PC not responding
-
PC not responding
Hi,
PC keeps becoming catatonic.
Any help appreciated.
rik
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Database version: 4742
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/10/2010 21:25:49
mbam-log-2010-10-04 (21-25-49).txt
Scan type: Quick scan
Objects scanned: 168966
Time elapsed: 10 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 15
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\Liz\Application Data\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\IESkins (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\HostOI (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\HostOI\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\HostOL (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\HostOL\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\Hotbar\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\Hotbar\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Liz\Application Data\Hotbar\v3.0\Hotbar\static\1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Registry Helper (Rogue.RegistryHelper) -> Quarantined and deleted successfully.
C:\Program Files\Registry Helper\Full Backups (Rogue.RegistryHelper) -> Quarantined and deleted successfully.
C:\Program Files\Registry Helper\Item Backups (Rogue.RegistryHelper) -> Quarantined and deleted successfully.
C:\Program Files\Registry Helper\Startup Manager (Rogue.RegistryHelper) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Registry Helper\Full Backups\6-6-2007--11-50-1-am.reg (Rogue.RegistryHelper) -> Quarantined and deleted successfully.
-
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d
Kernel Drivers (total 146):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FF000 \WINDOWS\system32\hal.dll
0xF7AE1000 \WINDOWS\system32\KDCOM.DLL
0xF79F1000 \WINDOWS\system32\BOOTVID.dll
0xF7592000 ACPI.sys
0xF7AE3000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF7581000 pci.sys
0xF75E1000 isapnp.sys
0xF7BA9000 pciide.sys
0xF7861000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF75F1000 MountMgr.sys
0xF7562000 ftdisk.sys
0xF7869000 PartMgr.sys
0xF7601000 VolSnap.sys
0xF754A000 atapi.sys
0xF7611000 disk.sys
0xF7621000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF752A000 fltmgr.sys
0xF7518000 sr.sys
0xF74BB000 mfehidk.sys
0xF74A6000 drvmcdb.sys
0xF7631000 PxHelp20.sys
0xF748F000 KSecDD.sys
0xF7402000 Ntfs.sys
0xF73D5000 NDIS.sys
0xF73BB000 Mup.sys
0xF7641000 agp440.sys
0xF76B1000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF6D3B000 \SystemRoot\System32\DRIVERS\nv4_mini.sys
0xF6D27000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF7979000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF6D03000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF7981000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xF6BBE000 \SystemRoot\system32\drivers\P16X.sys
0xF6B9B000 \SystemRoot\system32\drivers\ks.sys
0xF6B77000 \SystemRoot\system32\drivers\portcls.sys
0xF76C1000 \SystemRoot\system32\drivers\drmk.sys
0xF6B4B000 \SystemRoot\system32\DRIVERS\ctoss2k.sys
0xF6B27000 \SystemRoot\system32\drivers\mfeavfk.sys
0xF6ADC000 \SystemRoot\system32\drivers\mfefirek.sys
0xF6ABC000 \SystemRoot\system32\DRIVERS\ctsfm2k.sys
0xF6F17000 \SystemRoot\System32\DRIVERS\gameenum.sys
0xF76D1000 \SystemRoot\System32\DRIVERS\IntelC53.sys
0xF6995000 \SystemRoot\System32\DRIVERS\IntelC51.sys
0xF6900000 \SystemRoot\System32\DRIVERS\IntelC52.sys
0xF7989000 \SystemRoot\System32\DRIVERS\mohfilt.sys
0xF7991000 \SystemRoot\System32\Drivers\Modem.SYS
0xF68D8000 \SystemRoot\System32\DRIVERS\e100b325.sys
0xF7999000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF76E1000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xF79A1000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF76F1000 \SystemRoot\System32\DRIVERS\serial.sys
0xF6F13000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF68C4000 \SystemRoot\System32\DRIVERS\parport.sys
0xF7B1F000 \SystemRoot\system32\drivers\sscdbhk5.sys
0xF7701000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF7711000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF7721000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7CF3000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF6888000 \SystemRoot\system32\DRIVERS\mfendisk.sys
0xF7731000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF7A81000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF6871000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF7741000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF7751000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF79A9000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF6860000 \SystemRoot\System32\DRIVERS\psched.sys
0xF7761000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xF79B1000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF79B9000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF79C1000 \SystemRoot\System32\DRIVERS\wanatw4.sys
0xF7771000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF79C9000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF7B21000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF6762000 \SystemRoot\System32\DRIVERS\update.sys
0xF79D1000 \SystemRoot\System32\DRIVERS\omci.sys
0xF7A89000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF7781000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7791000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF7B27000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF7AC1000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xF79D9000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF7AD1000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7AD5000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xF77A1000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xF79E1000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xF7B29000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7C05000 \SystemRoot\System32\Drivers\Null.SYS
0xF7B2B000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7879000 \SystemRoot\system32\drivers\ssrtln.sys
0xF7891000 \SystemRoot\System32\drivers\vga.sys
0xF7B2D000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7B2F000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7899000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF78A1000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7AD9000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xF5550000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xF54F7000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xF54E4000 \SystemRoot\system32\drivers\mfetdi2k.sys
0xF54BE000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF5497000 \SystemRoot\System32\Drivers\Mpfp.sys
0xF77B1000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xF68BC000 \SystemRoot\System32\DRIVERS\mouhid.sys
0xF77C1000 \SystemRoot\System32\DRIVERS\ipfltdrv.sys
0xF5447000 \SystemRoot\System32\DRIVERS\netbt.sys
0xF5425000 \SystemRoot\System32\drivers\afd.sys
0xF77D1000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF53FA000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xF538A000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF7811000 \SystemRoot\System32\Drivers\Fips.SYS
0xF68B8000 \SystemRoot\System32\DRIVERS\usbscan.sys
0xF78B1000 \SystemRoot\System32\DRIVERS\usbprint.sys
0xF7831000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF5372000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7B51000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF55B7000 \SystemRoot\System32\drivers\Dxapi.sys
0xF78D1000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7CCB000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xF7801000 \SystemRoot\system32\drivers\drvnddm.sys
0xF7D30000 \SystemRoot\system32\dla\tfsndres.sys
0xF4097000 \SystemRoot\system32\dla\tfsnifs.sys
0xF41C8000 \SystemRoot\system32\dla\tfsnopio.sys
0xF7B57000 \SystemRoot\system32\dla\tfsnpool.sys
0xF78E1000 \SystemRoot\system32\dla\tfsnboio.sys
0xF7821000 \SystemRoot\system32\dla\tfsncofs.sys
0xF7D31000 \SystemRoot\system32\dla\tfsndrct.sys
0xF407E000 \SystemRoot\system32\dla\tfsnudf.sys
0xF4065000 \SystemRoot\system32\dla\tfsnudfa.sys
0xF7841000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xF40C8000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xF3540000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xF7B99000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF357D000 \??\C:\WINDOWS\System32\Drivers\KeyP.sys
0xF33D1000 \SystemRoot\System32\DRIVERS\srv.sys
0xF7BA5000 \??\C:\WINDOWS\System32\PfModNT.sys
0xF34D0000 \SystemRoot\system32\drivers\sysaudio.sys
0xF2CDE000 \SystemRoot\system32\drivers\wdmaud.sys
0xF2AB5000 \SystemRoot\System32\Drivers\HTTP.sys
0xF2508000 \SystemRoot\system32\drivers\mfeapfk.sys
0xF2D2B000 \SystemRoot\system32\drivers\mfebopk.sys
0xF1910000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\SYSTEM32\ntdll.dll
Processes (total 59):
0 System Idle Process
4 System
944 C:\WINDOWS\SYSTEM32\smss.exe
1020 csrss.exe
1044 C:\WINDOWS\SYSTEM32\winlogon.exe
1088 C:\WINDOWS\SYSTEM32\services.exe
1108 C:\WINDOWS\SYSTEM32\lsass.exe
1308 C:\WINDOWS\SYSTEM32\svchost.exe
1360 svchost.exe
1484 C:\WINDOWS\SYSTEM32\svchost.exe
1612 svchost.exe
1732 svchost.exe
1920 C:\WINDOWS\SYSTEM32\LEXBCES.EXE
1956 C:\WINDOWS\SYSTEM32\LEXPPS.EXE
1964 C:\WINDOWS\SYSTEM32\spoolsv.exe
692 svchost.exe
728 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
760 C:\WINDOWS\SYSTEM32\CTsvcCDA.EXE
812 C:\Program Files\Java\jre6\bin\jqs.exe
856 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
1184 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
1396 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1504 C:\WINDOWS\SYSTEM32\svchost.exe
1524 C:\WINDOWS\wanmpsvc.exe
208 C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
252 C:\WINDOWS\SYSTEM32\searchindexer.exe
340 C:\WINDOWS\SYSTEM32\svchost.exe
556 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
700 C:\WINDOWS\SYSTEM32\wuauclt.exe
788 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
3360 C:\WINDOWS\explorer.exe
3488 alg.exe
2580 C:\Program Files\Dell\Media Experience\PCMService.exe
2612 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
2672 C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
328 C:\WINDOWS\SYSTEM32\svchost.exe
2732 C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe
2780 C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
2812 C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
3000 C:\Program Files\QuickTime\qttask.exe
3064 C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
3084 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
3116 C:\Program Files\BroadJump\Client Foundation\CFD.exe
3516 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
3524 C:\Program Files\McAfee.com\Agent\mcagent.exe
3572 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3608 C:\Program Files\Messenger\msmsgs.exe
3624 C:\WINDOWS\SYSTEM32\ctfmon.exe
3740 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
3800 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
3976 C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
3088 C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
832 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
988 C:\Program Files\Google\Chrome\Application\chrome.exe
1552 C:\Program Files\Google\Chrome\Application\chrome.exe
3004 wmiprvse.exe
2924 C:\WINDOWS\SYSTEM32\searchprotocolhost.exe
3232 searchfilterhost.exe
2280 C:\Documents and Settings\Frank\My Documents\Downloads\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
PhysicalDrive0 Model Number: Maxtor6Y120P0, Rev: YAR41BW0
Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Done!
-
GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit quick scan 2010-10-04 21:35:04
Windows 5.1.2600 Service Pack 3
Running: bh9pob5g.exe; Driver: C:\DOCUME~1\Frank\LOCALS~1\Temp\fwldypog.sys
---- System - GMER 1.0.15 ----
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xF746E090]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xF746E0A4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xF746E0D0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xF746E126]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xF746E07C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xF746E054]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xF746E068]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xF746E0BA]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xF746E0FC]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xF746E0E6]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xF746E150]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xF746E13C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xF746E110]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
---- EOF - GMER 1.0.15 ----
-
OTL Extras logfile created on: 04/10/2010 21:45:41 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Frank\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1,023.00 Mb Total Physical Memory | 527.00 Mb Available Physical Memory | 51.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.71 Gb Total Space | 80.26 Gb Free Space | 71.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MANCHES
Current User Name: Frank
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet
isabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNetisabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNetisabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNetisabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNetisabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNetisabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*isabled:Windows Remote Management
"80:TCP" = 80:TCP:*isabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*isabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*isabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\PersonalWebKit3\personalwebkit.exe" = C:\Program Files\PersonalWebKit3\personalwebkit.exe:*:Enabled :PersonalWebKit (2) -- (Redmond Digital)
"C:\Program Files\Terrapin FTP\ftp95.exe" = C:\Program Files\Terrapin FTP\ftp95.exe:*:Enabled:Terrapin FTP -- (Terrapin Internet Ltd)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAf ee Shared Service Host -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{168DB6F5-0A4E-11D4-A497-444553540000}" = Fritz6
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1EDBB5DD-3AB0-49D8-99CC-235A93865D03}" = Tiscali 10.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21
"{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Camera Support Core Library
"{2CB511DF-AD50-4087-8934-8ACE54DE4FC1}" = BT Openworld Dell Signup
"{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Internet Library
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46AC899A-9ECB-43DC-85DE-272E0D116A1E}" = Ad-Aware 2007
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1.1
"{5783F2D7-0301-0409-0002-0060B0CE6BBA}" = AutoCAD 2005 - English
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = RAW Image Task 1.1
"{68E9C92F-5109-47EC-9168-74B5E673ECCF}" = DA920EN
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81B109ED-6ECA-49FF-9238-8E31FA5DB1A9}_is1" = RescuePRO 3.4.0.34
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9FA93155-472F-4778-87A8-95244FD1535D}" = OLYMPUS Master 2
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4671483-7CAF-4375-A9C9-9A68A640ED75}" = OLYMPUS Studio 2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}" = Camera Window
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C735206E-A8D7-2DC8-EADF-744C18174654}" = Acrobat.com
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = RemoteCapture Task 1.0.3
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DE286975-ACF1-45B8-9EF7-34E162B2C817}" = MovieEdit Task
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}" = PhotoStitch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"1A6754C019F3AE544C346226BB63AC9BC7DACCDE" = Windows Driver Package - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam (12/28/2006 1.0.0.0)
"2CFDDBA03CBE225A1FA2032FE06674F0AF0549D0" = Windows Driver Package - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam (06/28/2007 2.2.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"alotToolbar" = ALOT Toolbar
"America Online uk" = AOL UK
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"AVS Image Converter_is1" = AVS Image Converter 1.2.1.100
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Corel Applications" = Corel Applications
"Dell AIO Printer A920" = Dell AIO Printer A920
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FaceDub" = FaceDub
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Canon Camera Support Core Library
"InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Canon Internet Library for ZoomBrowser EX
"InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}" = Canon Utilities PhotoStitch 3.1
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSC" = McAfee AntiVirus Plus
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nikon FotoShare" = Nikon FotoShare
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Product_Name" = PersonalWebKit
"PROSet" = Intel(R) PRO Network Connections Drivers
"QuickTime" = QuickTime
"RealPlayer 12.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Terrapin FTP" = Terrapin FTP
"The Oxford Interactive Encyclopedia" = The Oxford Interactive Encyclopedia
"Veetle TV" = Veetle TV 0.9.17
"ViewpointMediaPlayer" = Viewpoint Media Player
"War FTP Daemon" = War FTP Daemon
"Webster's World Encyclopedia 2001" = Webster's World Encyclopedia 2001
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04/10/2010 11:55:50 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 11:55:50 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 11
45 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 1145 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 1145 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 1145 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 1145 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 1145 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 16:40:05 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 04/10/2010 16:40:05 | Computer Name = MANCHES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
ANTIVIRUS PLUS.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
[ System Events ]
Error - 04/10/2010 15:47:43 | Computer Name = MANCHES | Source = Service Control Manager | ID = 7031
Description = The McAfee VirusScan Announcer service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.
Error - 04/10/2010 15:47:43 | Computer Name = MANCHES | Source = Service Control Manager | ID = 7031
Description = The McAfee Network Agent service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 04/10/2010 15:47:43 | Computer Name = MANCHES | Source = Service Control Manager | ID = 7031
Description = The McAfee Proxy Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 04/10/2010 16:06:21 | Computer Name = MANCHES | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.2.4, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.
Error - 04/10/2010 16:09:13 | Computer Name = MANCHES | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 04/10/2010 16:09:47 | Computer Name = MANCHES | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 04/10/2010 16:28:13 | Computer Name = MANCHES | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.2.4, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.
Error - 04/10/2010 16:30:42 | Computer Name = MANCHES | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 04/10/2010 16:38:29 | Computer Name = MANCHES | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.2.4, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.
Error - 04/10/2010 16:40:34 | Computer Name = MANCHES | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
< End of report >
-
OTL logfile created on: 04/10/2010 21:45:41 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Frank\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1,023.00 Mb Total Physical Memory | 527.00 Mb Available Physical Memory | 51.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.71 Gb Total Space | 80.26 Gb Free Space | 71.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MANCHES
Current User Name: Frank
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/10/04 21:44:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Frank\My Documents\Downloads\OTL.exe
PRC - [2010/08/24 14:57:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/08/24 14:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/08/24 14:57:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/07/01 00:07:46 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/04/26 10:32:37 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/11/25 21:42:26 | 000,095,632 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/09/16 13:16:08 | 001,833,296 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/07 18
14 | 000,561,152 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2007/06/18 16:24:11 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
PRC - [2005/06/06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2003/06/02 18:50:58 | 000,053,248 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
PRC - [2003/06/02 18:25:24 | 000,270,336 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
PRC - [2003/04/09 16:23:36 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2003/01/27 17:16:58 | 000,376,912 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
PRC - [2002/04/03 01:01:00 | 000,135,264 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
========== Modules (SafeList) ==========
MOD - [2010/10/04 21:44:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Frank\My Documents\Downloads\OTL.exe
MOD - [2010/04/26 10:34:02 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ho ok\rpchromebrowserrecordhelper.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx
MOD - [2003/03/19 14:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msvcp71.dll
MOD - [2003/02/21 22:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msvcr71.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/24 14:57:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/08/24 14:57:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/08/24 14:57:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/04/15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/07/07 1814 | 000,561,152 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2004/11/30 14:23:58 | 000,074,360 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2003/04/09 16:23:36 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wudfrd.sys -- (WudfRd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - [2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/08/24 14:57:38 | 000,312,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfefirek.sys -- (mfefirek)
DRV - [2010/08/24 14:57:38 | 000,152,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys -- (mfeavfk)
DRV - [2010/08/24 14:57:38 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeapfk.sys -- (mfeapfk)
DRV - [2010/08/24 14:57:38 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfendisk.sys -- (mfendiskmp)
DRV - [2010/08/24 14:57:38 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfendisk.sys -- (mfendisk)
DRV - [2010/08/24 14:57:38 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mferkdet.sys -- (mferkdet)
DRV - [2010/08/24 14:57:38 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/08/24 14:57:38 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cfwids.sys -- (cfwids)
DRV - [2010/08/24 14:57:38 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys -- (mfebopk)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 12:32:26 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Mpfp.sys -- (MPFP)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 06:29:54 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2004/08/04 06:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 06:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 06:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 06:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 06:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 06:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 06:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 06:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 06:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 06:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/15 01:04:00 | 000,100,597 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/03/15 01:04:00 | 000,098,580 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/03/15 01:04:00 | 000,085,972 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/03/15 01:04:00 | 000,034,837 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/03/15 01:04:00 | 000,025,685 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/03/15 01:04:00 | 000,014,229 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/03/15 01:04:00 | 000,006,357 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/03/15 01:04:00 | 000,004,117 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/03/15 01:04:00 | 000,002,233 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/03/05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 22:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2004/02/27 0200 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/02/13 0300 | 000,086,160 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/01/14 19:18:16 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/01/14 19:18:04 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2003/09/22 11:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/09/22 07:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 07:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/04/09 16:07:18 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/07/17 12:00:36 | 000,010,446 | ---- | M] (EUTRON) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\KeyP.sys -- (KeyP)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ItsYourTurn.com - Play online games: chess, checkers, backgammon, Battleship, Othello, Connect4, and more! FREE turn-based multiplayer Internet board games
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = <local>
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892 B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\E xt [2010/04/26 10:34:04 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010/08/28 18:53:45 | 000,291,222 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com - 007guard and Free Antivirus
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10029 more lines...
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100917102013.dl l (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\s wg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: () - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [Dell AIO Printer A920] C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe (Dell Computer Corporation)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0\aoltray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Corel Family and Friends Reminders.LNK = C:\Program Files\Corel\Print House Magic\cffrem.exe (Corel Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8 574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/sh...6/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1182714684328 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab (DwnldGroupMgr Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get...nt/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/Documents%20and%20Settings/Frank/My%20Documents/My%20Pictures/Adobe/Digital%20Camera%20Photos/Sophia%2017.1.10/2010-01-18-1108-18/DSCN1258.JPG
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (daila) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ctmp3 - C:\WINDOWS\SYSTEM32\ctmp3.acm (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\IR41_32.DLL (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave1 - C:\WINDOWS\System32\SERWVDRV.DLL (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ==========
[2010/10/04 21:11:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/04 21:11:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/04 21:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/30 1049 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Frank\My Documents\RO
[2010/08/20 09:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/08/02 23:00:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Frank\PrivacIE
[2010/08/02 22:51:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Frank\IETldCache
[2010/08/02 2205 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Frank\Application Data\Windows Search
[2010/08/02 22:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/08/02 22:01:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/08/02 22:01:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/08/02 22:01:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/08/02 21:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/08/02 21:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/08/02 21:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/08/02 21:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/02 21:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/08/02 21:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/08/02 21:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/08/02 21:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/08/02 21:19:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/08/02 21:14:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/08/02 21:09:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/08/02 21:04:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Frank\Application Data\Windows Desktop Search
[2010/08/02 21:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/08/02 21:03:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/08/02 20:59:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/07/29 10:43:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2004/07/05 17:16:12 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
========== Files - Modified Within 90 Days ==========
[2010/10/04 21:44:13 | 010,223,616 | ---- | M] () -- C:\Documents and Settings\Frank\ntuser.dat
[2010/10/04 21:39:14 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010/10/04 21:38:29 | 000,000,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.ics
[2010/10/04 21:38:17 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/10/04 21:38:15 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/04 21:38:15 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1108445828-2981252001-3231014831-1008.job
[2010/10/04 21:38:15 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1108445828-2981252001-3231014831-1007.job
[2010/10/04 21:37:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/04 21:37:31 | 1072,746,496 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/04 21:37:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/10/04 21:37:29 | 1072,775,168 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/10/04 21:26:30 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Frank\NTUSER.INI
[2010/10/04 21:22:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/04 21:11:55 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/04 17:22:26 | 000,000,605 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2010/10/04 16:40:02 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/04 1630 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1108445828-2981252001-3231014831-1008.job
[2010/10/04 15:50:14 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/10/04 10:41:49 | 000,002,279 | ---- | M] () -- C:\Documents and Settings\Frank\Desktop\AutoCAD 2005.lnk
[2010/10/04 10:26:15 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/10/04 09:41:42 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1108445828-2981252001-3231014831-1007.job
[2010/10/03 11:14:38 | 000,000,051 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/09/30 10:44:56 | 000,000,088 | ---- | M] () -- C:\Documents and Settings\Frank\My Documents\acad.err
[2010/09/20 09:33:36 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Frank\Desktop\Microsoft Word.lnk
[2010/09/15 23:42:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/14 09:28:28 | 000,146,432 | ---- | M] () -- C:\Documents and Settings\Frank\My Documents\Double Doors.doc
[2010/08/31 11:49:22 | 000,260,590 | -H-- | M] () -- C:\Documents and Settings\Frank\Local Settings\Application Data\IconCache.db
[2010/08/31 10:49:40 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\Frank\Desktop\New Wave Sound.wav
[2010/08/28 18:53:45 | 000,291,222 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2010/08/28 17:36:51 | 002,359,350 | ---- | M] () -- C:\WINDOWS\wallpaper.bmp
[2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2010/08/24 14:57:38 | 000,312,904 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2010/08/24 14:57:38 | 000,152,992 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/08/24 14:57:38 | 000,095,600 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2010/08/24 14:57:38 | 000,088,544 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2010/08/24 14:57:38 | 000,084,264 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2010/08/24 14:57:38 | 000,084,072 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2010/08/24 14:57:38 | 000,055,840 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2010/08/24 14:57:38 | 000,052,104 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/08/24 14:57:38 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2010/08/23 10:42:59 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/08/22 17:52:02 | 000,005,711 | ---- | M] () -- C:\Documents and Settings\Frank\My Documents\My Favorite Theme.theme
[2010/08/19 17:36:59 | 000,582,224 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/19 1515 | 000,583,204 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/19 1515 | 000,504,076 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/08/19 1515 | 000,087,506 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/08/19 13:25:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/08 12:16:04 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Frank\My Documents\Default.rdp
[2010/08/02 21:59:21 | 000,195,080 | ---- | M] () -- C:\Documents and Settings\Frank\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/02 21:03:57 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/07/18 19:26:40 | 100,352,000 | ---- | M] () -- C:\WINDOWS\outlook.pst
========== Files Created - No Company Name ==========
[2010/10/04 21:11:55 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/04 15:50:14 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/10/04 15:50:13 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/10/04 10:26:15 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/09/30 10:44:56 | 000,000,088 | ---- | C] () -- C:\Documents and Settings\Frank\My Documents\acad.err
[2010/09/14 09:28:28 | 000,146,432 | ---- | C] () -- C:\Documents and Settings\Frank\My Documents\Double Doors.doc
[2010/08/31 10:49:40 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Frank\Desktop\New Wave Sound.wav
[2010/08/08 15:44:58 | 000,005,711 | ---- | C] () -- C:\Documents and Settings\Frank\My Documents\My Favorite Theme.theme
[2010/08/08 12:16:04 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Frank\My Documents\Default.rdp
[2010/08/02 21:03:57 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/08/02 20:32:16 | 1072,746,496 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/23 17:20:20 | 010,223,616 | ---- | C] () -- C:\Documents and Settings\Frank\ntuser.dat
[2010/05/31 19:02:22 | 000,000,220 | -HS- | C] () -- C:\WINDOWS\dwin.sys
[2009/11/16 15:57:36 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/05/31 13:35:42 | 000,000,691 | ---- | C] () -- C:\WINDOWS\AWSHKWV.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/09/05 09:16:18 | 000,000,028 | ---- | C] () -- C:\WINDOWS\CHANGE.INI
[2006/09/05 09:16:15 | 000,000,026 | ---- | C] () -- C:\WINDOWS\map.ini
[2006/09/05 09:16:05 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\afdutl32.dll
[2006/09/05 09:16:05 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2006/09/05 09:16:05 | 000,009,784 | ---- | C] () -- C:\WINDOWS\afdpcnn.ini
[2006/07/18 14:31:56 | 000,663,552 | ---- | C] () -- C:\WINDOWS\System32\libeay32_1-1-0_DDR.dll
[2006/07/18 14:31:56 | 000,532,594 | ---- | C] () -- C:\WINDOWS\System32\xerces-c_1_40_0_DDR.dll
[2006/07/18 14:31:56 | 000,524,377 | ---- | C] () -- C:\WINDOWS\System32\stlport_4_0_0_DDR.dll
[2006/07/18 14:31:56 | 000,307,329 | ---- | C] () -- C:\WINDOWS\System32\BJBase_2-2-2_DDR.dll
[2006/07/18 14:31:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32_1-1-0_DDR.dll
[2005/12/29 20:11:12 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\Bmp2Jpeg.dll
[2005/05/16 17:33:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RAWImage.INI
[2005/04/28 09:44:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/01/27 19:22:09 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Frank\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/11/15 11:20:23 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK35_SETUP.ini
[2004/10/12 16:22:25 | 000,000,052 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2004/10/12 13:35:33 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2004/10/04 13:20:22 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Frank\Local Settings\Application Data\fusioncache.dat
[2004/10/03 11:51:33 | 000,000,195 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2004/08/11 20:32:26 | 000,000,296 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2004/07/11 12:07:25 | 000,000,644 | ---- | C] () -- C:\WINDOWS\wencyc01.ini
[2004/07/11 12:07:25 | 000,000,058 | ---- | C] () -- C:\WINDOWS\timeline.ini
[2004/07/11 12:07:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004/07/10 19:26:11 | 000,000,941 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/07/10 18:54:42 | 000,000,051 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/07/10 18:53:07 | 000,000,605 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2004/07/05 1742 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/07/05 17:16:57 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/07/05 17:16:25 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/07/05 17:16:12 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2004/07/05 17:16:12 | 000,002,572 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2004/07/05 17:16:12 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2004/07/05 17:16:12 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2004/07/05 17:16:12 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/07/05 17:15:50 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/07/05 17:12:07 | 000,000,891 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/07/05 16:58:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/07/05 16:58:02 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/07/05 16:49:58 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/03/26 16:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/04/22 15:37:50 | 000,000,141 | ---- | C] () -- C:\WINDOWS\System32\DLBKPLC.INI
[2002/11/13 19:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 09:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL
[1997/08/01 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1997/08/01 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
========== LOP Check ==========
[2004/10/04 13:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2004/10/04 11:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2009/04/17 14:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\alot
[2004/10/05 13:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Autodesk
[2004/10/12 16:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\ChessBase
[2008/10/18 10:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B 320485DF8CE.1
[2010/05/10 10:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Inbox Toolbar
[2005/02/15 15:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Leadertech
[2004/12/16 14:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Nikon
[2009/11/16 19:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\pdfforge
[2009/11/16 19:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Search Settings
[2004/11/01 13:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Template
[2007/06/24 20:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Uniblue
[2010/08/02 21:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Windows Desktop Search
[2010/08/02 2205 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Frank\Application Data\Windows Search
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2005/03/29 15:39:21 | 000,082,307 | ---- | M] () -- C:\acadminidump.dmp
[2009/11/02 17:50:13 | 000,000,665 | ---- | M] () -- C:\ALBUM.PVM
[2002/09/03 08:59:58 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2007/03/29 14:13:51 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2002/09/03 08:38:46 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2002/09/03 08:59:58 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004/07/05 16:54:40 | 000,005,174 | RH-- | M] () -- C:\DELL.SDR
[2004/08/14 10:44:43 | 000,005,205 | -H-- | M] () -- C:\ffastun.ffa
[2004/08/14 10:44:43 | 000,212,992 | -H-- | M] () -- C:\ffastun.ffl
[2004/08/14 10:44:43 | 000,442,368 | -H-- | M] () -- C:\ffastun.ffo
[2004/08/14 10:44:43 | 000,618,496 | -H-- | M] () -- C:\ffastun0.ffx
[2010/10/04 21:37:31 | 1072,746,496 | -HS- | M] () -- C:\hiberfil.sys
[2002/09/03 08:59:58 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2004/07/05 17:17:34 | 000,000,461 | -H-- | M] () -- C:\IPH.PH
[2002/09/03 08:59:58 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2005/01/27 18:37:41 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/06 10:55:46 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/10/04 21:37:29 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010/10/04 21:39:14 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2002/09/03 08:59:02 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\DESKTOP.INI
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2003/04/30 20:43:32 | 000,078,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\DLBKPP5C .DLL
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpi pelineprintproc.dll
[2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfil terpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/04/17 00:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[1997/08/01 00:00:00 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Frank\Application Data\Microsoft\ArtGalry.cag
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2002/09/03 08:47:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV
[2002/09/03 08:47:18 | 000,602,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV
[2002/09/03 08:47:18 | 000,380,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/08/06 11:02:41 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\DESKTOP.INI
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005/01/27 19:02:09 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Frank\Application Data\Microsoft\Internet Explorer\Quick Launch\DESKTOP.INI
[2007/06/21 13:54:28 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Frank\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2009/02/15 12:04:08 | 017,896,352 | ---- | M] () -- C:\Documents and Settings\Frank\Desktop\aaw2007.exe
[2007/06/24 21:11:06 | 000,532,480 | ---- | M] (Trend Micro Incorporated) -- C:\Documents and Settings\Frank\Desktop\cwshredder.exe
[2010/05/04 17:19:32 | 005,350,184 | ---- | M] (SmartSoft Ltd) -- C:\Documents and Settings\Frank\Desktop\SmartFTP.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
[3 C:\Program Files\Internet Explorer\*.tmp files -> C:\Program Files\Internet Explorer\*.tmp -> ]
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
[2007/07/29 22:07:11 | 002,720,456 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Frank\My Documents\Ccleaner_29Jul2007.exe
[2007/07/07 18:55:29 | 001,757,184 | ---- | M] () -- C:\Documents and Settings\Frank\My Documents\ntlftp23.exe
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2002/08/29 05:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\ADDINS\fxsext.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2005/01/27 19:02:10 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Frank\Favorites\Desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
[2009/11/02 13:16:43 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Frank\Cookies\desktop.ini
[2010/10/04 21:43:51 | 000,442,368 | -HS- | M] () -- C:\Documents and Settings\Frank\Cookies\index.dat
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\INF\unregmp2.exe
[1 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
[2008/04/14 01:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2002/12/17 11:23:28 | 000,015,692 | ---- | M] () -- C:\Program Files\Messenger\license.txt
[2002/12/17 11:23:22 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002/12/17 11:23:22 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2002/12/17 11:23:28 | 000,000,807 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008/05/02 15:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 18:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 01:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002/08/20 15:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\MSMSGSIN.EXE
[2002/12/17 11:23:18 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2002/12/17 11:23:18 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2002/12/17 11:23:18 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2002/12/17 11:23:24 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/07/17 19:41:04 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Frank\Desktop\SmartFTP.exe:�SummaryInform ation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Frank\Desktop\aaw2007.exe:�SummaryInforma tion
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Frank\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:�SummaryInformation
< End of report >
-
Please, describe your computer issues.
Please download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
- Please, never rename Combofix unless instructed.
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
- Double click on combofix.exe & follow the prompts.
- When finished, it will produce a report for you.
- Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
Make sure, you re-enable your security programs, when you're done with Combofix.
DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
Junior Member
