Apologies as I was out of town and away from my coputers for a few days the last time I had posted and ended up getting my original post bumped. I'm hoping to be able pick things up again. Any assistance with the issues I've been having as of late would be greatly appreciated.
DESCRIPTION:
I've been having URL's redirecting to strange sites. Sometimes by clicking links, and other times by randomly clicking anywhere inside the browser frame.
It doesn't matter whether I'm using IE, FF or Chrome... if I go to Google.com and conduct a simple search (i.e. beer), almost any link within the results page that I then click on will spawn a popup window to some random site the first time I click the Google link. If I go back and attempt to click the same link a second time, the expected URL comes up.
This has consistantly been happening now on every computer in my home (2 laptops and 1 desktop) for the past month now and I've run all kinds of virus and anti-malware programs with no success.
The last time I posted, I was instructed to remove any anti-malware programs which I did so the only thing left running is my Bit Defender virus scanner. I've run DDS and also OLT so I will post both if that is helpful.
DDS & ATTACH OUTPUTS:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Dennis at 11:20:42.92 on 27/04/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.1979.1058 [GMT -4:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: BitDefender Antispyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: BitDefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Dennis\Desktop\dds.scr
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.ca/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
TB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
uRun: [Google Update] "c:\users\dennis\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [NUSB3MON] "c:\program files\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/ ... erCtrl.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2010-8-20 88144]
R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2011-3-24 43936]
R3 bdfm;bdfm;c:\windows\system32\drivers\bdfm.sys [2010-5-13 152528]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2009-11-20 58880]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2009-11-20 137728]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-1-8 277536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-11-29 535824]
S3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-11-29 1066232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-11-30 307544]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-8 1343400]
.
=============== Created Last 30 ================
.
2011-04-22 18:03:39 -------- d-----w- c:\windows\system32\drivers\etc\old
2011-04-17 04:33:21 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-04-17 03:33:07 -------- d-----w- c:\program files\PC Tools Security
2011-04-17 03:32:40 -------- d-----w- c:\users\dennis\appdata\local\Immunet
2011-04-17 03:32:40 -------- d-----w- c:\progra~2\Immunet
2011-04-17 03:02:36 -------- d-----w- c:\program files\Araxis
2011-04-17 02:38:21 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-04-17 02:38:03 -------- d-----w- c:\windows\PCHEALTH
2011-04-17 02:38:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-04-17 02:37:28 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-04-17 02:37:04 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-04-17 02:36:43 -------- d-----w- c:\users\dennis\appdata\local\Microsoft Help
2011-04-17 02:32:59 -------- d-----w- c:\program files\Elaborate Bytes
2011-04-17 02:29:11 -------- d-----w- c:\program files\iTunes
2011-04-17 02:29:11 -------- d-----w- c:\program files\iPod
2011-04-16 21:01:30 -------- d-----w- C:\DOWNLOADS
2011-04-15 02:02:58 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-15 02:02:56 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-15 02:02:56 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-15 02:02:55 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-15 02:02:55 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-15 02:02:55 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-15 02:02:55 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-12 12:47:12 307784 ----a-w- c:\windows\system32\drivers\trufos.sys
2011-04-10 21:17:19 -------- d-----w- c:\program files\Sophos
2011-04-10 19:58:23 -------- d-----w- c:\users\dennis\appdata\roaming\Malwarebytes
2011-04-10 19:56:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-10 19:56:11 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-10 19:56:07 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-10 19:56:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-10 15:14:11 -------- d-----w- c:\users\dennis\appdata\roaming\BitDefender
2011-04-10 15:14:06 -------- d-----w- c:\program files\BitDefender
2011-04-10 15:10:05 -------- d-----w- c:\users\dennis\appdata\roaming\QuickScan
2011-04-10 15:06:35 -------- d-----w- c:\program files\common files\BitDefender
2011-04-10 15:06:35 -------- d-----w- c:\progra~2\BitDefender
2011-04-10 15:06:32 73091 ----a-w- c:\progra~2\bdinstall.bin
2011-04-10 15:06:32 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-04-10 12:48:51 -------- d-----w- c:\users\dennis\appdata\local\LogMeIn
2011-04-10 12:48:51 -------- d-----w- c:\progra~2\LogMeIn
2011-04-09 08:25:42 6792528 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{ef1f6f37-97b6-460b-b50a-f6affd7841a4}\mpengine.dll
2011-04-07 02:21:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-07 02:21:38 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-03-28 19:17:43 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-28 19:17:43 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-28 19:17:43 1074176 ----a-w- c:\windows\system32\DWrite.dll
.
==================== Find3M ====================
.
2011-03-07 02:08:13 93552 ----a-w- c:\windows\system32\ElbyCDIO.dll
2011-03-07 00:52:09 134512 ----a-w- c:\windows\system32\ElbyVCD.dll
2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:31:32 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 05:32:52 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec
2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-02-12 05:30:49 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-02-02 22:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-07-08 14:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
.
============= FINISH: 11:23:02.90 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 08/01/2011 5:55:13 PM
System Uptime: 27/04/2011 11:14:32 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | H55M-USB3
Processor: Intel(R) Core(TM) i5 CPU 670 @ 3.47GHz | Socket 1156 | 3459/133mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 119 GiB total, 46.444 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP44: 14/04/2011 10:46:47 PM - Windows Update
RP45: 16/04/2011 10:33:12 PM - Device Driver Package Install: Elaborate Bytes AG Storage controllers
RP46: 16/04/2011 10:36:30 PM - Installed Microsoft Office Professional Plus 2010
RP47: 16/04/2011 11:02:14 PM - Installed Araxis Merge
RP48: 16/04/2011 11:35:30 PM - Spyware Doctor: Cleaning Threats
RP49: 17/04/2011 12:33:10 AM - Windows Update
RP50: 17/04/2011 7:00:13 PM - Windows Backup
RP51: 27/04/2011 10:30:33 AM - Windows Backup
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.0.1)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Araxis Merge
BitDefender Antivirus Pro 2011
Bonjour
Definition update for Microsoft Office 2010 (KB982726)
GOM Player
Google Chrome
Google Updater
ImgBurn
iTunes
Malwarebytes' Anti-Malware
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MobileMe Control Panel
NEC Electronics USB 3.0 Host Controller Driver
Picasa 3
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
runtime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Excel 2010 (KB2466146)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft PowerPoint 2010 (KB2519975)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
VirtualCloneDrive
XBMC
.
==== Event Viewer Messages From Past Week ========
.
27/04/2011 11:01:15 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer HP-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A9F2F0A4-4666-4288-AA22-46031BD63C32. The master browser is stopping or an election is being forced.
27/04/2011 10:32:46 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
.
==== End Of File ===========================
***********************************************************************************************
***********************************************************************************************
OLT OUTPUTS:
OTL logfile created on: 27/04/2011 11:15:56 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dennis\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.13 Gb Total Space | 46.46 Gb Free Space | 39.00% Space Free | Partition Type: NTFS
Computer Name: MEDIAPC | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/04/27 10:27:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
PRC - [2011/03/31 14:27:40 | 001,443,712 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2011/03/31 14:27:34 | 002,084,848 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2011/03/24 19:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2011/01/30 11:45:14 | 000,035,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2009/11/20 07:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
========== Modules (SafeList) ==========
MOD - [2011/04/27 10:27:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/03/31 14:27:34 | 002,084,848 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011/03/24 19:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2011/01/08 23:24:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/04/12 08:47:12 | 000,307,784 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\trufos.sys -- (Trufos)
DRV - [2011/04/10 11:06:34 | 000,105,152 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011/03/24 15:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/11/29 14:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010/11/29 14:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010/08/20 18:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010/05/13 16:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2009/11/20 07:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 07:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/06/10 17:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1F 91 1C CA 8B AF CB 01 [binary data]
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1628769217-208276067-2990218538-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/04/10 11:14:11 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/04/16 14:12:10 | 000,000,823 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/ ... erCtrl.cab (DLC Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.247 213.109.76.242 1.1.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1cd1013f-686a-11e0-811d-6cf0497d916c}\Shell - "" = AutoRun
O33 - MountPoints2\{1cd1013f-686a-11e0-811d-6cf0497d916c}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{1cd1013f-686a-11e0-811d-6cf0497d916c}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{1cd1013f-686a-11e0-811d-6cf0497d916c}\Shell\install\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{4bfe7676-6931-11e0-801f-6cf0497d916c}\Shell - "" = AutoRun
O33 - MountPoints2\{4bfe7676-6931-11e0-801f-6cf0497d916c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/27 10:27:59 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2011/04/17 00:33:21 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011/04/16 23:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/04/16 23:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/04/16 23:32:40 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\Immunet
[2011/04/16 23:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
[2011/04/16 23:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/04/16 23:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/04/16 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Araxis
[2011/04/16 22:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/04/16 22:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/04/16 22:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/04/16 22:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/04/16 22:38:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/04/16 22:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/04/16 22:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/04/16 22:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/04/16 22:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/04/16 22:36:43 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\Microsoft Help
[2011/04/16 22:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/04/16 22:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/04/16 22:36:36 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/04/16 22:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2011/04/16 22:32:59 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2011/04/16 22:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/16 22:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/16 22:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/16 17:01:30 | 000,000,000 | ---D | C] -- C:\DOWNLOADS
[2011/04/16 14:36:01 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Desktop\backups
[2011/04/16 14:27:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HijackThis.exe
[2011/04/14 22:03:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/14 22:03:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/14 22:03:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/14 22:03:33 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/14 22:03:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/14 22:03:28 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/14 22:03:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/14 22:03:28 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/14 22:03:28 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/14 22:03:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/14 22:03:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/14 22:03:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/14 22:03:27 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/14 22:03:27 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/14 22:03:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/14 22:03:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/14 22:03:11 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/14 22:03:06 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011/04/14 22:03:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/04/14 22:02:56 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/14 22:02:56 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/12 08:47:12 | 000,307,784 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011/04/10 18:01:56 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/04/10 17:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2011/04/10 17:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011/04/10 15:58:23 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Malwarebytes
[2011/04/10 15:56:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/10 15:56:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/10 15:56:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/10 15:56:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/10 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/10 11:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2011
[2011/04/10 11:14:11 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\BitDefender
[2011/04/10 11:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2011/04/10 11:10:05 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\QuickScan
[2011/04/10 11:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2011/04/10 11:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2011/04/10 11:06:32 | 000,353,096 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys
[2011/04/10 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\ImgBurn
[2011/04/10 09:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/04/10 09:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2011/04/10 08:48:51 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\LogMeIn
[2011/04/10 08:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2011/04/06 22:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/04/06 22:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/03/28 15:17:43 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/28 15:17:43 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
========== Files - Modified Within 30 Days ==========
[2011/04/27 11:16:59 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/04/27 11:14:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/27 11:14:39 | 1556,733,952 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/27 10:43:30 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/27 10:43:30 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/27 10:43:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1628769217-208276067-2990218538-1001UA.job
[2011/04/27 10:40:43 | 000,628,024 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/27 10:40:43 | 000,110,208 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/27 10:27:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2011/04/27 10:24:25 | 001,051,130 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/04/17 18:43:00 | 000,000,858 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1628769217-208276067-2990218538-1001Core.job
[2011/04/16 23:27:49 | 000,000,212 | ---- | M] () -- C:\Users\Dennis\Desktop\Weird Search Redirects.url
[2011/04/16 23:01:43 | 063,458,816 | ---- | M] () -- C:\Users\Dennis\Desktop\merge2010_Win32_3947.msi
[2011/04/16 22:56:58 | 000,406,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 22:33:22 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2011/04/16 22:31:39 | 001,587,696 | ---- | M] () -- C:\Users\Dennis\Desktop\SetupVirtualCloneDrive5450.exe
[2011/04/16 22:29:25 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/16 14:27:59 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HijackThis.exe
[2011/04/16 14:27:08 | 001,402,880 | ---- | M] () -- C:\Users\Dennis\Desktop\HijackThis.msi
[2011/04/16 14:12:10 | 000,000,823 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/13 08:22:01 | 000,001,000 | ---- | M] () -- C:\Windows\System32\drivers\etc\old\hosts.20110416-141021.backup
[2011/04/12 08:47:12 | 000,307,784 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011/04/10 18:01:57 | 000,002,316 | ---- | M] () -- C:\Users\Dennis\Desktop\Google Chrome.lnk
[2011/04/10 15:56:12 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/10 15:55:05 | 000,432,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\old\hosts.pre.spybot.BAK
[2011/04/10 15:54:51 | 000,432,374 | R--- | M] () -- C:\Windows\System32\drivers\etc\old\hosts.20110410-155505.backup
[2011/04/10 11:16:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\imblacklist.dat
[2011/04/10 11:16:08 | 000,073,091 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011/04/10 11:14:48 | 000,000,415 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2011/04/10 11:14:13 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/04/10 09:44:50 | 000,001,811 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011/04/06 22:34:14 | 000,432,374 | R--- | M] () -- C:\Windows\System32\drivers\etc\old\hosts.20110410-155451.backup
========== Files Created - No Company Name ==========
[2011/04/16 23:33:27 | 001,051,130 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/04/16 23:31:03 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/04/16 23:02:40 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Araxis Merge.lnk
[2011/04/16 23:01:43 | 063,458,816 | ---- | C] () -- C:\Users\Dennis\Desktop\merge2010_Win32_3947.msi
[2011/04/16 22:35:10 | 1532,469,248 | ---- | C] () -- C:\Users\Dennis\Desktop\en_office_professional_plus_2010_x86_x64_dvd_515529.iso
[2011/04/16 22:33:22 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2011/04/16 22:31:38 | 001,587,696 | ---- | C] () -- C:\Users\Dennis\Desktop\SetupVirtualCloneDrive5450.exe
[2011/04/16 22:29:25 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/16 14:36:54 | 000,000,212 | ---- | C] () -- C:\Users\Dennis\Desktop\Weird Search Redirects.url
[2011/04/16 14:27:08 | 001,402,880 | ---- | C] () -- C:\Users\Dennis\Desktop\HijackThis.msi
[2011/04/10 18:01:57 | 000,002,316 | ---- | C] () -- C:\Users\Dennis\Desktop\Google Chrome.lnk
[2011/04/10 15:56:12 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/10 11:16:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat
[2011/04/10 11:14:48 | 000,000,415 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2011/04/10 11:14:13 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/04/10 11:06:32 | 000,073,091 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/04/10 09:44:50 | 000,001,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/04/10 09:44:50 | 000,001,811 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011/01/08 19:33:48 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/01/25 13:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,406,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,628,024 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,110,208 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
========== LOP Check ==========
[2011/04/10 11:14:11 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\BitDefender
[2011/04/10 09:53:03 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\ImgBurn
[2011/04/10 11:10:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\QuickScan
[2011/04/14 22:31:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\XBMC
[2009/07/14 00:53:46 | 000,025,854 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 10 bytes -> C:\Users\Dennis\Desktop\SetupVirtualCloneDrive5450.exe:BDU
@Alternate Data Stream - 10 bytes -> C:\Users\Dennis\Desktop\OTL.exe:BDU
< End of report >
OTL Extras logfile created on: 27/04/2011 11:15:56 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dennis\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.13 Gb Total Space | 46.46 Gb Free Space | 39.00% Space Free | Partition Type: NTFS
Computer Name: MEDIAPC | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43BF279E-AAD6-476C-AF6C-35C9CB33226B}" = Araxis Merge
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}" = BitDefender Antivirus Pro 2011
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"BitDefender" = BitDefender Antivirus Pro 2011
"GOM Player" = GOM Player
"Google Updater" = Google Updater
"ImgBurn" = ImgBurn
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"VirtualCloneDrive" = VirtualCloneDrive
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1628769217-208276067-2990218538-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"XBMC" = XBMC
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16/04/2011 10:43:02 PM | Computer Name = MediaPC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16/04/2011 10:43:09 PM | Computer Name = MediaPC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16/04/2011 10:43:09 PM | Computer Name = MediaPC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16/04/2011 10:43:09 PM | Computer Name = MediaPC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16/04/2011 10:43:09 PM | Computer Name = MediaPC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 17/04/2011 4:58:50 PM | Computer Name = MediaPC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\pc tools
security\networklayer\PCTCFFix64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 17/04/2011 4:58:57 PM | Computer Name = MediaPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.
Error - 22/04/2011 2:59:45 PM | Computer Name = MediaPC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\pc tools
security\networklayer\PCTCFFix64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 22/04/2011 2:59:52 PM | Computer Name = MediaPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.
Error - 27/04/2011 10:27:25 AM | Computer Name = MediaPC | Source = pctsSvc.exe | ID = 0
Description =
[ Media Center Events ]
Error - 27/02/2011 10:50:01 PM | Computer Name = MediaPC | Source = MCUpdate | ID = 0
Description = 9:50:01 PM - Failed to retrieve Directory (Error: The operation has
timed out)
Error - 27/02/2011 10:50:31 PM | Computer Name = MediaPC | Source = MCUpdate | ID = 0
Description = 9:50:30 PM - Error connecting to the internet. 9:50:30 PM - Unable
to contact server..
[ System Events ]
Error - 16/04/2011 11:27:30 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 16/04/2011 11:27:34 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 16/04/2011 11:27:37 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 16/04/2011 11:27:40 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 16/04/2011 11:27:43 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 16/04/2011 11:27:46 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 16/04/2011 11:27:49 PM | Computer Name = MediaPC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 17/04/2011 7:03:21 PM | Computer Name = MediaPC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 27/04/2011 10:32:46 AM | Computer Name = MediaPC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 27/04/2011 11:01:15 AM | Computer Name = MediaPC | Source = bowser | ID = 8003
Description =
< End of report >
Thanks very much,
dkooz