GMER is consistently blue screening my system, about 30 seconds into the scan, even in safe mode.
Here are my ORL and Extras logs:
OTL logfile created on: 1/16/2011 3:43:11 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\staples\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16809)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.62 Gb Total Space | 14.36 Gb Free Space | 20.33% Space Free | Partition Type: NTFS
Drive D: | 70.61 Gb Total Space | 36.90 Gb Free Space | 52.26% Space Free | Partition Type: NTFS
Computer Name: WALTERLAPTOP | User Name: staples | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\staples\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Windows\System32\drivers\WTSrv.exe (Tablet Driver)
PRC - C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
PRC - C:\Windows\System32\WTClient.exe (Tablet Driver)
PRC - C:\Acer\Empowering Technology\eNet\eNMTray.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Program Files\Acer\OrbiCam10\OrbiCam.exe ()
PRC - C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
PRC - C:\Program Files\Launch Manager\WButton.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Acer Inc.)
PRC - C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Windows\System32\BRSS01A.EXE (brother Industries Ltd)
PRC - C:\Program Files\Launch Manager\OSDCtrl.exe ()
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Launch Manager\LaunchAp.exe ()
PRC - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\BRSVC01A.EXE (brother Industries Ltd)
========== Modules (SafeList) ========== MOD - C:\Users\staples\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\eNetHook.dll (acer)
MOD - C:\Windows\System32\odbc32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mfc42.dll (Microsoft Corporation)
MOD - C:\Windows\System32\odbcint.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
MOD - C:\Acer\Empowering Technology\ePower\SysHook.dll ()
========== Win32 Services (SafeList) ========== SRV - (Squid) -- File not found
SRV - (LiveUpdate Notice Ex) -- File not found
SRV - (CLTNetCnService) -- File not found
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (WinTabService) -- C:\Windows\System32\Drivers\WTSRV.EXE (Tablet Driver)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (WisLMSvc) -- C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (Brother XP spl Service) -- C:\Windows\System32\BRSVC01A.EXE (brother Industries Ltd)
SRV - (ATMsrvc) -- C:\Windows\System32\ATMsrvc.exe (Adobe Systems Incorporated)
========== Driver Services (SafeList) ========== DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (PortTalk) -- C:\Windows\System32\drivers\porttalk.sys (Beyond Logic
http://www.beyondlogic.org)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (MCSTRM) -- C:\Windows\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (PTSimBus) -- C:\Windows\System32\drivers\PTSimBus.sys (PenTablet Driver)
DRV - (UCTblHid) -- C:\Windows\System32\drivers\UCTblHid.sys (Tablet Driver)
DRV - (TClass2k) -- C:\Windows\System32\drivers\TClass2k.sys (Tablet Driver)
DRV - (Tablet2k) -- C:\Windows\System32\Drivers\Tablet2k.sys (Windows (R) Server 2003 DDK provider)
DRV - (PTSimHid) -- C:\Windows\System32\drivers\PTSimHid.sys (PenTablet Driver)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (PSDNServ) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (LVUVC) Acer OrbiCam(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (Hotkey) -- C:\Windows\System32\drivers\HOTKEY.sys ()
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://en.us.acer.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://en.us.acer.yahoo.comIE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE =
http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.comIE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems:
support@predictad.com:1.11
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems:
YPlayer@yummy.net:1.0.0.15
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010/05/20 22:11:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/06/14 19:54:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/16 14:46:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/16 15:27:05 | 000,000,000 | ---D | M]
[2008/08/26 06:41:40 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\staples\AppData\Roaming\mozilla\Extensions
[2011/01/16 14:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\staples\AppData\Roaming\mozilla\Firefox\Profiles\u51i26sw.default\extensions
[2011/01/14 00:09:38 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\staples\AppData\Roaming\mozilla\Firefox\Profiles\u51i26sw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/15 00:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/20 18:32:07 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files\Mozilla Firefox\extensions\YPlayer@yummy.net
[2010/05/20 22:11:21 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\PROGRAM FILES\AUTOCOMPLETEPRO\SUPPORT@PREDICTAD.COM
[2010/06/14 19:54:01 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/03/29 06:34:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2008/09/26 21:12:56 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
O1 HOSTS File: ([2009/03/29 05:52:12 | 000,303,871 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 10469 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [AcerOrbicamRibbon] C:\Program Files\Acer\OrbiCam10\OrbiCam.exe ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Acer Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PowerKey] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [WTClient] C:\Windows\System32\WTClient.exe (Tablet Driver)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000..\Run: [Acer Tour Reminder] File not found
O4 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000..\Run: [EPSON Stylus Photo R260 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBNA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000..\Run: [MCW Startup] C:\Program Files\Monitor Calibration Wizard\MCW.exe ()
O4 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-3301902784-2558772550-3691095244-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7dc44646-d61d-11dd-9cdd-0016d35826ba}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{7dc44646-d61d-11dd-9cdd-0016d35826ba}\Shell\phone\command - "" = G:\autorun.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/01/16 15:41:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\staples\Desktop\OTL.exe
[2011/01/16 15:40:56 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\staples\Desktop\TFC.exe
[2011/01/16 15:26:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/16 15:02:28 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2011/01/16 15:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2011/01/16 14:59:44 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\staples\Desktop\MGADiag.exe
[2011/01/16 14:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/14 15:35:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/01/14 15:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/14 15:35:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/01/14 00:40:08 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\staples\Desktop\HijackThis.exe
[2011/01/13 23:32:26 | 000,000,000 | ---D | C] -- C:\Users\staples\AppData\Roaming\Malwarebytes
[2011/01/13 23:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/13 23:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/13 22:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2011/01/13 22:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011/01/13 19:50:10 | 000,000,000 | -H-D | C] -- C:\Users\staples\AppData\Local\{FE21C290-A630-47D1-B46C-3E29364BD46D}
[2011/01/12 20:46:34 | 000,000,000 | ---D | C] -- C:\Users\staples\Desktop\newspaper_1442374999_files
[2007/04/03 08:02:48 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[8 C:\Users\staples\Desktop\*.tmp files -> C:\Users\staples\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/01/16 15:43:47 | 000,296,448 | ---- | M] () -- C:\Users\staples\Desktop\qz72h29h.exe
[2011/01/16 15:42:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\staples\Desktop\OTL.exe
[2011/01/16 15:39:49 | 000,000,501 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011/01/16 15:39:20 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011/01/16 15:38:34 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/16 15:38:34 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/16 15:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/16 15:38:05 | 2674,040,832 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/16 15:34:07 | 001,955,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/01/16 15:00:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3301902784-2558772550-3691095244-1000UA.job
[2011/01/16 14:59:51 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\staples\Desktop\MGADiag.exe
[2011/01/16 14:56:42 | 000,453,632 | ---- | M] () -- C:\Users\staples\Desktop\CKScanner.exe
[2011/01/16 14:53:05 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/01/16 14:23:09 | 000,000,045 | ---- | M] () -- C:\Windows\CLIENT.INI
[2011/01/14 15:36:38 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/14 06:01:56 | 000,002,056 | ---- | M] () -- C:\Users\staples\Desktop\Google Chrome.lnk
[2011/01/14 06:01:56 | 000,002,018 | ---- | M] () -- C:\Users\staples\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/14 00:40:09 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\staples\Desktop\HijackThis.exe
[2011/01/13 22:26:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\staples\Desktop\TFC.exe
[2011/01/13 19:50:11 | 000,000,120 | -H-- | M] () -- C:\Users\staples\AppData\Local\Sgacite.dat
[2011/01/13 19:50:11 | 000,000,000 | -H-- | M] () -- C:\Users\staples\AppData\Local\Akimikere.bin
[2011/01/12 20:46:34 | 000,002,816 | ---- | M] () -- C:\Users\staples\Desktop\newspaper_1442374999.htm
[2011/01/05 14:00:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3301902784-2558772550-3691095244-1000Core.job
[2011/01/02 23:39:38 | 000,870,128 | ---- | M] () -- C:\Windows\System32\mcs.rma
[2011/01/02 23:39:38 | 000,000,004 | ---- | M] () -- C:\Windows\System32\6DBD07
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[8 C:\Users\staples\Desktop\*.tmp files -> C:\Users\staples\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/01/16 15:43:40 | 000,296,448 | ---- | C] () -- C:\Users\staples\Desktop\qz72h29h.exe
[2011/01/16 14:56:37 | 000,453,632 | ---- | C] () -- C:\Users\staples\Desktop\CKScanner.exe
[2011/01/16 14:53:05 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/01/14 15:36:38 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/13 23:28:53 | 2674,040,832 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/13 19:50:11 | 000,000,120 | -H-- | C] () -- C:\Users\staples\AppData\Local\Sgacite.dat
[2011/01/13 19:50:11 | 000,000,000 | -H-- | C] () -- C:\Users\staples\AppData\Local\Akimikere.bin
[2011/01/12 20:46:33 | 000,002,816 | ---- | C] () -- C:\Users\staples\Desktop\newspaper_1442374999.htm
[2010/11/20 18:32:03 | 000,352,648 | ---- | C] () -- C:\Windows\System32\SysCheck2.dll
[2010/06/14 20:02:09 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/06/04 20:34:05 | 000,000,015 | ---- | C] () -- C:\Windows\cfwin.ini
[2010/06/04 20:34:03 | 000,000,098 | ---- | C] () -- C:\Windows\cfwinlib.ini
[2010/05/20 22:09:50 | 000,000,024 | ---- | C] () -- C:\Windows\System32\sysmwwod.dll
[2009/10/19 17:30:29 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/10/15 21:59:06 | 000,339,456 | ---- | C] () -- C:\Windows\System32\Tx32.dll
[2008/12/19 00:18:20 | 000,000,144 | ---- | C] () -- C:\Windows\PG3prefs.ini
[2008/09/04 21:20:19 | 000,008,567 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008/07/30 23:13:15 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
[2008/04/04 20:29:09 | 000,000,680 | -H-- | C] () -- C:\Users\staples\AppData\Local\d3d9caps.dat
[2008/02/11 21:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/10/24 17:44:29 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2007/10/24 17:33:08 | 000,000,044 | ---- | C] () -- C:\Windows\PERFV200P.ini
[2007/10/21 14:28:19 | 000,000,039 | ---- | C] () -- C:\Windows\webica.ini
[2007/10/13 02:16:26 | 000,000,045 | ---- | C] () -- C:\Windows\CLIENT.INI
[2007/10/13 01:02:45 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/10/11 20:33:38 | 000,000,447 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2007/10/11 20:33:38 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2007/10/11 20:33:33 | 000,000,030 | ---- | C] () -- C:\Windows\System32\brss01a.ini
[2007/10/11 20:32:17 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2007/10/11 20:32:16 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2007/10/11 20:32:16 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini
[2007/10/11 20:32:15 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2007/10/11 20:32:13 | 000,011,604 | ---- | C] () -- C:\Windows\HL-5040.INI
[2007/10/11 03:21:48 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2007/10/11 02:27:09 | 000,000,231 | ---- | C] () -- C:\Windows\POWERPNT.INI
[2007/10/11 02:27:08 | 000,000,064 | ---- | C] () -- C:\Windows\exchng32.ini
[2007/10/11 02:27:08 | 000,000,026 | ---- | C] () -- C:\Windows\datalink.ini
[2007/10/11 02:27:02 | 000,000,032 | ---- | C] () -- C:\Windows\GRAPH5.INI
[2007/10/11 02:27:01 | 000,000,000 | ---- | C] () -- C:\Windows\WINHELP.INI
[2007/10/11 02:25:14 | 000,000,959 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2007/07/07 07:58:17 | 000,011,776 | ---- | C] () -- C:\Users\staples\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/20 01:34:29 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/05/20 01:34:29 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/05/20 01:33:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/05/20 01:33:09 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/05/20 01:23:39 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007/05/20 01:06:40 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/05/20 01:06:35 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2007/04/24 14:31:12 | 000,010,240 | ---- | C] () -- C:\Windows\System32\ucinst32.dll
[2007/04/03 10:12:05 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/04/03 09:56:19 | 000,743,424 | R--- | C] () -- C:\Windows\libxml2.dll
[2007/04/03 09:54:49 | 000,872,448 | R--- | C] () -- C:\Windows\iconv.dll
[2007/04/03 08:02:48 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/04/03 07:47:25 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll
[2007/02/07 01:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/02/07 01:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/02/07 01:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/02/07 01:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/02/07 01:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/02/07 01:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 17:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/12/02 13:32:24 | 000,000,042 | ---- | C] () -- C:\Windows\PreLaunch.ini
[2006/12/02 13:32:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1996/03/20 02:00:00 | 000,107,008 | ---- | C] () -- C:\Windows\System32\TTEMB32.DLL
[1996/03/20 02:00:00 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OPENENU.DLL
[1996/03/20 02:00:00 | 000,006,352 | ---- | C] () -- C:\Windows\System32\VISXUTIL.DLL
[1996/03/20 02:00:00 | 000,002,041 | ---- | C] () -- C:\Windows\MSFNTMAP.INI
[1996/03/20 02:00:00 | 000,000,586 | ---- | C] () -- C:\Windows\MSTXTCNV.INI
[1996/03/20 02:00:00 | 000,000,280 | ---- | C] () -- C:\Windows\TTEMBED.INI
========== Alternate Data Streams ========== @Alternate Data Stream - 1512627 bytes -> C:\2008-01-05 at 05:47 PM mr.anf
< End of report >
OTL Extras logfile created on: 1/16/2011 3:43:11 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\staples\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16809)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.62 Gb Total Space | 14.36 Gb Free Space | 20.33% Space Free | Partition Type: NTFS
Drive D: | 70.61 Gb Total Space | 36.90 Gb Free Space | 52.26% Space Free | Partition Type: NTFS
Computer Name: WALTERLAPTOP | User Name: staples | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{180B53F0-8A87-44D4-AD6F-D2B6309DEFEF}" = rport=139 | protocol=6 | dir=out | app=system |
"{21E3946E-1BC7-46F0-9331-244EDBFE2DD1}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{370B2DA7-B2B8-4903-9EA9-D73D106A0DB7}" = lport=445 | protocol=6 | dir=in | app=system |
"{3CF7FB4E-7A53-48FE-A70D-74342CF05E7C}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{414512E8-13F2-4F3A-9EF3-F93DEE12A952}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{735B778E-DB06-4926-A4BA-51305CE60F5A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{82D5023E-4D50-47C9-958D-76C84AD5571F}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{87387BA0-1D95-468B-8B3A-5B6817BC4C0C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8758B344-6A9D-437B-B841-0102D40BAD2A}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{90201976-17C4-42F9-942E-314FF5D4C37E}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{9B0D4E49-F4D2-4D31-AC76-B8CDFA0E2FC4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9B3E8F26-5A9A-4A27-96EB-C97318FAD8C6}" = lport=139 | protocol=6 | dir=in | app=system |
"{9C067AAE-443D-4D53-8BA0-CB3A2679E2B2}" = lport=137 | protocol=17 | dir=in | app=system |
"{9C474651-F9D2-4C11-AD7F-C4EA748473CF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A916EDA4-A545-4CA4-B495-80B85D7B317C}" = rport=138 | protocol=17 | dir=out | app=system |
"{ADDBB9EB-7F6C-48F8-A79B-8898E226B1D2}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{B33C65B9-7E09-40ED-B453-9408CA79E51C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B9F02E0E-67CD-4389-9C8F-1CBA0F7C0989}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C60EE8D4-B989-4961-B57F-74C3752E7A44}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D101B0E9-8B83-434E-B194-F5806294C955}" = rport=137 | protocol=17 | dir=out | app=system |
"{D834E998-C47B-4446-A086-6FAC7432E536}" = lport=138 | protocol=17 | dir=in | app=system |
"{E240B087-CCE8-4712-BDA1-89D7BC43229C}" = rport=445 | protocol=6 | dir=out | app=system |
"{E9BAA559-D207-46EE-9D68-1CC76BF47AC1}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DE28F5-FDE4-4993-B043-ECAB7EB19FAB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{139C5CE9-0BA2-4047-A468-F9C1B62FAF64}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3050A474-49E7-4E99-B73F-EC05F49E5FE4}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{307AA8FF-7A71-41A0-8B73-75E5F6AE0DAD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31760311-8B2E-43E2-B59D-A6D5BEAE7D92}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{33E02789-0B88-4554-BD77-DD6D7074227D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{47806E81-FE27-49A9-A092-5C0917F7A677}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4D18E33E-3BC9-4687-AEDD-C59193F9A7B7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4EA85029-BDA5-4C37-99D9-62A8AAF2A9AE}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{53477551-22A9-4634-96DE-DC38AF56A402}" = protocol=6 | dir=in | app=c:\users\staples\appdata\roaming\mjusbsp\magicjack.exe |
"{5B68F343-411A-47B3-89DE-F20058466FF2}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{6666E008-5715-419C-9508-016407EA8F88}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{680D1116-AF2C-40CC-95E3-E30551D9393B}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{694C52F1-E58A-4F94-A819-354908FD5DAC}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{6E34DC08-B498-44A3-8AAB-8F89BA70AA2C}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{72921717-7346-4C9F-AD66-9FF5D24A3B2F}" = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{74E6F819-A86D-48A6-9AA8-8E3D5FEF55F4}" = protocol=6 | dir=in | app=c:\users\staples\appdata\roaming\mjusbsp\magicjack.exe |
"{779B3A8C-35BE-4E5B-818D-8CD5DBA50980}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7D8D507E-721B-4CD0-AB9D-41646274317B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7DB3023F-7C67-4009-B1D4-696972182EFD}" = protocol=17 | dir=in | app=c:\users\staples\appdata\roaming\mjusbsp\magicjack.exe |
"{837D1437-0E2F-40A6-A040-597DB13ABBA0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8A71A278-668A-4153-9306-8A765890B3A1}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{8A760E9C-6F97-4E99-87DE-8A8DD8BBA85D}" = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{8E3E2D94-8597-4580-8D5E-40C5A10F42B5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9228439C-24EE-448E-9FB2-1B31517BF7EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9A394FA2-1D1D-4F90-B4B1-796761A7E741}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{A21EC41C-D119-44A7-BFD3-2D872F25757D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AB8A2D40-8CC3-4413-97DE-1670B15BEDBF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B01E0A68-B36F-436C-AC9B-CAA20751324E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C5DB0AD2-C1B3-47D0-A855-9559C60ED36F}" = protocol=17 | dir=in | app=c:\users\staples\appdata\roaming\mjusbsp\magicjack.exe |
"{D9EF294A-F7AB-49E9-9F23-658A1E0D833A}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E6CABB93-AE86-411B-A8BA-EDB514DC70F7}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{EB673678-B5EF-41B4-BCCC-DDA449B2E956}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{EBB9DBEF-5C61-4BC8-8E2D-867F0748F928}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F70C96CA-E382-4B99-B856-F0BB4A86E51C}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{FFF824AC-7A98-4D32-A40E-7833806582A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{08463137-3F14-44C1-9E30-01A9B9D8F60C}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"TCP Query User{0AFE10A2-C2FD-4E67-8959-D7F330FC6B1A}C:\squid\sbin\squid.exe" = protocol=6 | dir=in | app=c:\squid\sbin\squid.exe |
"TCP Query User{0C0C54F7-32FC-483B-B1EF-37C68BC73625}C:\socio\_client.exe" = protocol=6 | dir=in | app=c:\socio\_client.exe |
"TCP Query User{0EB77D51-A5B4-445C-8ECB-2C3C65D950D1}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{0FEF922D-5574-46B2-9247-89E8A7C1402A}C:\socio\client.prg" = protocol=6 | dir=in | app=c:\socio\client.prg |
"TCP Query User{35049D49-6FED-4491-B21A-3E673D6E4248}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{38BC98C1-9875-4E76-9797-952C65B72795}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{4D5357EC-85A9-4200-B5A1-A079FBE21975}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{58F9B7B3-845F-4A96-B4EC-97E2AB41F956}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{6B5293B3-CE5A-4A8E-BA16-8107A1957695}C:\socio\client.prg" = protocol=6 | dir=in | app=c:\socio\client.prg |
"TCP Query User{9457693D-1FB3-4879-AFF6-72A574177CF7}C:\socio\_client.exe" = protocol=6 | dir=in | app=c:\socio\_client.exe |
"TCP Query User{D535486D-F2EF-40EB-AC04-DA99026919D1}C:\socio2\client.prg" = protocol=6 | dir=in | app=c:\socio2\client.prg |
"TCP Query User{DEB9631B-F6FC-42E3-ABEA-93CD2C446D20}C:\socio\client.exe" = protocol=6 | dir=in | app=c:\socio\client.exe |
"TCP Query User{E84B7010-4495-438E-9B45-6F357A1D2A99}C:\users\staples\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\staples\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{ED2C6297-1E63-4AC2-9AF0-49DAA55BA1E3}C:\socio\client.exe" = protocol=6 | dir=in | app=c:\socio\client.exe |
"UDP Query User{108F7288-42CF-45E9-B09D-0B9194047AEE}C:\socio\client.exe" = protocol=17 | dir=in | app=c:\socio\client.exe |
"UDP Query User{226ADDE2-35FE-497C-8249-6F06ADE399B6}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{234B96DA-6E08-43F1-8B4B-BE286F6F0BB8}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{364C4D31-4F88-4569-BC0B-42FF91F3A40C}C:\socio\_client.exe" = protocol=17 | dir=in | app=c:\socio\_client.exe |
"UDP Query User{5BDB4945-7840-4B91-916C-C1ED046D28D0}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{737F86DC-A36B-4952-8C82-4B2DFFB06DF6}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{7F5F35AB-35F4-49B9-97C1-E6A3AD708096}C:\socio\client.exe" = protocol=17 | dir=in | app=c:\socio\client.exe |
"UDP Query User{8596F15F-36C7-4C93-8BB5-0BF2380BD0F4}C:\socio2\client.prg" = protocol=17 | dir=in | app=c:\socio2\client.prg |
"UDP Query User{8EB4D33F-E565-4304-9F0F-1C2F271CA829}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{A846FA2E-14DA-4145-8D47-97221FBCBF8A}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{C20A3B1C-CA5C-4BA1-937B-7E004487E949}C:\socio\_client.exe" = protocol=17 | dir=in | app=c:\socio\_client.exe |
"UDP Query User{C31C6946-1622-4413-860F-E11E92416E5B}C:\socio\client.prg" = protocol=17 | dir=in | app=c:\socio\client.prg |
"UDP Query User{F01698EE-42B3-4AE6-B7DD-1DC9CCA61D43}C:\socio\client.prg" = protocol=17 | dir=in | app=c:\socio\client.prg |
"UDP Query User{F3B7FE7D-DCE7-433C-8A51-7E9BF7252B0A}C:\users\staples\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\staples\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{F414B8E1-7990-46A4-A64C-D62A236E9496}C:\squid\sbin\squid.exe" = protocol=17 | dir=in | app=c:\squid\sbin\squid.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0650BB10-BCF4-400A-85EE-04097E3046C6}" = Adobe Setup
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0AFC9710-5DD6-4C6A-BA52-91AE992B2C9D}" = Safari
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0F79C1B2-36B2-4B62-8221-42721CF54638}" = Acer OrbiCam Application
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{11DE2361-9F73-47B3-B638-2F267927E307}" = Ipswitch WS_FTP Home 2007
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Shipping Assistant 3.7
"{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}" = Matrix-ks
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1BED0E00-5A1F-4F0D-AF61-9670E64890C9}" = SmartFTP Client
"{1C278B97-9D25-48B0-9A4E-F4F2BB992043}" = EPSON Perfection V200 Photo Scanner Driver Update
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{222421DC-CAEB-42EC-AF15-09A39AA5C94D}" = Adobe Creative Suite 3 Design Standard
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi Software
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{77D2A9D3-5800-43E3-B274-87841BC87DB2}" = Adobe ExtendScript Toolkit 2
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}" = Adobe Setup
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9901E703-D169-7139-1EA3-11AA788D09E6}" = EA Download Manager UI
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ACF1662C-404B-47AD-9D57-5CA7C9307284}_is1" = Free Mp3 Wma Ogg Converter 7.1.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.1.1.4
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3A3F5C5-E95B-456D-952B-DDEC3AF68319}_is1" = GameTap Player
"{D4DBF0C9-E294-4C01-A205-73B8ED947D50}" = Adobe Setup
"{D90E81AE-FE2B-4EEC-9052-75EC0E949835}" = Brother HL-5040
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{EFD0BFEB-980E-491B-833B-A8848E5E0F0F}" = Hyplay
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"8089B79E-5E25-4872-8AC9-058E5F5599EC_is1" = iTunes Sync
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"AcerOrbiCamDrv" = Acer Camera Driver
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.2 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Type Manager Deluxe 4.1" = Adobe Type Manager Deluxe 4.1
"Adobe_0e772471f6aed60c960ed52600a76bd" = Add or Remove Adobe Creative Suite 3 Design Standard
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_7328fdfcb73660ec8b11d5a3d5c6232" = Adobe Dreamweaver CS3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Applian FLV Player2.0.24" = Applian FLV Player
"Audacity_is1" = Audacity 1.2.6
"AudibleDownloadManager" = Audible Download Manager
"AutocompletePro2_is1" = AutocompletePro
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"CoverFactory 2.50_is1" = CoverFactory 2.50
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"EA Download Manager" = EA Download Manager
"Easy Thumbnails_is1" = Easy Thumbnails (Remove only)
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.2.8.1
"GMABooster" = GMABooster
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HomeBase 2.3" = HomeBase 2.3
"Impulse" = Impulse
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IrfanView" = IrfanView (remove only)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Monitor Calibration Wizard" = Monitor Calibration Wizard 1.0
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MP3 WAV WMA Converter" = MP3 WAV WMA Converter
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"Screenshot Pilot (full)_is1" = Screenshot Pilot version 1.46.01
"SecondLife" = SecondLife (remove only)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Silent Package Run-Time Sample" = EPSON Perfection V200P User's Guide
"SL Friends Monitor_is1" = SL Friends Monitor v1.7
"SmartFTP Client 4.0 Setup Files" = SmartFTP Client 4.0 Setup Files (remove only)
"Sociolotron" = Sociolotron 1.0
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trillian" = Trillian
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinRAR archiver" = WinRAR archiver
"Wisdom-soft ScreenHunter 5.0 Free" = Wisdom-soft ScreenHunter 5.0 Free
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3301902784-2558772550-3691095244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 9/27/2008 7:10:24 PM | Computer Name = staples-PC | Source = Google Update | ID = 20
Description =
Error - 9/27/2008 10:38:29 PM | Computer Name = staples-PC | Source = Application Error | ID = 1000
Description = Faulting application Illustrator.exe, version 13.0.128.0, time stamp
0x466f007d, faulting module Illustrator.exe, version 13.0.128.0, time stamp 0x466f007d,
exception code 0xc0000005, fault offset 0x0048cc63, process id 0xd24, application
start time 0x01c9211255c0ff45.
Error - 9/27/2008 10:41:48 PM | Computer Name = staples-PC | Source = Application Error | ID = 1000
Description = Faulting application Illustrator.exe, version 13.0.128.0, time stamp
0x466f007d, faulting module Illustrator.exe, version 13.0.128.0, time stamp 0x466f007d,
exception code 0xc0000005, fault offset 0x0048cc63, process id 0x200, application
start time 0x01c921134ee9a275.
Error - 9/27/2008 10:58:51 PM | Computer Name = staples-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6000.16549, time stamp
0x46d230c5, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000024, fault offset 0x00076782, process id 0x808, application
start time 0x01c920fb23b86685.
Error - 10/5/2008 8:13:31 PM | Computer Name = staples-PC | Source = VSS | ID = 8194
Description =
Error - 10/5/2008 8:24:10 PM | Computer Name = staples-PC | Source = VSS | ID = 8194
Description =
Error - 10/5/2008 8:26:52 PM | Computer Name = staples-PC | Source = VSS | ID = 8194
Description =
Error - 10/5/2008 8:49:45 PM | Computer Name = staples-PC | Source = VSS | ID = 8194
Description =
Error - 10/5/2008 9:56:48 PM | Computer Name = staples-PC | Source = Application Error | ID = 1000
Description = Faulting application SporeApp.exe, version 1.1.0.358, time stamp 0x48ca7eb8,
faulting module d3d9.dll, version 6.0.6000.16386, time stamp 0x4549bcc1, exception
code 0xc0000005, fault offset 0x000307a1, process id 0x1274, application start time
0x01c92751093dc6c7.
Error - 10/7/2008 3:10:27 AM | Computer Name = staples-PC | Source = Application Error | ID = 1000
Description = Faulting application SporeApp.exe, version 1.1.0.358, time stamp 0x48ca7eb8,
faulting module SporeApp.exe, version 1.1.0.358, time stamp 0x48ca7eb8, exception
code 0xc0000005, fault offset 0x00bb7314, process id 0xdc0, application start time
0x01c9281e3de2e660.
[ Media Center Events ]
Error - 11/13/2008 11:58:49 PM | Computer Name = staples-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/10/2008 3:43:53 AM | Computer Name = staples-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2/1/2009 6:11:31 AM | Computer Name = staples-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 2/4/2009 7:33:20 PM | Computer Name = staples-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 1/16/2011 3:02:07 AM | Computer Name = WalterLaptop | Source = DCOM | ID = 10010
Description =
Error - 1/16/2011 3:48:27 PM | Computer Name = WalterLaptop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:47:19 PM on 1/16/2011 was unexpected.
Error - 1/16/2011 3:54:33 PM | Computer Name = WalterLaptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%852
Source
Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072efe Error description:
The connection with the server was terminated abnormally
Error - 1/16/2011 4:11:50 PM | Computer Name = WalterLaptop | Source = DCOM | ID = 10010
Description =
Error - 1/16/2011 4:33:06 PM | Computer Name = WalterLaptop | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/16/2011 4:33:15 PM | Computer Name = WalterLaptop | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/16/2011 4:33:50 PM | Computer Name = WalterLaptop | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
Error - 1/16/2011 4:35:21 PM | Computer Name = WalterLaptop | Source = Service Control Manager | ID = 7026
Description =
Error - 1/16/2011 4:38:13 PM | Computer Name = WalterLaptop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:36:42 PM on 1/16/2011 was unexpected.
Error - 1/16/2011 4:38:26 PM | Computer Name = WalterLaptop | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
< End of report >