application' Date/Time: 31/10/2012 9:18:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 96531

Log: 'Application' Date/Time: 31/10/2012 9:18:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:03 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 94562

Log: 'Application' Date/Time: 31/10/2012 9:18:03 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 94562

Log: 'Application' Date/Time: 31/10/2012 9:18:03 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:18:01 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 92609

Log: 'Application' Date/Time: 31/10/2012 9:18:01 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 92609

Log: 'Application' Date/Time: 31/10/2012 9:18:01 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:59 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 90656

Log: 'Application' Date/Time: 31/10/2012 9:17:59 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 90656

Log: 'Application' Date/Time: 31/10/2012 9:17:59 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:57 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 88687

Log: 'Application' Date/Time: 31/10/2012 9:17:57 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 88687

Log: 'Application' Date/Time: 31/10/2012 9:17:57 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 86734

Log: 'Application' Date/Time: 31/10/2012 9:17:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 86734

Log: 'Application' Date/Time: 31/10/2012 9:17:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 84781

Log: 'Application' Date/Time: 31/10/2012 9:17:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 84781

Log: 'Application' Date/Time: 31/10/2012 9:17:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:51 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 82812

Log: 'Application' Date/Time: 31/10/2012 9:17:51 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 82812

Log: 'Application' Date/Time: 31/10/2012 9:17:51 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:49 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 80844

Log: 'Application' Date/Time: 31/10/2012 9:17:49 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 80844

Log: 'Application' Date/Time: 31/10/2012 9:17:49 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:47 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 78890

Log: 'Application' Date/Time: 31/10/2012 9:17:47 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 78890

Log: 'Application' Date/Time: 31/10/2012 9:17:47 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:45 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 76937

Log: 'Application' Date/Time: 31/10/2012 9:17:45 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 76937

Log: 'Application' Date/Time: 31/10/2012 9:17:45 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:43 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 74969

Log: 'Application' Date/Time: 31/10/2012 9:17:43 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 74969

Log: 'Application' Date/Time: 31/10/2012 9:17:43 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:41 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 73015

Log: 'Application' Date/Time: 31/10/2012 9:17:41 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 73015

Log: 'Application' Date/Time: 31/10/2012 9:17:41 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:39 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 71062

Log: 'Application' Date/Time: 31/10/2012 9:17:39 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 71062

Log: 'Application' Date/Time: 31/10/2012 9:17:39 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:37 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 69094

Log: 'Application' Date/Time: 31/10/2012 9:17:37 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 69094

Log: 'Application' Date/Time: 31/10/2012 9:17:37 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:35 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 67140

Log: 'Application' Date/Time: 31/10/2012 9:17:35 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 67140

Log: 'Application' Date/Time: 31/10/2012 9:17:35 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 65187

Log: 'Application' Date/Time: 31/10/2012 9:17:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 65187

Log: 'Application' Date/Time: 31/10/2012 9:17:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:31 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 63219

Log: 'Application' Date/Time: 31/10/2012 9:17:31 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 63219

Log: 'Application' Date/Time: 31/10/2012 9:17:31 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:29 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 61265

Log: 'Application' Date/Time: 31/10/2012 9:17:29 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 61265

Log: 'Application' Date/Time: 31/10/2012 9:17:29 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:27 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 59297

Log: 'Application' Date/Time: 31/10/2012 9:17:27 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 59297

Log: 'Application' Date/Time: 31/10/2012 9:17:27 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 57328

Log: 'Application' Date/Time: 31/10/2012 9:17:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 57328

Log: 'Application' Date/Time: 31/10/2012 9:17:25 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:23 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 55375

Log: 'Application' Date/Time: 31/10/2012 9:17:23 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 55375

Log: 'Application' Date/Time: 31/10/2012 9:17:23 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:21 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 53422

Log: 'Application' Date/Time: 31/10/2012 9:17:21 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 53422

Log: 'Application' Date/Time: 31/10/2012 9:17:21 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:19 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 51469

Log: 'Application' Date/Time: 31/10/2012 9:17:19 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 51469

Log: 'Application' Date/Time: 31/10/2012 9:17:19 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 49500

Log: 'Application' Date/Time: 31/10/2012 9:17:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 49500

Log: 'Application' Date/Time: 31/10/2012 9:17:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:15 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 47547

Log: 'Application' Date/Time: 31/10/2012 9:17:15 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 47547

Log: 'Application' Date/Time: 31/10/2012 9:17:15 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 45594

Log: 'Application' Date/Time: 31/10/2012 9:17:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 45594

Log: 'Application' Date/Time: 31/10/2012 9:17:14 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 43625

Log: 'Application' Date/Time: 31/10/2012 9:17:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 43625

Log: 'Application' Date/Time: 31/10/2012 9:17:12 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 41672

Log: 'Application' Date/Time: 31/10/2012 9:17:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 41672

Log: 'Application' Date/Time: 31/10/2012 9:17:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 39719

Log: 'Application' Date/Time: 31/10/2012 9:17:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 39719

Log: 'Application' Date/Time: 31/10/2012 9:17:08 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 37765

Log: 'Application' Date/Time: 31/10/2012 9:17:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 37765

Log: 'Application' Date/Time: 31/10/2012 9:17:06 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 35812

Log: 'Application' Date/Time: 31/10/2012 9:17:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 35812

Log: 'Application' Date/Time: 31/10/2012 9:17:04 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:02 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 33844

Log: 'Application' Date/Time: 31/10/2012 9:17:02 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 33844

Log: 'Application' Date/Time: 31/10/2012 9:17:02 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:17:00 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 31890

Log: 'Application' Date/Time: 31/10/2012 9:17:00 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 31890

Log: 'Application' Date/Time: 31/10/2012 9:17:00 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:58 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 29937

Log: 'Application' Date/Time: 31/10/2012 9:16:58 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 29937

Log: 'Application' Date/Time: 31/10/2012 9:16:58 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:56 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 27969

Log: 'Application' Date/Time: 31/10/2012 9:16:56 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 27969

Log: 'Application' Date/Time: 31/10/2012 9:16:56 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:54 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 26000

Log: 'Application' Date/Time: 31/10/2012 9:16:54 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 26000

Log: 'Application' Date/Time: 31/10/2012 9:16:54 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:52 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 24047

Log: 'Application' Date/Time: 31/10/2012 9:16:52 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 24047

Log: 'Application' Date/Time: 31/10/2012 9:16:52 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 22094

Log: 'Application' Date/Time: 31/10/2012 9:16:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 22094

Log: 'Application' Date/Time: 31/10/2012 9:16:50 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 20140

Log: 'Application' Date/Time: 31/10/2012 9:16:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 20140

Log: 'Application' Date/Time: 31/10/2012 9:16:48 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 18172

Log: 'Application' Date/Time: 31/10/2012 9:16:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 18172

Log: 'Application' Date/Time: 31/10/2012 9:16:46 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 16219

Log: 'Application' Date/Time: 31/10/2012 9:16:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 16219

Log: 'Application' Date/Time: 31/10/2012 9:16:44 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 14265

Log: 'Application' Date/Time: 31/10/2012 9:16:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 14265

Log: 'Application' Date/Time: 31/10/2012 9:16:42 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 12312

Log: 'Application' Date/Time: 31/10/2012 9:16:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 12312

Log: 'Application' Date/Time: 31/10/2012 9:16:40 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 10344

Log: 'Application' Date/Time: 31/10/2012 9:16:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 10344

Log: 'Application' Date/Time: 31/10/2012 9:16:38 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:36 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 8390

Log: 'Application' Date/Time: 31/10/2012 9:16:36 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 8390

Log: 'Application' Date/Time: 31/10/2012 9:16:36 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:34 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 6437

Log: 'Application' Date/Time: 31/10/2012 9:16:34 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 6437

Log: 'Application' Date/Time: 31/10/2012 9:16:34 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:32 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 4484

Log: 'Application' Date/Time: 31/10/2012 9:16:32 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 4484

Log: 'Application' Date/Time: 31/10/2012 9:16:32 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 31/10/2012 9:16:30 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 2062

Log: 'Application' Date/Time: 31/10/2012 9:16:30 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 2062

Log: 'Application' Date/Time: 31/10/2012 9:16:30 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/10/2012 10:33:02 PM
Type: error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.940.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Log: 'System' Date/Time: 31/10/2012 9:16:56 PM
Type: error Category: 0
Event: 7024 Source: Service Control Manager
The Messenger service terminated with service-specific error 2270 (0x8DE).

Log: 'System' Date/Time: 31/10/2012 8:52:31 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 8:20:13 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 8:20:08 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 8:20:04 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 8:19:31 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 8:11:13 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 6:23:52 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 6:23:18 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 4:50:15 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 4:49:39 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 4:15:43 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 4:14:44 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 4:14:06 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 4:13:32 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 1:51:40 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 1:50:44 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 1:48:54 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 1:48:20 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 12:37:10 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 12:36:08 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 12:29:16 PM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 12:10:41 PM
Type: error Category: 0
Event: 1001 Source: Dhcp
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00C0A8CC50FA. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/10/2012 9:42:46 AM
Type: error Category: 0
Event: 1001 Source: Dhcp
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00C0A8CC50FA. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/10/2012 9:18:57 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 9:11:06 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 9:10:00 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 9:09:13 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 9:08:39 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 9:01:47 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 9:01:39 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 8:39:24 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 8:33:57 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 8:33:07 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 8:32:51 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 8:30:46 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 7:33:52 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 6:59:27 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 6:55:49 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 4:07:57 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 15:

Log: 'System' Date/Time: 31/10/2012 4:07:19 AM
Type: error Category: 0
Event: 206 Source: NetDDE
Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Log: 'System' Date/Time: 31/10/2012 12:26:34 AM
Type: error Category: 1
Event: 2 Source: AmdK8
The Acpi 2.0 _PCT object returned an invalid value of 7

Log: 'System' Date/Time: 31/10/2012 12:25:50 AM
Type: error Category: 1
Event: 2 Source: AmdK8
The Acpi 2.0 _PCT object returned an invalid value of 7

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/10/2012 10:31:19 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068105.com Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 9:31:49 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068104.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 8:52:30 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 00C0A8CC50FA. The IP address being used is 169.254.83.3.

Log: 'System' Date/Time: 31/10/2012 8:51:25 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:51:18 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:39:07 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:37:54 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:31:18 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068103.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 8:24:22 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:23:07 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:23:01 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:20:17 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:20:13 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{9AD56B61-B031-43A9-8C0B-4B59C4AF3B80}.

Log: 'System' Date/Time: 31/10/2012 8:19:30 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 00C0A8CC50FA. The IP address being used is 169.254.83.3.

Log: 'System' Date/Time: 31/10/2012 8:18:27 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:14:01 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:12:46 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:12:41 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:31:18 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068102.cmd Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 6:56:21 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068101.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 5:44:18 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068100.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 4:31:48 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068099.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 3:32:03 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0068098.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 2:26:58 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067833.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 1:26:54 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067831.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 12:26:47 PM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067792.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 12:20:32 PM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 11:26:47 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067791.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 10:26:47 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067789.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 9:41:56 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 9:40:32 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 9:26:47 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067788.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 9:01:39 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00C0A8CC50FA. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/10/2012 8:36:52 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:35:25 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 8:27:17 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067787.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 7:54:17 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:53:08 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:53:02 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:52:57 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:52:41 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:52:36 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:49:59 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:49:54 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:48:42 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:44:37 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:43:24 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:39:47 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067786.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 7:35:29 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 7:35:24 AM
Type: warning Category: 0
Event: 1009 Source: Dhcp
A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall. .

Log: 'System' Date/Time: 31/10/2012 6:55:49 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00C0A8CC50FA. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/10/2012 6:39:47 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067785.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 6:09:18 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067784.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 4:53:17 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067783.scr Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0

Log: 'System' Date/Time: 31/10/2012 3:27:32 AM
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147619539 Name: Worm:Win32/Lightmoon.H ID: 2147619539 Severity: Severe Category: Worm Path: file:_C:\System Volume Information\_restore{878404FC-4381-422D-A300-E1596B8D4945}\RP63\A0067782.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\WINDOWS\system32\svchost.exe Signature Version: AV: 1.139.940.0, AS: 1.139.940.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0, NIS: 0.0.0.0
  • 0

#45
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi again,

There are errors that are being caused by the Messenger service. I would like to see you disable this service, it's not necessary and should stop those errors.
We will also disable the netdde service and the bonjour service.
Click on Start
Click on Run
in the run box type services.msc and press enter
In the services box scroll down to the Messenger service and double click it.

Posted Image

Click on the Stop button and set the Startup Type to disabled

Posted Image

click on OK.
Now while you are in there, I would also like you to locate the netdde service in that list.
Do the same here, double click that service stop it and set the startup type to disabled, then click OK.
Now again locate the bonjour service double click that one and click stop, then set the startup type to disabled, then click OK.
click on OK and close all the windows.

Let me know how that goes, if the computer shuts down properly afterwards. If not, please re run VEW and post a fresh set of error logs from it.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP