MBAM LOG
Malwarebytes' Anti-Malware 1.41
Database version: 2981
Windows 5.1.2600 Service Pack 3
10/18/2009 4:59:15 PM
mbam-log-2009-10-18 (16-59-15).txt
Scan type: Quick Scan
Objects scanned: 98663
Time elapsed: 2 minute(s), 54 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 9
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\calc.dll (Trojan.Agent) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{5172ec55-e786-48a9-8fd9-c27c6a99f249} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba603215-23f2-42ad-f4e4-00aac39caa53} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bf56a325-23f2-42ad-f4e4-00aac39caa53} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba603215-23f2-42ad-f4e4-00aac39caa53} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{5172ec55-e786-48a9-8fd9-c27c6a99f249} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{5172ec55-e786-48a9-8fd9-c27c6a99f249} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkNeighborhood\NameSpace\{5172ec55-e786-48a9-8fd9-c27c6a99f249} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SafetyCenter (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UACd.sys (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\calc (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\calc (Trojan.Agent) -> Delete on reboot.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Windows Police Pro (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\calc.dll (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Gibsons\Start Menu\Programs\Startup\scandisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kbiwkmepkjqoye.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmfjgyutrm.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmhkorvpxu.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmmpkrxtxf.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmnbgoewni.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmotkamrhw.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmupvltkuu.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\mfsdisk.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\SystemProfile\ntuser.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\Systemprofile\Start Menu\Programs\Startup\scandisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\kbiwkmbimxfmmq.sys (Rootkit.TDSS) -> Delete on reboot.
C:\Documents and Settings\Gibsons\ntuser.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\ntuser.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gibsons\Start Menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gibsons\Local Settings\Temp\nsrbgxod.bak (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmbwrrwowi.dat (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmlgomkmsq.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\kbiwkmwyrgxtfv.dat (Rootkit.TDSS) -> Delete on reboot.
ROOTREPEAL LOG
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/18 17:13
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA7EF5000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA5B4000 Size: 8192 File Visible: No Signed: -
Status: -
Name: PCI_PNP2238
Image Path: \Driver\PCI_PNP2238
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA6694000 Size: 49152 File Visible: No Signed: -
Status: -
Name: spbz.sys
Image Path: spbz.sys
Address: 0xB9EA7000 Size: 1048576 File Visible: No Signed: -
Status: -
Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: srescan.sys
Image Path: srescan.sys
Address: 0xB9C37000 Size: 81920 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 031 Function Name: NtConnectPort
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8449fc0
#: 037 Function Name: NtCreateFile
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8446c80
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8461170
#: 046 Function Name: NtCreatePort
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa844a580
#: 047 Function Name: NtCreateProcess
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa845e900
#: 048 Function Name: NtCreateProcessEx
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa845eb10
#: 050 Function Name: NtCreateSection
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8462b10
#: 056 Function Name: NtCreateWaitablePort
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa844a670
#: 062 Function Name: NtDeleteFile
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8447210
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa84619f0
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xa84e8350
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa845e280
#: 071 Function Name: NtEnumerateKey
Status: Hooked by "spbz.sys" at address 0xb9ec6ca2
#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "spbz.sys" at address 0xb9ec7030
#: 098 Function Name: NtLoadKey
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8461f10
#: 099 Function Name: NtLoadKey2
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8461f90
#: 116 Function Name: NtOpenFile
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8447070
#: 119 Function Name: NtOpenKey
Status: Hooked by "spbz.sys" at address 0xb9ea80c0
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8460180
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa845ff40
#: 160 Function Name: NtQueryKey
Status: Hooked by "spbz.sys" at address 0xb9ec7108
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "spbz.sys" at address 0xb9ec6f88
#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa84626f0
#: 193 Function Name: NtReplaceKey
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8462150
#: 200 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8449be0
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8462540
#: 210 Function Name: NtSecureConnectPort
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa844a190
#: 224 Function Name: NtSetInformationFile
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa8447440
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xa84e8580
#: 255 Function Name: NtSystemDebugControl
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa845f200
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xa845f080
Hidden Services
-------------------
Service Name: kbiwkmbdpitbas
Image Path: C:\WINDOWS\system32\drivers\kbiwkmbimxfmmq.sys
==EOF==
OTL LOG
OTL logfile created on: 10/18/2009 5:17:38 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Gibsons\Desktop\junk
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.31% Memory free
3.84 Gb Paging File | 3.35 Gb Available in Paging File | 87.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 295.03 Gb Total Space | 219.13 Gb Free Space | 74.27% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 232.83 Gb Total Space | 84.65 Gb Free Space | 36.36% Space Free | Partition Type: FAT32
Computer Name: GIBSON
Current User Name: Gibsons
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/18 17:14:11 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gibsons\Desktop\junk\OTL.exe
PRC - [2009/10/16 13:07:13 | 02,025,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/08/19 08:40:48 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/19 08:40:47 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/19 08:40:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/03/27 17:01:02 | 24,103,720 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/03/12 20:56:58 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/03/12 20:56:52 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/02/16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe
PRC - [2009/02/16 00:10:22 | 00,981,384 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/14 21:48:16 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/08/14 17:15:46 | 02,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/08/14 17:11:48 | 00,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/08/14 17:11:14 | 00,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2008/07/26 08:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/26 08:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/05/02 00:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/07/16 21:48:52 | 16,132,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007/07/16 21:45:24 | 00,252,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exe
PRC - [2007/07/16 21:45:14 | 00,138,008 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxpers.exe
PRC - [2007/07/16 21:45:12 | 00,162,584 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exe
PRC - [2007/03/14 20:49:02 | 00,125,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2007/03/14 20:48:40 | 00,031,424 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/11/21 18:38:40 | 00,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/11/21 18:38:28 | 00,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe
PRC - [2006/10/26 13:34:04 | 00,065,536 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Playskool\MADE FOR ME Software\HbDetect.exe
PRC - [2006/10/20 18:23:38 | 00,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2006/10/03 12:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (Creative Service for CDROM Access [Auto | Stopped])
SRV - [2009/08/19 08:40:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/04/28 20:25:08 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/04/27 20:39:26 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009/03/12 20:56:52 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/02/16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/10/14 21:48:16 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2008/07/26 08:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2008/07/26 08:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/12/08 17:03:01 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/11/01 09:13:45 | 01,862,144 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager [On_Demand | Stopped])
SRV - [2007/03/19 13:44:44 | 00,070,656 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService [On_Demand | Stopped])
SRV - [2007/03/14 20:48:56 | 00,116,416 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam [On_Demand | Stopped])
SRV - [2007/03/14 20:48:50 | 01,816,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus [On_Demand | Stopped])
SRV - [2007/03/14 20:48:40 | 00,031,424 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch [Auto | Running])
SRV - [2007/02/12 18:23:10 | 00,214,672 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc [On_Demand | Stopped])
SRV - [2007/01/20 00:44:40 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/01/20 00:44:40 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2007/01/10 17:27:38 | 01,160,792 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc [On_Demand | Stopped])
SRV - [2006/11/21 18:38:40 | 00,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr [Auto | Running])
SRV - [2006/11/21 18:38:32 | 00,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr [On_Demand | Stopped])
SRV - [2006/11/08 17:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2006/11/08 17:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2006/11/05 12:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])
SRV - [2006/11/05 12:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9 [Auto | Stopped])
SRV - [2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe -- (ProtexisLicensing [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/09/14 15:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2006/09/02 17:36:33 | 02,528,960 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004/07/15 03:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071101
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071101
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default = A1 7B 67 03 A0 A4 08 46 91 23 F9 C0 94 6E 1F BC [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071101
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {458BAD97-5140-4C13-8B80-3E6EE30A0B18}:1.9.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/20 22:15:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{458BAD97-5140-4C13-8B80-3E6EE30A0B18}: C:\Documents and Settings\Gibsons\Local Settings\Application Data\{458BAD97-5140-4C13-8B80-3E6EE30A0B18} [2009/10/17 11:19:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/14 17:27:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/10 22:31:43 | 00,000,000 | ---D | M]
[2008/09/21 11:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\mozilla\Extensions
[2008/09/21 11:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/11 17:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\mozilla\Firefox\Profiles\j0eclhgx.default\extensions
[2008/09/21 11:40:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/08 21:11:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/10 22:31:38 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/10 22:31:38 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/03 20:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2009/09/10 22:31:38 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/10/14 22:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/03/20 07:21:29 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/03/20 07:21:29 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/03/20 07:21:29 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/03/20 07:21:30 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/03/20 07:21:30 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/03/20 07:21:30 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/03/20 07:21:30 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/03/06 18:36:05 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/06 18:36:05 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/06 18:36:05 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/06 18:36:05 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/06 18:36:05 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/06 18:36:05 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
O1 HOSTS File: (762 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Gvowoy] C:\WINDOWS\abaponam.DLL ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware2\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [HbDetect.exe] C:\Program Files\Playskool\MADE FOR ME Software\HbDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://a516.g.akamai...cat-no-eula.cab (Citrix ICA Client)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...1/uploader2.cab (UploadListView Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...4/uploader2.cab (UploadListView Class)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.onlinegis...AB/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (jcpjdr.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\System32\NavLogon.dll (Symantec Corporation)
O20 - Winlogon\Notify\vlvhvtmi: DllName - rjzvxwc.dll - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{be10c95e-6e4e-11de-af78-001aa099860a}\Shell\AutoRun\command - "" = E:\WDSetup.exe -- File not found
O33 - MountPoints2\{d382d230-9cc5-11de-af90-001aa099860a}\Shell - "" = AutoRun
O33 - MountPoints2\{d382d230-9cc5-11de-af90-001aa099860a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d382d230-9cc5-11de-af90-001aa099860a}\Shell\AutoRun\command - "" = E:\HPLauncher.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/10/17 11:19:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\{458BAD97-5140-4C13-8B80-3E6EE30A0B18}
[2009/10/15 03:23:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\PCHealth
[2009/10/18 16:52:23 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/10/18 17:07:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/10/18 16:53:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/09 21:19:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gibsons\Desktop\ipod movies
[2007/12/05 14:31:23 | 00,127,059 | ---- | C] ( ) -- C:\WINDOWS\System32\DSLLK189.dll
========== Files - Modified Within 14 Days ==========
[2009/10/18 17:08:46 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/18 17:01:41 | 00,350,195 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/10/18 17:01:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/18 17:00:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/18 17:00:55 | 21,361,29536 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/18 16:53:12 | 00,000,638 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/18 16:53:12 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/18 16:53:12 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/10/18 09:38:07 | 43,219,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/18 09:36:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Fkawarusan.bin
[2009/10/17 16:24:53 | 00,000,434 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2009/10/17 11:19:45 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Ozizam.dat
[2009/10/16 13:07:29 | 00,033,037 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/15 03:01:09 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/11 16:46:13 | 02,323,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/09 21:47:13 | 00,244,224 | ---- | M] () -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/08 23:10:49 | 00,145,264 | ---- | M] () -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
========== Files - No Company Name ==========
[2009/10/17 11:19:45 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Ozizam.dat
[2009/10/17 11:19:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Fkawarusan.bin
[2009/10/01 22:57:43 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/09/10 07:09:52 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/18 12:47:22 | 00,003,274 | ---- | C] () -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\70E21EE3-3F6D-4B2F-A084-8E2BEE49D5B9.txt
[2009/04/05 13:46:00 | 00,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/11 14:32:28 | 06,772,736 | ---- | C] () -- C:\WINDOWS\System32\tliadjust30.dll
[2009/01/04 09:41:58 | 06,537,728 | ---- | C] () -- C:\WINDOWS\System32\tliadjust26.dll
[2008/12/30 10:09:08 | 01,262,633 | -HS- | C] () -- C:\WINDOWS\System32\oralirem.ini
[2008/11/25 21:48:10 | 01,695,744 | ---- | C] () -- C:\WINDOWS\System32\tliadjust26_dll.dll
[2008/08/10 10:07:09 | 00,000,162 | ---- | C] () -- C:\WINDOWS\tefview.ini
[2008/07/26 08:25:02 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/07/13 10:12:28 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/02/24 19:43:48 | 00,001,001 | ---- | C] () -- C:\Program Files\Read Me.txt
[2007/12/12 23:11:45 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2007/12/06 23:34:35 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/12/06 23:34:35 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\13691C7ED6.sys
[2007/11/13 21:55:50 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2007/11/12 15:11:00 | 00,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/12 10:57:55 | 00,244,224 | ---- | C] () -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/06 07:43:52 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/05 23:23:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/11/05 23:08:42 | 00,000,303 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/11/05 21:57:10 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Gibsons\Application Data\desktop.ini
[2007/11/05 21:57:09 | 04,310,310 | -H-- | C] () -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\IconCache.db
[2007/11/05 21:57:09 | 00,145,264 | ---- | C] () -- C:\Documents and Settings\Gibsons\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/11/01 09:21:20 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/01 09:11:29 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/01 09:11:29 | 00,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/01 08:49:33 | 00,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/01 08:49:25 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/01 08:48:18 | 00,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/10/19 20:56:16 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/19 20:54:28 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/10/19 20:54:28 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/10/18 05:02:34 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/11/07 06:25:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/17 00:36:50 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 15:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 15:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 14:57:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/08/10 14:51:28 | 00,000,638 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 14:51:27 | 00,164,352 | ---- | C] () -- C:\WINDOWS\abaponam.dll
[2004/08/10 14:51:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2009/10/01 23:03:05 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/27 01:07:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/06/10 04:15:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM
[2007/12/06 23:37:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2007/11/01 09:11:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2007/11/13 21:55:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/04/28 21:00:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/09 15:27:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2007/12/12 23:12:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2007/11/01 09:11:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2004/08/10 15:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2007/11/01 09:12:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/11/13 21:55:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/10/01 23:03:05 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gibsons\Application Data
[2008/09/05 23:32:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Alien Skin
[2009/10/10 21:01:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\BitTorrent
[2007/11/19 23:08:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\BitTorrent DNA
[2008/09/07 12:19:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Canon
[2008/01/03 21:23:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Corel
[2008/07/13 10:12:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\DAEMON Tools
[2007/11/06 07:46:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\ICAClient
[2009/04/05 13:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Leadertech
[2007/11/13 21:51:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Nikon
[2008/01/01 23:58:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Opera
[2009/08/18 17:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\ovwuoxsj
[2009/06/23 17:50:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Playskool
[2007/11/06 07:31:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Roxio
[2007/11/13 22:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gibsons\Application Data\Snapfish
[2009/08/27 11:45:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2009/10/17 16:24:53 | 00,000,434 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2004/08/04 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/18 17:01:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32\eventlog.dll >
[2008/04/13 20:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/13 20:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< End of report >
EXTRAS LOG
OTL Extras logfile created on: 10/18/2009 5:17:38 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Gibsons\Desktop\junk
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.31% Memory free
3.84 Gb Paging File | 3.35 Gb Available in Paging File | 87.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 295.03 Gb Total Space | 219.13 Gb Free Space | 74.27% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 232.83 Gb Total Space | 84.65 Gb Free Space | 36.36% Space Free | Partition Type: FAT32
Computer Name: GIBSON
Current User Name: Gibsons
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\BitTorrent_DNA\dna.exe" = C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:BitTorrent DNA -- ()
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{281D28EC-1357-4778-B2D7-DEA56D70EF96}" = Logitech High Quality Video
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon Camera WIA Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{50E125D1-88E5-48CE-80AE-98EC9698E639}" = Symantec AntiVirus
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{59C2E0E4-0859-4EC1-BCD3-53DBCEFE7AFA}" = Topaz Adjust
"{5E684419-44E3-46EE-A43C-A60082CBF4EC}" = Topaz Adjust 3
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8730D530-B0F8-4C9B-AD4D-F6662FCAFE7B}" = MADE FOR ME Software
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}" = Adobe Photoshop Lightroom 2.2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B71ADC2F-95A0-4ECE-B15A-E9ED1DF06C12}" = PTLens
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{B97B1CDE-86CF-40BF-8209-26E5D946A2AC}" = SurroundPhoto
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C252EB7B-7AE0-46DE-9BEE-DF681B885F13}" = Modem Diagnostic Tool
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C7EEC93A-2A61-4B1E-B696-A264680A889D}" = MobileMe Control Panel
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E6445FCC-EAF6-4E35-9E72-6EF105A4C177}" = HDView for Firefox
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCC3BD6A-F118-475D-8748-7EE08EA0AF56}" = HDView for Internet Explorer
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"abrViewer.NET" = abrViewer.NET 1.0.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AVG8Uninstall" = AVG Free 8.5
"Chord Alchemy" = Chord Alchemy 4.3
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ERUNT_is1" = ERUNT 1.1j
"ExtractNow_is1" = ExtractNow
"EyeCandy5Impact" = Alien Skin Eye Candy 5 Impact
"EyeCandy5Nature" = Alien Skin Eye Candy 5 Nature
"EyeCandy5Textures" = Alien Skin Eye Candy 5 Textures
"FLV Player" = FLV Player 2.0, build 24
"Free iPod Video Converter_is1" = Free iPod Video Converter 1.26
"getPlus®_ocx" = getPlus®_ocx
"Google Desktop" = Google Desktop
"Hasbro MuVo Driver" = Hasbro Mass Storage Drivers
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon EOS Kiss_N REBEL_XT 350D WIA Driver
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Basic)
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mflGameDay_is1" = myfantasyleague.com Game Day 2008
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"PictureProject In Touch Downloader" = PictureProject In Touch Downloader 1.0
"PROSet" = Intel® PRO Network Connections Drivers
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"SafetyCenter" = SafetyCenter
"SearchAssist" = SearchAssist
"ST6UNST #1" = Tabwin43
"TEFView_is1" = TEFView 2.65
"Unlocker" = Unlocker 1.8.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xenofex2Demo" = Alien Skin Xenofex 2.0 Demo
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Abacast Client" = Abacast Client
"BitTorrent" = BitTorrent
"BitTorrent DNA" = BitTorrent DNA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/11/2009 8:47:51 PM | Computer Name = GIBSON | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16876, faulting
module unknown, version 0.0.0.0, fault address 0x104c1b6d.
Error - 10/12/2009 6:19:58 AM | Computer Name = GIBSON | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00001de6.
Error - 10/13/2009 9:14:51 PM | Computer Name = GIBSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 10/13/2009 9:14:51 PM | Computer Name = GIBSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 10/14/2009 12:49:10 AM | Computer Name = GIBSON | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00001de6.
Error - 10/15/2009 3:00:36 AM | Computer Name = GIBSON | Source = NativeWrapper | ID = 5000
Description =
Error - 10/17/2009 10:36:15 AM | Computer Name = GIBSON | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16915, faulting
module unknown, version 0.0.0.0, fault address 0x76f2345a.
Error - 10/17/2009 10:36:20 AM | Computer Name = GIBSON | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 10/17/2009 10:54:15 AM | Computer Name = GIBSON | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16915, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 10:59:21 AM | Computer Name = GIBSON | Source = Application Error | ID = 1000
Description = Faulting application mbammmmmmmmmmm2.exe, version 1.40.0.0, faulting
module unknown, version 0.0.0.0, fault address 0x7ca06546.
[ System Events ]
Error - 10/18/2009 4:43:56 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7034
Description = The Symantec AntiVirus Definition Watcher service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/18/2009 4:43:56 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).
Error - 10/18/2009 4:43:56 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 10/18/2009 4:43:59 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7034
Description = The TrueVector Internet Monitor service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/18/2009 4:47:36 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7000
Description = The Creative Service for CDROM Access service failed to start due
to the following error: %%2
Error - 10/18/2009 4:47:36 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126
Error - 10/18/2009 4:47:36 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7023
Description = The Intel® PRO/1000 PCI Express Network Connection Support service
terminated with the following error: %%126
Error - 10/18/2009 5:02:34 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7000
Description = The Creative Service for CDROM Access service failed to start due
to the following error: %%2
Error - 10/18/2009 5:02:34 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126
Error - 10/18/2009 5:02:34 PM | Computer Name = GIBSON | Source = Service Control Manager | ID = 7023
Description = The Intel® PRO/1000 PCI Express Network Connection Support service
terminated with the following error: %%126
< End of report >