Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Firefox locking up

Started by Rattle , May 17 2009 01:23 PM

  • Please log in to reply

#1
Rattle
Posted 17 May 2009 - 01:23 PM

Rattle

    New Member

  • Member
  • Pip
  • 1 posts
IT takes 10 mins for firefox to load, fssm32.exe using 99% of memory.Thats after I terminate rapimgr.exe (active sync
I think ) which does the same thing eats up all the memory.Firefox locks up for a minute or two after all the above have finished and can repeat this at any time. Also screen goes in and out of focus at times but I think its only on firefox .It,s just happened twice whilst typing this
I.ve also run my f secure anti virus ad adware wise registry cleaner and on occasions spybot search and destroy with no luck

I have followed the Malware and Spyware Cleaning Guide and will post all logs .Thank you for your help Rattle

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:76308 Mo/Free:3132 Mo)
D:\ [CD-Rom] (Total:676 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

17/05/2009|13:42

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\F-Secure\Common\FSM32.EXE
---------- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
---------- C:\WINDOWS\vsnpstd3.exe
---------- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
---------- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
---------- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
---------- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
---------- C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
---------- C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
---------- C:\Program Files\F-Secure\Common\FSMA32.EXE
---------- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
---------- C:\Program Files\F-Secure\Common\FSMB32.EXE
---------- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
---------- C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
---------- C:\WINDOWS\system32\slserv.exe
---------- C:\Program Files\F-Secure\Common\FCH32.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\F-Secure\Common\FAMEH32.EXE
---------- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
---------- C:\Program Files\Canon\CAL\CALMAIN.exe
---------- C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
---------- C:\WINDOWS\system32\devldr32.exe
---------- C:\Program Files\F-Secure\Common\FNRB32.EXE
---------- C:\Program Files\F-Secure\Common\FIH32.EXE
---------- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
---------- C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
---------- C:\Program Files\F-Secure\FSGUI\fsguidll.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\mspaint.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\Steve\My Documents\Crack.exe


1 - "C:\Rooter$\Rooter_1.txt" - 16/05/2009|13:17
2 - "C:\Rooter$\Rooter_2.txt" - 17/05/2009|13:43












Malwarebytes' Anti-Malware 1.36
Database version: 2140
Windows 5.1.2600 Service Pack 3

16/05/2009 13:14:55
mbam-log-2009-05-16 (13-14-55).txt

Scan type: Quick Scan
Objects scanned: 79708
Time elapsed: 6 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTListIt logfile created on: 17/05/2009 13:47:42 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Steve\dwhelper
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.47 Mb Total Physical Memory | 149.00 Mb Available Physical Memory | 29.13% Memory free
1.22 Gb Paging File | 0.70 Gb Available in Paging File | 57.60% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 15.06 Gb Free Space | 20.21% Space Free | Partition Type: NTFS
Drive D: | 677.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOSSER
Current User Name: Steve
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Hardware\Game Controllers\Common\SWTrayV4.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\vsnpstd3.exe ()
PRC - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files\F-Secure\BackWeb\7681197\program\ServiceWrapper-7681197.exe (F-Secure Automatic Update)
PRC - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corp.)
PRC - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe (F-Secure Corp.)
PRC - C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE (F-Secure Corp.)
PRC - C:\Program Files\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\Anti-Virus\fssm32.exe (F-Secure Corp.)
PRC - C:\Program Files\F-Secure\Common\FSMB32.EXE (F-Secure Corporation)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
PRC - C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe (F-Secure Automatic Update)
PRC - C:\WINDOWS\system32\slserv.exe (Smart Link)
PRC - C:\Program Files\F-Secure\Common\FCH32.EXE (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\Common\FAMEH32.EXE (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\Anti-Virus\fsqh.exe (F-Secure Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\F-Secure\Anti-Virus\fsrw.exe (F-Secure Corporation)
PRC - C:\WINDOWS\system32\devldr32.exe (Creative Technology Ltd.)
PRC - C:\Program Files\F-Secure\Common\FNRB32.EXE (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\Common\FIH32.EXE (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\Anti-Virus\fsav32.exe (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\Anti-Spyware\FSAW.exe (F-Secure Corporation)
PRC - C:\Program Files\F-Secure\FSGUI\fsguidll.exe (F-Secure Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Steve\dwhelper\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (BackWeb Plug-in - 7681197 [Auto | Running]) -- C:\Program Files\F-Secure\BackWeb\7681197\program\ServiceWrapper-7681197.exe (F-Secure Automatic Update)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (F-Secure Gatekeeper Handler Starter [Auto | Running]) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corp.)
SRV - (F-Secure Network Request Broker [On_Demand | Running]) -- C:\Program Files\F-Secure\Common\FNRB32.EXE (F-Secure Corporation)
SRV - (fsbwsys [Auto | Running]) -- C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe (F-Secure Corp.)
SRV - (FSDFWD [On_Demand | Running]) -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (FSMA [Auto | Running]) -- C:\Program Files\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (RichVideo [Auto | Running]) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (SLService [Auto | Running]) -- C:\WINDOWS\system32\slserv.exe (Smart Link)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Afc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Afc.sys (Arcsoft, Inc.)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (atapi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\atapi.sys ()
DRV - (ctljystk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctljystk.sys (Creative Technology Ltd.)
DRV - (d346bus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\d346bus.sys ( )
DRV - (d346prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d346prt.sys ( )
DRV - (DM9USB [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dm9usb.sys (DAVICOM Semiconductor, Inc.)
DRV - (emu10k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (emu10k1 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (F-Secure Filter [Auto | Running]) -- C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys ()
DRV - (F-Secure Gatekeeper [Auto | Running]) -- C:\Program Files\F-Secure\Anti-Virus\Win2K\FSgk.sys ()
DRV - (F-Secure Recognizer [Auto | Running]) -- C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys ()
DRV - (FSFW [Boot | Running]) -- C:\WINDOWS\System32\drivers\fsdfw.sys (F-Secure Corporation)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GcKernel [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\GcKernel.sys (Microsoft Corporation)
DRV - (HIDSwvd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys (Microsoft Corporation)
DRV - (humaxfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\humaxfl.sys (HUMAX Co., Ltd.)
DRV - (humaxst [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\humaxst.sys (HUMAX Co., Ltd.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (Mtlmnt5 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys (Smart Link)
DRV - (Mtlstrm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys (Smart Link)
DRV - (NtMtlFax [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys (Smart Link)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (pcouffin [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RecAgent [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys (Smart Link)
DRV - (RTL8023 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfman [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (Slntamr [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\slntamr.sys (Smart Link)
DRV - (SlNtHal [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\Slnthal.sys (Smart Link)
DRV - (SlWdmSup [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys (Smart Link)
DRV - (SNPSTD3 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\snpstd3.sys (Sonix Co. Ltd.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ssm_bus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ssm_bus.sys (MCCI)
DRV - (ssm_mdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys (MCCI)
DRV - (ssm_mdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys (MCCI)
DRV - (StarOpen [System | Running]) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "eBay.co.uk"
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: [email protected]:1.10
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}:6.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.1
FF - prefs.js..extensions.enabledItems: unplug@compunach:2.003
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.20090322

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/16 12:01:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/02 10:24:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA SUNBIRD\COMPONENTS [2008/06/13 23:22:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA SUNBIRD\PLUGINS [2008/09/27 23:03:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/03/29 17:14:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2008/09/27 23:03:12 | 00,000,000 | ---D | M]

[2008/09/27 23:02:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Extensions
[2008/09/27 23:02:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/17 13:37:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions
[2008/03/02 14:16:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\{27A2FD41-CB23-4518-AB5C-C25BAFFDE531}
[2009/04/05 09:54:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2009/04/11 07:30:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/04/11 07:29:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2008/03/27 22:59:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\[email protected]
[2009/04/05 09:53:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\[email protected]
[2009/04/11 17:12:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\[email protected]
[2009/04/25 18:34:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\[email protected]
[2009/04/25 18:34:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\[email protected]
[2009/04/25 18:34:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\unplug@compunach
[2007/09/21 17:52:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\mozilla\Firefox\Profiles\l3we2nh9.default\extensions\[email protected]
[2009/05/16 11:28:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/02 10:24:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/07/03 20:31:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2009/05/02 10:24:00 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/02 10:24:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/01/04 16:36:50 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2006/07/05 19:47:38 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/01/04 16:36:50 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2008/03/08 10:35:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/15 14:04:21 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2008/04/16 05:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/03/28 19:11:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/01/04 16:36:50 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW (F-Secure Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe (Microsoft Corporation)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [PowerBar] File not found
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe (F-Secure Automatic Update)
O4 - Startup: C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} http://register.btin...bcontrol023.cab (webhelper Class)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...538/mcfscan.cab (McFreeScan Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/03 05:02:05 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/05/13 13:15:26 | 00,045,056 | R--- | M] () - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002/05/13 13:15:26 | 00,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/16 11:58:19 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[5 C:\WINDOWS\*.tmp files]
[2009/05/17 13:17:56 | 00,001,049 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\F-Secure Automatic Update.lnk
[2009/05/16 13:16:27 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/16 12:29:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Application Data\Malwarebytes
[2009/05/16 12:29:13 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/16 12:29:13 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/16 12:29:09 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/16 12:29:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/16 12:29:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/16 12:27:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/16 12:26:26 | 00,000,611 | ---- | C] () -- C:\DOCUME~1\Steve\Desktop\NTREGOPT.lnk
[2009/05/16 12:26:26 | 00,000,592 | ---- | C] () -- C:\DOCUME~1\Steve\Desktop\ERUNT.lnk
[2009/05/16 12:26:21 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/25 19:08:52 | 00,000,000 | ---D | C] -- C:\DECCHECK
[2009/04/17 19:50:07 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/17 19:50:06 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/17 19:50:06 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/17 19:50:05 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/17 19:50:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/17 19:50:04 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/17 19:50:04 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/17 19:50:03 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/17 19:50:03 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/17 19:49:29 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/17 19:49:28 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/17 19:49:27 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/11/15 00:30:06 | 00,000,354 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/07/12 15:19:00 | 00,000,386 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2008/06/22 17:29:14 | 00,000,008 | RHS- | C] () -- C:\WINDOWS\System32\7C89CFD31E.sys
[2008/06/22 17:29:12 | 00,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/01/27 20:40:00 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/10/25 13:09:24 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007/10/08 19:10:51 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/09/05 09:07:10 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/09/05 08:46:53 | 01,208,320 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2007/09/05 08:46:53 | 00,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2007/09/05 08:46:53 | 00,062,464 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2007/09/04 12:18:12 | 00,000,032 | ---- | C] () -- C:\WINDOWS\album.ini
[2007/08/01 15:20:20 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/07/31 20:19:31 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346prt.sys
[2007/07/31 20:19:30 | 00,156,800 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346bus.sys
[2007/07/31 20:18:46 | 00,682,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/07/11 15:10:55 | 00,000,467 | ---- | C] () -- C:\WINDOWS\fantasy2.ini
[2007/07/11 15:10:54 | 00,001,667 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2007/07/11 15:10:54 | 00,000,506 | ---- | C] () -- C:\WINDOWS\photoprn.ini
[2007/07/11 15:10:54 | 00,000,422 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2007/07/11 15:10:54 | 00,000,239 | ---- | C] () -- C:\WINDOWS\pmontage.ini
[2007/07/11 15:10:38 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/07/11 15:08:16 | 00,000,021 | ---- | C] () -- C:\WINDOWS\arcsuite.ini
[2007/07/11 15:04:30 | 01,265,664 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2007/07/11 15:04:30 | 01,228,800 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M6.dll
[2007/07/11 15:04:30 | 01,200,128 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M5.dll
[2007/07/11 15:04:30 | 01,073,152 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P6.dll
[2007/07/11 15:04:29 | 01,028,096 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P5.dll
[2007/07/11 15:04:29 | 00,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2007/07/11 15:04:07 | 01,064,960 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2007/07/11 15:04:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2007/07/11 15:04:06 | 00,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2007/07/11 15:04:06 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2007/07/11 15:04:06 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2007/03/12 11:41:52 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2006/10/27 13:52:34 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP7311.ini
[2005/11/23 12:55:32 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2004/09/16 21:24:26 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/04 13:00:00 | 00,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/08/04 13:00:00 | 00,000,917 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/03/15 19:28:50 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/02/27 16:36:18 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2001/03/14 07:10:00 | 00,509,440 | ---- | C] () -- C:\WINDOWS\System32\E_DPUI03.DLL
[2000/08/09 07:10:00 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\EPIPPJ50.DLL

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/17 13:33:01 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/17 13:22:11 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/17 13:20:12 | 00,000,544 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/05/17 13:18:41 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/17 13:17:56 | 00,001,049 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\F-Secure Automatic Update.lnk
[2009/05/17 13:17:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/17 13:17:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Steve\Local Settings\desktop.ini
[2009/05/17 13:17:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/17 13:17:14 | 53,638,3488 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/16 12:29:13 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/16 12:26:26 | 00,000,611 | ---- | M] () -- C:\DOCUME~1\Steve\Desktop\NTREGOPT.lnk
[2009/05/16 12:26:26 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\Steve\Desktop\ERUNT.lnk
[2009/05/09 07:29:32 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/05/05 21:13:29 | 00,000,032 | ---- | M] () -- C:\WINDOWS\album.ini
[2009/05/05 21:13:28 | 00,001,667 | ---- | M] () -- C:\WINDOWS\pstudio.ini
[2009/04/18 08:34:03 | 00,397,868 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/18 08:34:03 | 00,059,896 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/18 08:34:01 | 00,465,296 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/18 00:17:25 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/17 18:51:20 | 00,000,020 | ---- | M] () -- C:\DOCUME~1\Steve\My Documents\funrecent.fmp
[2009/04/17 18:45:43 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
< End of report >


OTListIt Extras logfile created on: 17/05/2009 13:47:42 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Steve\dwhelper
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.47 Mb Total Physical Memory | 149.00 Mb Available Physical Memory | 29.13% Memory free
1.22 Gb Paging File | 0.70 Gb Available in Paging File | 57.60% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 15.06 Gb Free Space | 20.21% Space Free | Partition Type: NTFS
Drive D: | 677.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOSSER
Current User Name: Steve
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update (F-Secure Automatic Update)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update (F-Secure Automatic Update)
C:\Documents and Settings\Steve\Local Settings\Apps\2.0\LKMD5LN6.0KO\P2CLVL3W.G89\thef...app_0d221d3645bc6701_0002.0005_ab7cf4693a6927d4\The Filter.exe:127.0.0.1/255.255.255.255:Enabled:The Filter: Windows Media Player plugin File not found
C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus File not found
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Documents and Settings\Steve\Local Settings\Apps\2.0\LKMD5LN6.0KO\P2CLVL3W.G89\thef...app_0d221d3645bc6701_0002.0005_8decbbb466c17454\The Filter.exe:127.0.0.1/255.255.255.255:Enabled:The Filter: Windows Media Player plugin File not found
C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service File not found
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.1
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}" =
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9F6C477B-12D6-43DB-BAD3-098E1D039FC1}" = PC VGA Camera
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1C8D94A-4303-4489-B585-4B6E6CD408CB}" = OpenOffice.org 2.2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F8847BED-04E7-4924-B1CE-D9CA5CDE7420}" = Samsung PC Studio 3
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AdobeESD" = Adobe Download Manager 2.2 (Remove Only)
"ArcSoft Camera Suite" = ArcSoft Software Suite
"BitLord" = BitLord 1.1
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CSCLIB" = Canon Camera Support Core Library
"Cucusoft MPEG to DVD Author_is1" = Cucusoft MPEG to DVD Author 1.09
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.2.2
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.1.6 Beta
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"ffdshow" = ffdshow (remove only)
"FLVPlayer" = FLV Player 1.3.3
"F-Secure Anti-Virus" = F-Secure Anti-Virus Client Security - Virus & Spy Protection
"F-Secure Backweb" = F-Secure Anti-Virus Client Security - Automatic Update Agent
"F-Secure E-mail Scanning" = F-Secure Anti-Virus Client Security - E-Mail Scanning
"F-Secure Internet Shield" = F-Secure Anti-Virus Client Security - Internet Shield
"F-Secure Protocol Scanner" = F-Secure Anti-Virus Client Security - Web Traffic Scanning
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media eLinker" = Media eLinker
"MGI_PRISM_V1_0" = MGI PhotoSuite II SE (Remove Only)
"MotoGP_is1" = MotoGP
"MotoGP2_is1" = MotoGP2
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Sunbird (0.8)" = Mozilla Sunbird (0.8)
"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"oggcodecs" = oggcodecs 0.71.0946
"PeerGuardian_is1" = PeerGuardian 2.0
"PhotoStitch" = Canon Utilities PhotoStitch
"PowerISO" = PowerISO
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SideWinder Precision 2" = SideWinder Precision 2
"Steel Beasts Gold" = Steel Beasts Gold
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.22
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16/05/2009 05:50:10 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-05-16 10:50:02+01:00 josser SYSTEM F-Secure Anti-Virus

Scanning of C:\WINDOWS\SYSTEM32\SECURITY.DLL was aborted due to exceeded scanning
time limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

Error - 16/05/2009 05:59:02 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 2 2009-05-16 10:59:01+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\B5610F2A0840A6A3E453D728DC41C864\F2F66C1FBA74FAB8D81EF0CA033434D16B1995CE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 16/05/2009 06:18:26 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 3 2009-05-16 11:18:24+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\DOCUMENTS AND SETTINGS\STEVE\LOCAL SETTINGS\TEMP\IADHIDE5.DLL was
aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 16/05/2009 06:21:51 | Computer Name = JOSSER | Source = Application Hang | ID = 1002
Description = Hanging application thunderbird.exe, version 1.8.20090.30215, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 16/05/2009 06:32:48 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 4 2009-05-16 11:32:45+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\WINDOWS\SYSTEM32\DPLAYX.DLL was aborted due to exceeded scanning
time limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

Error - 16/05/2009 06:46:00 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 5 2009-05-16 11:45:59+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\DOCUMENTS AND SETTINGS\STEVE\MY DOCUMENTS\MY PICTURES\2007_09_05
HOUSE\IMG_0582.JPG was aborted due to exceeded scanning time limit. The file may
be in use or reading it was too slow (e.g. network connection was under stress).


Error - 16/05/2009 06:55:59 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 6 2009-05-16 11:55:59+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\DOCUMENTS AND SETTINGS\STEVE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\L3WE2NH9.DEFAULT\SESSIONSTORE-7.JS
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 16/05/2009 08:23:58 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-05-16 13:23:55+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\WINDOWS\SYSTEM32\SPOOLSS.DLL was aborted due to exceeded scanning
time limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

Error - 17/05/2009 08:23:53 | Computer Name = JOSSER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 17/05/2009 08:24:52 | Computer Name = JOSSER | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-05-17 13:24:49+01:00 josser JOSSER\Steve F-Secure Anti-Virus

Scanning of C:\WINDOWS\SYSTEM32\RASMAN.DLL was aborted due to exceeded scanning
time limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

[ System Events ]
Error - 16/05/2009 07:30:03 | Computer Name = JOSSER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 16/05/2009 07:31:16 | Computer Name = JOSSER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 16/05/2009 07:31:16 | Computer Name = JOSSER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 16/05/2009 07:31:18 | Computer Name = JOSSER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 16/05/2009 07:31:18 | Computer Name = JOSSER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 16/05/2009 07:31:21 | Computer Name = JOSSER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 16/05/2009 07:31:21 | Computer Name = JOSSER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 16/05/2009 08:21:18 | Computer Name = JOSSER | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%10013

Error - 17/05/2009 08:18:26 | Computer Name = JOSSER | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%10013

Error - 17/05/2009 08:19:48 | Computer Name = JOSSER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on
the Network Card with network address 000E2ECD3B84.


< End of report >




Thank s Rattle
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP