Hi melboy
I'm sending you 2 of the files you requested - the 3rd kept crashing my system. The GMER Rootkit Scanner ran for about 30 minutes before it crashed the system.
Thanks for all your help in this matter.
Jim (mrchips)
OTL.TXT
OTL logfile created on: 2/13/2011 1:13:37 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.32 Gb Total Space | 59.18 Gb Free Space | 25.81% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 17.05 Gb Free Space | 22.88% Space Free | Partition Type: NTFS
Computer Name: JIM_SPAGNOLO | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/02/13 13:13:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Downloads\OTL.exe
PRC - [2011/02/12 18:27:06 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011/02/09 22:14:59 | 000,994,872 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/01/13 03:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/01/13 03:47:32 | 000,119,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2011/01/05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes\mbamservice.exe
PRC - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/24 11:12:32 | 000,928,496 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/11/24 11:12:31 | 001,375,992 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/06/25 19:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/06/22 14:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/11/19 18:15:46 | 000,583,016 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2009/09/29 08:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/03 14:09:34 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
========== Modules (SafeList) ========== MOD - [2011/02/13 13:13:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Downloads\OTL.exe
MOD - [2011/01/13 03:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/01/13 03:47:32 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011/01/05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes\mbamservice.exe -- (MBAMService)
SRV - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/24 11:12:31 | 001,375,992 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/05/06 04:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/09/29 08:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/06/02 14:55:26 | 000,823,296 | ---- | M] (Hauppauge Computer Works) [On_Demand | Stopped] -- C:\Program Files\WinTV\HCWTVServer.exe -- (HauppaugeTVServer)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
========== Driver Services (SafeList) ========== DRV - [2011/01/13 03:42:26 | 000,099,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011/01/13 03:41:29 | 000,357,968 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 03:41:04 | 000,189,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 03:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 03:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/31 14:41:01 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/11/03 10:34:33 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/07/27 03:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/07/27 03:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C310(UVC)
DRV - [2010/07/27 03:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/07/27 03:12:26 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/07/12 03:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/03/18 04:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 04:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 04:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/01/27 11:22:02 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/01/27 11:22:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009/12/12 01:48:04 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/06/23 00:14:40 | 004,432,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/02/26 17:59:10 | 005,700,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/02/06 08:27:02 | 000,185,728 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.optimum.net/homeIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:80
========== FireFox ========== FF - HKLM\software\mozilla\Firefox\extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011/02/12 18:27:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/08 14:31:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 11:36:43 | 000,000,000 | ---D | M]
[2010/08/03 10:03:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions
[2010/08/03 10:03:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/11/10 15:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\g4k9wrl0.default\extensions
[2011/02/13 10:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions
[2010/08/03 10:03:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/21 09:01:51 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2010/08/13 08:54:25 | 000,000,000 | ---D | M] (deskCut) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\{9125C9CB-BE2B-4389-A0C7-46A4BDD46AEA}
[2010/12/02 17:16:48 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011/01/27 11:04:11 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/01/27 11:04:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\engine@conduit.com
[2010/09/29 18:37:20 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\foxmarks@kei.com
[2010/08/07 18:43:13 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\mryghflr.default\extensions\LogMeInClient@logmein.com
[2011/02/13 10:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/04 08:09:30 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/08/03 14:42:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 16:40:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/20 10:18:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/03 17:50:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2008/08/16 16:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2008/08/16 16:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2008/08/16 16:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2008/05/21 07:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2008/05/21 07:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2008/05/21 07:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/12/23 11:06:38 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/08/16 16:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2008/08/16 16:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
O1 HOSTS File: ([2010/08/04 10:49:00 | 000,415,879 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
http://www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
http://www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
http://www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
http://www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
http://www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
http://www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
http://www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
http://www.100888290cs.comO1 - Hosts: 127.0.0.1
http://www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
http://www.10sek.comO1 - Hosts: 127.0.0.1
http://www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14357 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] File not found
O4 - HKCU..\Run: [FBackup Scheduler] File not found
O4 - HKCU..\Run: [googletalk] File not found
O4 - HKCU..\Run: [HLBackupScheduler] File not found
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = File not found
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java
file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.2 167.206.254.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/07 10:31:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{699b2917-1503-11e0-bca9-0019d184adc9}\Shell - "" = AutoRun
O33 - MountPoints2\{699b2917-1503-11e0-bca9-0019d184adc9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{699b2917-1503-11e0-bca9-0019d184adc9}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{a0b79c30-2c6c-11dc-9665-0019d1fcfb5e}\Shell\AutoRun\command - "" = D:\setup.cmd
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/02/12 18:28:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\PackageAware
[2011/02/12 18:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RoboForm
[2011/02/12 17:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Start Menu\Programs\Google Chrome
[2011/02/12 09:34:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\IIS Temporary Compressed Files
[2011/02/12 09:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Cache
[2011/02/12 09:34:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/02/12 09:34:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpctrs.dll
[2011/02/12 09:34:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/02/12 09:34:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snprfdll.dll
[2011/02/12 09:34:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/02/12 09:33:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/02/12 09:33:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/02/12 09:33:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/02/12 09:33:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fcachdll.dll
[2011/02/12 09:33:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/02/12 09:33:59 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/02/12 09:33:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regtrace.exe
[2011/02/12 09:33:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/02/12 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/02/12 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsiisex.dll
[2011/02/12 09:33:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/02/12 09:33:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2011/02/12 09:33:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2011/02/12 09:33:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/02/12 09:33:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2011/02/12 09:33:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2011/02/12 09:33:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2011/02/12 09:33:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2011/02/12 09:33:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2011/02/12 09:33:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2011/02/12 09:33:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2011/02/12 09:33:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2011/02/12 09:33:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2011/02/12 09:33:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2011/02/12 09:33:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2011/02/12 09:33:28 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2011/02/12 09:33:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2011/02/12 09:33:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2011/02/12 09:33:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aspperf.dll
[2011/02/12 09:33:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2011/02/12 09:33:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/02/12 09:33:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3svapi.dll
[2011/02/12 09:33:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/02/12 09:33:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/02/12 09:33:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ctrs.dll
[2011/02/12 09:33:27 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2011/02/12 09:33:27 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2011/02/12 09:33:27 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2011/02/12 09:33:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsloc.dll
[2011/02/12 09:33:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2011/02/12 09:33:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisreset.exe
[2011/02/12 09:33:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2011/02/12 09:33:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infoctrs.dll
[2011/02/12 09:33:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2011/02/12 09:33:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wamregps.dll
[2011/02/12 09:33:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2011/02/12 09:33:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftpsapi2.dll
[2011/02/12 09:33:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2011/02/12 09:33:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisrstap.dll
[2011/02/12 09:33:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2011/02/12 09:33:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iismui.dll
[2011/02/12 09:33:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2011/02/12 09:33:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2011/02/12 09:33:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\convlog.exe
[2011/02/12 09:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2011/02/12 09:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\admxprox.dll
[2011/02/12 09:33:15 | 000,000,000 | ---D | C] -- C:\Inetpub
[2011/02/10 14:43:02 | 000,025,984 | ---- | C] (The OpenVPN Project) -- C:\WINDOWS\System32\drivers\tap0901.sys
[2011/02/10 14:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityKISS Tunnel
[2011/02/10 14:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\Zilla Anonymous Surfer
[2011/02/09 18:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/02/09 18:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Start Menu\Programs\HiJackThis
[2011/02/07 19:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/02/07 19:15:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/02/05 08:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/02/05 04:18:08 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2011/02/05 04:18:08 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2011/02/04 21:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/02/03 17:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
[2011/02/03 17:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Sony Corporation
[2011/02/03 17:31:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Content Transfer
[2011/02/03 17:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2011/02/03 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WALKMAN Guide
[2011/02/03 17:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\Downloaded Installations
[2011/02/03 17:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/02/03 11:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/02/03 11:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/02/03 11:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/02/03 07:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2011/02/02 18:12:57 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2011/02/02 17:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2011/02/02 16:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Motorola
[2011/02/02 13:48:56 | 004,194,304 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll
[2011/02/02 13:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit
[2011/02/02 13:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Intuit
[2011/02/02 13:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2011/02/02 13:39:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Intuit
[2011/01/29 19:04:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GoodSync
[2011/01/26 19:42:19 | 000,000,000 | ---D | C] -- C:\BTGUARD
[2011/01/21 09:44:37 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2010/08/03 10:04:09 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jim\Application Data\pcouffin.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/02/13 13:10:47 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/02/13 13:09:45 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/13 13:08:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/13 12:47:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1045183991-3471606621-601016896-1004UA.job
[2011/02/13 09:50:29 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D117AED6-205E-408E-92E0-B35D0A958C9B}.job
[2011/02/13 03:01:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/12 17:47:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1045183991-3471606621-601016896-1004Core.job
[2011/02/12 17:43:35 | 000,002,167 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Chrome.lnk
[2011/02/12 17:43:35 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/02/12 17:39:50 | 000,483,976 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/12 17:39:50 | 000,084,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/12 16:27:02 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Routing.job
[2011/02/11 16:29:45 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Jim\PUTTY.RND
[2011/02/11 09:07:09 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Tor Browser.lnk
[2011/02/11 08:23:15 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Word.lnk
[2011/02/10 17:48:16 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/10 17:34:24 | 000,000,090 | ---- | M] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/02/10 14:51:19 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Jim\SecurityKISSTunnel.config
[2011/02/10 14:43:49 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\vso_ts_preview.xml
[2011/02/09 17:02:23 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2011/02/09 10:28:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/02/08 16:27:04 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Update.job
[2011/02/06 15:19:55 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2011/02/04 20:00:47 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011/02/03 17:40:27 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Content Transfer.lnk
[2011/02/03 17:27:53 | 000,001,841 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Walkman.lnk
[2011/02/03 10:57:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/03 08:48:41 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/02 18:00:20 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\PUTTY.RND
[2011/02/02 17:59:21 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad.lnk
[2011/02/02 16:27:10 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper MUM.job
[2011/01/31 16:54:40 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Excel.lnk
[2011/01/29 19:04:55 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\GoodSync.lnk
[2011/01/29 19:04:55 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GoodSync.lnk
[2011/01/28 13:45:42 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/01/27 11:59:21 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\Jim\GoToAssistDownloadHelper.exe
[2011/01/24 11:47:29 | 000,011,147 | ---- | M] () -- C:\Documents and Settings\UI.xlsx
[2011/01/21 09:44:37 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2011/01/21 09:44:37 | 000,439,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011/01/19 12:20:39 | 000,004,058 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2011/01/19 12:08:59 | 000,001,302 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2011/01/19 10:48:45 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2009.lnk
[2011/01/18 16:20:07 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/18 08:14:09 | 000,013,637 | ---- | M] () -- C:\Documents and Settings\Dr_Goldstein.docx
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/02/12 17:43:35 | 000,002,167 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Chrome.lnk
[2011/02/12 17:43:35 | 000,002,145 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/02/12 17:42:54 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1045183991-3471606621-601016896-1004UA.job
[2011/02/12 17:42:53 | 000,000,918 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1045183991-3471606621-601016896-1004Core.job
[2011/02/12 17:38:19 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Jim\Start Menu\Programs\Outlook Express.lnk
[2011/02/12 10:24:41 | 000,000,418 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D117AED6-205E-408E-92E0-B35D0A958C9B}.job
[2011/02/12 09:38:35 | 000,087,960 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\FASTWiz.log
[2011/02/12 09:34:00 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/02/12 09:34:00 | 000,008,002 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.h
[2011/02/12 09:33:59 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/02/12 09:33:59 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.h
[2011/02/12 09:33:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/02/12 09:33:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/02/12 09:33:28 | 000,005,379 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.h
[2011/02/12 09:33:28 | 000,002,024 | ---- | C] () -- C:\WINDOWS\System32\axctrnm.h
[2011/02/12 09:33:27 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/02/12 09:33:27 | 000,003,276 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.h
[2011/02/11 09:43:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Jim\PUTTY.RND
[2011/02/11 09:07:09 | 000,000,617 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Tor Browser.lnk
[2011/02/10 14:44:01 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Jim\SecurityKISSTunnel.config
[2011/02/06 15:19:55 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2011/02/03 17:31:47 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Content Transfer.lnk
[2011/02/03 17:27:53 | 000,001,841 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Walkman.lnk
[2011/02/03 08:48:41 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/02 17:59:21 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor.lnk
[2011/02/02 17:59:21 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad.lnk
[2011/02/02 16:27:10 | 000,000,364 | ---- | C] () -- C:\WINDOWS\tasks\MotoHelper Update.job
[2011/02/02 16:27:10 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\MotoHelper MUM.job
[2011/02/02 16:27:10 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\MotoHelper Routing.job
[2011/02/02 13:56:09 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\PUTTY.RND
[2011/02/02 13:42:00 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/01/18 08:14:09 | 000,013,637 | ---- | C] () -- C:\Documents and Settings\Dr_Goldstein.docx
[2011/01/12 16:56:46 | 000,004,058 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/01/12 16:40:57 | 000,001,302 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2011/01/07 16:59:17 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/11/15 15:36:00 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2010/08/06 16:07:44 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2010/08/06 16:05:03 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/08/05 11:27:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/04 13:31:23 | 001,072,240 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/04 09:57:24 | 000,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast.ini
[2010/08/04 09:56:15 | 000,032,987 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010/08/04 09:56:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2010/08/04 09:55:22 | 000,000,135 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/08/04 09:55:17 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2010/08/04 09:54:47 | 000,006,245 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2010/08/04 09:52:22 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2010/08/03 10:04:09 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\inst.exe
[2010/08/03 10:04:09 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\pcouffin.cat
[2010/08/03 10:04:09 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\pcouffin.inf
[2010/08/03 10:04:09 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\vso_ts_preview.xml
[2010/08/03 10:04:09 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\pcouffin.log
[2010/08/03 10:04:09 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\FileJoin.ini
[2010/07/27 03:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/07/27 03:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/07/27 02:56:04 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/19 07:57:35 | 000,005,051 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik
[2008/09/07 16:30:19 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\imgpdf2.dll
[2007/11/25 16:42:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gtupdater.ini
[2007/07/07 13:07:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/07/07 11:19:39 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2007/07/07 10:13:02 | 000,001,950 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/07/07 03:24:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B623B5B8
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BF2F6B5
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:981884E7
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CFF5F08
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0C988F7D
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADF211B1
< End of report >
==============================================================
EXTRAS.TXT
OTL Extras logfile created on: 2/13/2011 1:13:37 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.32 Gb Total Space | 59.18 Gb Free Space | 25.81% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 17.05 Gb Free Space | 22.88% Space Free | Partition Type: NTFS
Computer Name: JIM_SPAGNOLO | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series" = Canon MX330 series MP Drivers
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{28154F98-6A45-4E6F-AB2A-C24B09ECEF1F}" = IBFX - CPR
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{31753CDD-A7DA-4667-BEFC-B3EA3BDF366E}" = Foxit Phantom
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3B8186F0-EAA2-012B-AE69-000000000000}" = TurboTax 2009 wnyiper
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = MetaTrader 4.00
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.5
"{55B1E4FA-F2E0-45DF-9B36-0B30A7949984}" = NWZ-S540 WALKMAN Guide
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74E78471-E122-4101-8744-CEB6C5C027A0}" = Foxit PDF IFilter
"{7BB493F6-1E56-4748-B3A3-D7B1FB6EE2FE}" = Motorola Mobile Drivers Installation 4.7.1
"{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}" = LogMeIn
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11109097}" = Luxor - Amun Rising
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113666647}" = Luxor 3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D90574-5ACF-4395-9AB5-29770BD39E0E}_is1" = Genie Backup Manager Pro 6.0
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = RoboForm 7-2-2 (All Users)
"avast5" = avast! Internet Security
"AVI MPEG RM WMV Joiner_is1" = AVI/MPEG/RM/WMV Joiner 4.82
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Hauppauge English Help Files and Resources" = Hauppauge English Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"Interbank FX Trader 4" = Interbank FX Trader 4 Build 226
"Logitech Vid" = Logitech Vid HD
"Luxor" = Luxor
"Luxor Quest for the Afterlife1.0" = Luxor Quest for the Afterlife
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MotoHelper" = MotoHelper 2.0.24 Driver 4.7.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"MP3 Converter Simple" = MP3 Converter Simple
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"OcaHistoryUpd" = OCA Client history tool install
"Opto123" = Opto123
"PipStrider(tm)" = PipStrider(tm)
"PROHYBRIDR" = 2007 Microsoft Office system
"PROSet" = Intel(R) PRO Network Connections Drivers
"Puppies Free Screensaver" = Puppies Free Screensaver (remove only)
"RAR Password Cracker" = RAR Password Cracker (remove only)
"SP6" = Logitech SetPoint 6.15
"SpywareBlaster_is1" = SpywareBlaster 4.4
"The Event Robot" = The Event Robot
"TurboTax 2009" = TurboTax 2009
"uTorrent" = µTorrent
"WavePad" = WavePad Sound Editor
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WGA" = Windows Genuine Advantage Validation Tool
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zuma Deluxe RA" = Zuma Deluxe RA
"Zuma's Revenge" = Zuma's Revenge
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2/3/2011 12:19:33 PM | Computer Name = JIM_SPAGNOLO | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 2/3/2011 12:19:57 PM | Computer Name = JIM_SPAGNOLO | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
Error - 2/3/2011 1:44:07 PM | Computer Name = JIM_SPAGNOLO | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 2/3/2011 1:44:17 PM | Computer Name = JIM_SPAGNOLO | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
Error - 2/3/2011 6:52:39 PM | Computer Name = JIM_SPAGNOLO | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 2/4/2011 10:52:12 AM | Computer Name = JIM_SPAGNOLO | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3989, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/4/2011 10:52:25 AM | Computer Name = JIM_SPAGNOLO | Source = Application Hang | ID = 1001
Description = Fault bucket -2084660477.
Error - 2/6/2011 11:42:16 AM | Computer Name = JIM_SPAGNOLO | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10l.ocx, version 10.1.102.64, fault address 0x00388944.
Error - 2/6/2011 12:18:56 PM | Computer Name = JIM_SPAGNOLO | Source = Application Error | ID = 1001
Description = Fault bucket -2122866849.
Error - 2/8/2011 8:33:05 AM | Computer Name = JIM_SPAGNOLO | Source = EventSystem | ID = 4614
Description = The COM+ Event System detected an inconsistency in its internal state.
The assertion "GetLastError() == 122L" failed at line 162 of d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Please contact Microsoft Product Support Services to report this erro
[ System Events ]
Error - 2/10/2011 6:22:58 PM | Computer Name = JIM_SPAGNOLO | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 b9ddf315, parameter3
ba277aa0, parameter4 00000000.
Error - 2/10/2011 7:02:26 PM | Computer Name = JIM_SPAGNOLO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm
Error - 2/10/2011 7:02:27 PM | Computer Name = JIM_SPAGNOLO | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2/10/2011 7:05:43 PM | Computer Name = JIM_SPAGNOLO | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/11/2011 2:43:40 AM | Computer Name = JIM_SPAGNOLO | Source = Dhcp | ID = 1002
Description = The IP address lease 24.185.101.242 for the Network Card with network
address 0019D184ADC9 has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).
Error - 2/11/2011 2:44:28 AM | Computer Name = JIM_SPAGNOLO | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.100.2 for the Network Card with network
address 0019D184ADC9 has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).
Error - 2/11/2011 3:59:57 AM | Computer Name = JIM_SPAGNOLO | Source = Dhcp | ID = 1002
Description = The IP address lease 24.185.101.242 for the Network Card with network
address 0019D184ADC9 has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).
Error - 2/11/2011 4:00:35 AM | Computer Name = JIM_SPAGNOLO | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.100.2 for the Network Card with network
address 0019D184ADC9 has been denied by the DHCP server 192.168.100.1 (The DHCP
Server sent a DHCPNACK message).
Error - 2/11/2011 6:17:34 AM | Computer Name = JIM_SPAGNOLO | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2/11/2011 6:19:20 AM | Computer Name = JIM_SPAGNOLO | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.
< End of report >
=============================================================