i ran spybot, adaware,mcafee
My computer works very sluggish
i ran the above programs it started to work ok then sluggish again
the comp works extremely sluggish especially when i play a java based game called texas holdem ** Game for big ones ** on facebook
here are my logs
Malwarebytes' Anti-Malware 1.41
Database version: 3050
Windows 5.1.2600 Service Pack 3
11/1/2009 3:55:35 PM
mbam-log-2009-11-01 (15-55-35).txt
Scan type: Quick Scan
Objects scanned: 103402
Time elapsed: 27 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL Extras logfile created on: 11/1/2009 4:10:57 PM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = D:\PROGRAMS
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 46.69% Memory free
3.72 Gb Paging File | 2.95 Gb Available in Paging File | 79.24% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.83 Gb Total Space | 48.36 Gb Free Space | 76.97% Space Free | Partition Type: NTFS
Drive D: | 48.84 Gb Total Space | 0.88 Gb Free Space | 1.80% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TSTT-E1BF0EC990
Current User Name: enterprisoperations
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb Application -- File not found
"C:\Documents and Settings\enterprisoperations\Desktop\allfours.exe" = C:\Documents and Settings\enterprisoperations\Desktop\allfours.exe:*:Enabled:allfours -- ()
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Nortel Networks\i2050SoftwarePhone\i2050srv.mod" = C:\Program Files\Nortel Networks\i2050SoftwarePhone\i2050srv.mod:*:Enabled:serversoftphone -- (Nortel Networks)
"C:\Nortel\CallPilot\AppBuilder\bin\nmvclui.exe" = C:\Nortel\CallPilot\AppBuilder\bin\nmvclui.exe:*:Enabled:AppBuilder Application -- (Nortel Networks)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06DD140B-AA3D-4BD4-84B9-217897127DC6}" = Nortel Networks i2050 Software Phone
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 14
"{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{343D8DE3-AE1F-431A-830C-B66352E8CA12}" = OZ776 SCR Driver V1.1.3.9
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer
"{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{54DE2887-419F-4A8A-A50E-0B2BF9CBCDA3}" = CallPilot Application Builder
"{56BED62F-278A-407B-8BCD-E645EC96D2ED}" = Roxio Media Manager
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{636F5444-8C7C-40C6-A89B-A1D2F01DC7F6}" = ATI Catalyst Control Center
"{72FECEA1-E87F-4192-89FA-D0FBF92885BB}" = ETS Upgrade
"{7C658312-F44D-47C0-A705-6BA6C436D3F8}" = BCM Monitor
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{903B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{970A065A-0295-4BB2-9D12-391A52082EAB}" = TSTT Wireless Broadband (CCU-550)
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A618BB0D-8B88-45FF-83CD-783B4AE59AA0}" = NTRU TCG Software Stack
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B0255743-165B-4BD5-8DA8-37DFB9930014}" = Norton Ghost
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D31F958E-7353-4DEB-83E8-35B02F2EE20A}" = Wave Infrastructure Installer
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E6095BEA-8C97-4342-B771-13BB72AC1D88}" = biolsp patch
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}" = BlackBerry Desktop Software 5.0
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F0779413-6026-4BC6-97B4-DE8D9CADAFEC}" = MSN Toolbar
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"840EF3FB8C7BFBB007E46E18F107E8CC6DD522EA" = Windows Driver Package - Dell Inc. PBADRV System (09/25/2006 6.0.0.0)
"Active Desktop Calendar_is1" = Active Desktop Calendar 7.6
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"Autorun Eater_is1" = Autorun Eater v2.3
"BlackBerry_{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}" = BlackBerry Desktop Software 5.0
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Bubble Bobble The New Adventure" = Bubble Bobble The New Adventure
"CHM To PDF PRO_is1" = CHM To PDF Converter PRO
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Error Repair Professional_is1" = Error Repair Professional version 4.0.6
"FEE324BF-8492-4DFC-813E-2B3F2B1947A8" = Voip Development Kit
"Helmsman 4.4.1" = Helmsman 4.4.1
"Hide-IP-Browser_is1" = Hide-IP-Browser 1.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{343D8DE3-AE1F-431A-830C-B66352E8CA12}" = OZ776 SCR Driver V1.1.3.9
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{72FECEA1-E87F-4192-89FA-D0FBF92885BB}" = ETS Upgrade
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"LimeWire" = LimeWire 4.18.8
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero 9 Lite_is1" = Nero 9.0.9.4 Lite
"Nortel Business Element Manager" = Nortel Business Element Manager
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Visual MP3 Splitter & Joiner Update trial to full_is1" = Visual MP3 Splitter & Joiner 6.0
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.0.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"X-Wave MP3 Cutter Joiner" = X-Wave MP3 Cutter Joiner 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Folder Lock" = Folder Lock
"SmartDraw 2007" = SmartDraw 2007
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/27/2009 6:52:36 PM | Computer Name = TSTT-E1BF0EC990 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3526, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/28/2009 9:30:40 AM | Computer Name = TSTT-E1BF0EC990 | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.5.4.2165, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/28/2009 9:30:56 AM | Computer Name = TSTT-E1BF0EC990 | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.5.4.2165, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/28/2009 8:05:43 PM | Computer Name = TSTT-E1BF0EC990 | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 7.0.8.218, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/28/2009 8:13:06 PM | Computer Name = TSTT-E1BF0EC990 | Source = Application Error | ID = 1000
Description = Faulting application vprotray.exe, version 14.0.0.24815, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 10/29/2009 6:13:46 AM | Computer Name = TSTT-E1BF0EC990 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 10/29/2009 7:00:24 PM | Computer Name = TSTT-E1BF0EC990 | Source = Norton Ghost | ID = 100
Description = Error EC8F17B7: Cannot create recovery points for job: My Computer
Backup. Error EC8F03FE: Cannot read the properties of the job. Error EC8F1F62:
Cannot find external device 'MY PASSPORT'. Details: The system cannot find the path
specified. Source: Norton Ghost
Error - 10/29/2009 10:20:34 PM | Computer Name = TSTT-E1BF0EC990 | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 10/31/2009 10:06:50 AM | Computer Name = TSTT-E1BF0EC990 | Source = McLogEvent | ID = 259
Description = The scan found detections. Scan engine version 5301.4018 DAT version
5787.
Error - 11/1/2009 8:38:17 AM | Computer Name = TSTT-E1BF0EC990 | Source = McLogEvent | ID = 259
Description = The scan found detections. Scan engine version 5301.4018 DAT version
5788.
[ System Events ]
Error - 10/23/2009 6:36:47 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/23/2009 6:36:47 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 10/23/2009 6:42:30 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/23/2009 6:42:30 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 10/23/2009 6:57:30 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/23/2009 6:57:30 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 10/23/2009 7:17:20 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/23/2009 7:17:20 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 10/23/2009 7:32:22 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/23/2009 7:32:22 PM | Computer Name = TSTT-E1BF0EC990 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
< End of report >
OTL logfile created on: 11/1/2009 4:10:57 PM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = D:\PROGRAMS
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 46.69% Memory free
3.72 Gb Paging File | 2.95 Gb Available in Paging File | 79.24% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.83 Gb Total Space | 48.36 Gb Free Space | 76.97% Space Free | Partition Type: NTFS
Drive D: | 48.84 Gb Total Space | 0.88 Gb Free Space | 1.80% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TSTT-E1BF0EC990
Current User Name: enterprisoperations
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009/10/29 07:36:50 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/29 06:16:53 | 00,788,368 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/10/29 06:16:45 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/28 21:40:15 | 00,521,728 | ---- | M] (OldTimer Tools) -- D:\PROGRAMS\OTL.exe
PRC - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/01 23:12:46 | 00,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/06/10 07:28:58 | 00,321,344 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/05/27 22:30:59 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/06 06:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2008/11/27 02:27:58 | 00,370,032 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2008/11/27 02:19:54 | 00,501,768 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2008/09/29 17:57:48 | 21,755,688 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2008/08/03 19:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/01/19 20:01:08 | 04,388,192 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe
PRC - [2008/01/19 20:01:08 | 02,245,984 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProTray.exe
PRC - [2007/12/20 17:13:46 | 01,553,896 | ---- | M] (Symantec) -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
PRC - [2007/05/10 10:23:50 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\StacSV.exe
PRC - [2007/03/28 21:54:20 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/03/16 18:10:46 | 01,392,640 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\WLTRAY.exe
PRC - [2007/03/16 18:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
PRC - [2007/03/16 18:10:42 | 01,253,376 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\bcmwltry.exe
PRC - [2007/02/22 20:50:00 | 00,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2007/02/22 20:50:00 | 00,112,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
PRC - [2007/02/22 20:50:00 | 00,054,872 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2007/01/30 15:32:42 | 00,102,400 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
PRC - [2007/01/22 11:53:02 | 00,212,992 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2006/12/19 15:06:00 | 00,086,016 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2006/12/19 11:27:54 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2006/12/19 11:27:00 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2006/12/19 11:24:50 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2006/09/25 09:12:20 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
PRC - [2005/07/18 15:23:14 | 00,208,896 | ---- | M] (CMOTECH) -- C:\Program Files\TSTT\CCU550\Bin\CMTNF5500D.exe
PRC - [2004/08/04 06:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/10/29 06:16:45 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/05/27 22:30:57 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/11/10 12:27:50 | 00,313,840 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9 [Auto | Stopped])
SRV - [2008/11/10 12:27:46 | 00,170,480 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9 [Auto | Stopped])
SRV - [2008/11/10 12:27:26 | 01,108,464 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/01/19 20:01:08 | 04,388,192 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost [Auto | Running])
SRV - [2007/12/20 17:13:46 | 01,553,896 | ---- | M] (Symantec) -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService [On_Demand | Running])
SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9 [On_Demand | Stopped])
SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9 [Auto | Stopped])
SRV - [2007/09/12 18:27:24 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2007/05/10 10:23:50 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\StacSV.exe -- (STacSV [Auto | Running])
SRV - [2007/03/28 21:54:20 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/03/16 18:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])
SRV - [2007/02/22 20:50:00 | 00,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2007/02/22 20:50:00 | 00,054,872 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager [Unknown | Running])
SRV - [2007/01/29 21:59:58 | 00,487,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService [On_Demand | Stopped])
SRV - [2006/12/19 11:24:50 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework [Unknown | Running])
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2003/07/28 08:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2009/09/23 08:55:23 | 00,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2009/07/17 03:21:43 | 00,035,363 | ---- | M] () -- C:\WINDOWS\System32\windrvNT.sys -- (windrvNT [Auto | Running])
DRV - [2009/01/09 16:18:02 | 00,027,136 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\System32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Running])
DRV - [2008/05/20 18:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2008/04/13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008/01/19 20:12:42 | 00,128,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wimfltr.sys -- (WimFltr [On_Demand | Stopped])
DRV - [2008/01/19 19:45:40 | 00,038,112 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\v2imount.sys -- (v2imount [Auto | Running])
DRV - [2008/01/19 19:40:16 | 00,015,088 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\vproeventmonitor.sys -- (VProEventMonitor [On_Demand | Stopped])
DRV - [2008/01/19 19:31:38 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2007/12/20 17:13:54 | 00,136,416 | ---- | M] (StorageCraft) -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap [Boot | Running])
DRV - [2007/05/10 10:24:34 | 01,222,840 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
DRV - [2007/05/01 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007/03/28 22:02:20 | 01,975,808 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2007/02/22 20:50:00 | 00,170,408 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys -- (mfehidk [On_Demand | Running])
DRV - [2007/02/16 15:46:00 | 00,160,256 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
DRV - [2006/11/30 08:50:00 | 00,072,264 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV - [2006/11/30 08:50:00 | 00,064,360 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys -- (mfeapfk [On_Demand | Running])
DRV - [2006/11/30 08:50:00 | 00,052,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdik.sys -- (mfetdik [System | Running])
DRV - [2006/11/30 08:50:00 | 00,034,152 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
DRV - [2006/11/02 18:47:36 | 00,989,696 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/11/02 18:47:00 | 00,209,152 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/11/02 18:46:56 | 00,730,112 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2006/08/28 15:00:44 | 00,019,968 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV [Boot | Running])
DRV - [2006/07/01 22:39:40 | 00,036,864 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2006/06/19 13:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2004/12/13 17:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2004/08/04 06:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
========== Modules (SafeList) ==========
MOD - [2009/10/28 21:40:15 | 00,521,728 | ---- | M] (OldTimer Tools) -- D:\PROGRAMS\OTL.exe
MOD - [2008/04/13 20:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll
MOD - [2007/01/30 15:31:50 | 00,286,720 | ---- | M] () -- C:\WINDOWS\System32\wxvault.dll
MOD - [2007/01/30 15:30:30 | 00,004,096 | ---- | M] () -- C:\WINDOWS\System32\detoured.dll
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.phazemp3.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://search.speedbit.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
FF - prefs.js..keyword.URL: "http://search.speedbit.com/searchresults.asp?src=default&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/31 03:00:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/29 07:36:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/29 07:36:55 | 00,000,000 | ---D | M]
[2009/06/02 13:40:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\mozilla\Extensions
[2009/06/02 13:40:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/01 07:26:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\mozilla\Firefox\Profiles\pgw9ptsm.default\extensions
[2009/08/31 05:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\mozilla\Firefox\Profiles\pgw9ptsm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/09 22:39:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\mozilla\Firefox\Profiles\pgw9ptsm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/06/10 07:28:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\mozilla\Firefox\Profiles\pgw9ptsm.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/11/01 07:26:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/10/29 07:36:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/04 01:52:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/11 08:22:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/10/04 21:07:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/29 07:36:50 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/10/29 07:36:50 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/03 20:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/10/29 07:36:52 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/03/22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2006/12/18 04:18:30 | 00,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/08/30 05:55:16 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/30 05:55:16 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/30 05:55:16 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/30 05:55:16 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/30 05:55:16 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/30 05:55:16 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/30 05:55:16 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll (McAfee, Inc.)
O2 - BHO: (SBCONVERT Class) - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [TSTTCCU_550] C:\Program Files\TSTT\CCU550\Bin\CMTNF5500D.exe (CMOTECH)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe (XemiComputers ltd.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (wxvault.dll) - C:\WINDOWS\System32\wxvault.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (waveGina.dll) - C:\WINDOWS\System32\waveGina.dll (Wave Systems Corp)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/24 10:17:47 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\start.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[2009/10/29 06:13:25 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/03 07:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cerience
[2009/10/10 12:08:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/10/29 06:13:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/10/22 22:41:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/31 07:21:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/10/03 07:25:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2009/10/03 07:28:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2009/10/28 23:29:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/10/28 22:25:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Application Data\AVG8
[2009/10/28 21:34:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Application Data\Malwarebytes
[2009/10/10 18:05:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Application Data\Mobipocket
[2009/10/03 07:39:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Application Data\Research In Motion
[1 C:\Documents and Settings\enterprisoperations\My Documents\*.tmp files]
[2009/10/31 07:20:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/10/03 07:16:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2009/10/03 07:25:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2009/10/10 12:14:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2009/10/03 07:16:26 | 00,000,000 | ---D | C] -- C:\Program Files\Cerience
[2009/10/19 12:10:50 | 00,000,000 | ---D | C] -- C:\Program Files\Error Repair Professional
[2009/10/17 21:13:12 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallJammer Registry
[2009/10/29 06:13:13 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/10/28 21:34:47 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/31 07:20:29 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/10/10 18:04:59 | 00,000,000 | ---D | C] -- C:\Program Files\Mobipocket.com
[2009/10/03 07:16:11 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2009/10/10 12:14:10 | 00,000,000 | ---D | C] -- C:\Program Files\Roxio
[2009/10/28 23:29:18 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/17 21:12:44 | 00,000,000 | ---D | C] -- C:\Program Files\Voip Development Kit
[2009/10/31 21:41:51 | 00,000,000 | ---D | C] -- C:\Program Files\vSoft
[2009/10/31 21:42:18 | 00,000,000 | ---D | C] -- C:\Downloads
[2009/10/31 07:20:55 | 00,034,152 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/10/31 07:20:54 | 00,072,264 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/10/31 07:20:54 | 00,064,360 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2009/10/31 07:20:54 | 00,052,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdik.sys
[2009/10/31 07:20:53 | 00,170,408 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2009/10/29 06:22:43 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/29 06:22:38 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/10/25 18:59:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\Anthony Hamilton - The Point Of It All (2008)
[2009/10/23 00:16:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\New Folder (3)
[2009/10/22 22:41:43 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/20 21:00:19 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/20 20:56:05 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\enterprisoperations\Desktop\hh.exe
[2009/10/20 17:57:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\BeamBerry41
[2009/10/20 06:25:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\New Folder (4)
[2009/10/18 08:50:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\New Folder (2)
[2009/10/18 08:12:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\dtg
[2009/10/17 15:38:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\svc
[2009/10/10 18:05:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\My Documents\My eBooks
[2009/10/10 12:13:48 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ENU.DLL
[2009/10/05 18:40:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\enterprisoperations\Desktop\theme
[2009/10/04 21:07:15 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/04 21:07:14 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/04 21:07:14 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/03 07:17:18 | 00,027,136 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\enterprisoperations\My Documents\*.tmp files]
[2009/11/01 15:26:00 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2009/11/01 14:40:52 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/11/01 14:38:06 | 00,000,490 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2009/11/01 14:37:44 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/01 14:36:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/01 14:36:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2009/10/31 21:45:02 | 00,002,527 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Rapidshare Auto Downloader.lnk
[2009/10/29 23:15:16 | 53,806,976 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\_Naruto_Shippuuden_133.mp4
[2009/10/29 06:22:35 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/10/29 06:22:21 | 00,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/29 06:13:23 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/28 23:29:23 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\Spybot - Search & Destroy.lnk
[2009/10/28 21:34:52 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/28 17:25:29 | 01,074,040 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\CST_2007_Midterm_Solution.pdf
[2009/10/28 17:22:49 | 00,119,189 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\MATLAB_Tutorial_Makeup.pdf
[2009/10/28 13:20:41 | 00,054,272 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/28 10:36:06 | 55,875,005 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\Bleach - 243 - One-To-One Fight! Ichigo Vs. Senbonzakura.mkv
[2009/10/27 07:18:43 | 00,106,677 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\Lab_1_and_Tutorial_Schedule_2009-2010.pdf
[2009/10/26 19:51:51 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/10/23 13:38:18 | 00,000,372 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\My Documents\spider.sav
[2009/10/23 00:22:39 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\trjsetup681.exe.dap
[2009/10/22 23:57:23 | 00,660,015 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\IENG3004_Lecture_6_09-10_S1.pdf
[2009/10/20 20:58:43 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\SecurityCheck.exe.dap
[2009/10/20 20:58:33 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\enterprisoperations\Desktop\hh.exe
[2009/10/20 20:58:13 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\OTL.exe.dap
[2009/10/20 20:44:59 | 00,105,955 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\equipment_management_7-03.pdf
[2009/10/20 20:09:10 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2009/10/19 20:01:54 | 00,018,293 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\tstt.ht
[2009/10/16 23:03:17 | 01,768,302 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\GUIDELINES%20FOR%20SPECIAL%20PROJECTS.pdf
[2009/10/16 22:57:51 | 00,071,141 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\GUIDELINES%20FOR%20PREPARING%20AND%20WRITING%20A%20FINAL%20YEAR%20RESEARCH%20PROJECT%20(Word).pdf
[2009/10/16 22:56:17 | 00,132,224 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\UNDERGRADUATE%20STUDENT%20GUIDE.pdf
[2009/10/16 22:53:25 | 00,344,084 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\PRELIMINARY%20PRESENTATION%20BY%20ADRIAN%20NEMHARD.pdf
[2009/10/16 19:57:15 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\~$rk Fraser.doc
[2009/10/10 18:05:30 | 00,002,547 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\Mobipocket Reader.lnk
[2009/10/10 16:55:45 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\enterprisoperations\Desktop\~$ReadMe.rtf
[2009/10/10 11:59:07 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/10/07 21:20:59 | 03,176,084 | -H-- | M] () -- C:\Documents and Settings\enterprisoperations\Local Settings\Application Data\IconCache.db
[2009/10/05 00:29:11 | 01,088,316 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\My Documents\ip.sdr
[2009/10/04 20:56:59 | 00,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2009/10/03 07:39:14 | 00,035,240 | ---- | M] () -- C:\Documents and Settings\enterprisoperations\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/03 07:32:11 | 00,165,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== Files - No Company Name ==========
[2009/10/31 21:41:52 | 00,002,527 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Rapidshare Auto Downloader.lnk
[2009/10/31 07:21:15 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2009/10/30 23:31:06 | 53,806,976 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\_Naruto_Shippuuden_133.mp4
[2009/10/29 07:17:43 | 00,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/29 06:23:48 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/29 06:13:23 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/28 23:29:23 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\Spybot - Search & Destroy.lnk
[2009/10/28 21:09:22 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2009/10/28 21:09:22 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2009/10/28 21:09:21 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2009/10/28 21:09:21 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2009/10/28 21:09:21 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2009/10/28 21:09:20 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2009/10/28 21:09:20 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2009/10/28 21:09:20 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2009/10/28 21:09:19 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2009/10/28 21:09:19 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2009/10/28 21:09:19 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2009/10/28 21:09:18 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2009/10/28 21:09:18 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2009/10/28 21:09:18 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2009/10/28 21:09:17 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2009/10/28 21:09:17 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2009/10/28 21:09:16 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2009/10/28 21:09:16 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2009/10/28 21:09:16 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2009/10/28 21:09:15 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2009/10/28 21:09:15 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2009/10/28 21:09:14 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2009/10/28 21:09:14 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2009/10/28 21:09:14 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2009/10/28 17:25:29 | 01,074,040 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\CST_2007_Midterm_Solution.pdf
[2009/10/28 17:22:49 | 00,119,189 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\MATLAB_Tutorial_Makeup.pdf
[2009/10/28 10:36:06 | 55,875,005 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\Bleach - 243 - One-To-One Fight! Ichigo Vs. Senbonzakura.mkv
[2009/10/27 07:18:43 | 00,106,677 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\Lab_1_and_Tutorial_Schedule_2009-2010.pdf
[2009/10/23 13:38:18 | 00,000,372 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\My Documents\spider.sav
[2009/10/23 00:22:31 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\trjsetup681.exe.dap
[2009/10/22 23:57:23 | 00,660,015 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\IENG3004_Lecture_6_09-10_S1.pdf
[2009/10/22 22:41:52 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/20 20:58:34 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\SecurityCheck.exe.dap
[2009/10/20 20:58:07 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\OTL.exe.dap
[2009/10/20 20:45:02 | 00,105,955 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\equipment_management_7-03.pdf
[2009/10/16 23:03:16 | 01,768,302 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\GUIDELINES%20FOR%20SPECIAL%20PROJECTS.pdf
[2009/10/16 22:57:51 | 00,071,141 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\GUIDELINES%20FOR%20PREPARING%20AND%20WRITING%20A%20FINAL%20YEAR%20RESEARCH%20PROJECT%20(Word).pdf
[2009/10/16 22:56:17 | 00,132,224 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\UNDERGRADUATE%20STUDENT%20GUIDE.pdf
[2009/10/16 22:53:25 | 00,344,084 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\PRELIMINARY%20PRESENTATION%20BY%20ADRIAN%20NEMHARD.pdf
[2009/10/16 19:57:15 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\~$rk Fraser.doc
[2009/10/10 18:05:01 | 00,002,547 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\Mobipocket Reader.lnk
[2009/10/10 16:55:45 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\~$ReadMe.rtf
[2009/10/10 11:59:07 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/10/05 00:29:10 | 01,088,316 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\My Documents\ip.sdr
[2009/10/03 07:39:37 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/10/03 07:13:58 | 04,958,540 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Desktop\setup_repligo2.0_s60.exe
[2009/07/13 21:58:31 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/07/07 10:18:05 | 00,055,296 | ---- | C] () -- C:\WINDOWS\System32\HAESvr.dll
[2009/07/05 17:51:16 | 00,163,840 | ---- | C] () -- C:\WINDOWS\PKillProcess.dll
[2009/07/02 11:29:57 | 00,001,050 | ---- | C] () -- C:\WINDOWS\SHOWNTEL.INI
[2009/06/04 07:56:09 | 00,000,436 | ---- | C] () -- C:\WINDOWS\Hide-IP-Browser.INI
[2009/05/31 02:31:00 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\suppdll.dll
[2009/05/31 01:35:13 | 00,054,272 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 20:23:12 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/05/28 13:31:53 | 00,035,363 | ---- | C] () -- C:\WINDOWS\System32\windrvNT.sys
[2009/05/28 07:09:22 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/05/28 07:08:10 | 01,736,704 | ---- | C] () -- C:\WINDOWS\System32\Tsp1.dll
[2009/05/28 07:06:25 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2009/05/28 07:06:25 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2009/05/27 22:23:05 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/05/27 22:23:04 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/05/27 22:05:00 | 03,176,084 | -H-- | C] () -- C:\Documents and Settings\enterprisoperations\Local Settings\Application Data\IconCache.db
[2009/05/27 21:59:28 | 00,035,240 | ---- | C] () -- C:\Documents and Settings\enterprisoperations\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/05/24 10:23:13 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\enterprisoperations\Application Data\desktop.ini
[2009/05/24 06:07:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2007/11/06 16:19:28 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/01/31 20:16:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/01/31 20:11:14 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\OEM_Resources.dll
[2007/01/31 20:08:44 | 00,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/01/31 20:08:36 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/01/31 20:08:26 | 00,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/01/31 20:08:18 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/01/31 20:08:08 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/01/31 20:08:00 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/01/31 20:07:50 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/01/31 20:07:42 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/01/31 20:07:34 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/01/31 20:07:24 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/01/31 13:09:46 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/01/31 13:09:26 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/01/31 13:09:06 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/01/31 13:08:46 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/01/31 13:08:26 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/01/31 13:08:06 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/01/31 13:07:46 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/01/31 13:07:26 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/01/31 13:07:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/01/31 13:06:46 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/01/30 15:31:50 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/01/30 15:30:30 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2007/01/02 09:14:20 | 00,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2006/08/14 11:02:10 | 00,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2004/09/10 12:34:00 | 00,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 12:34:00 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/04 06:00:00 | 00,000,603 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 06:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/03/19 14:13:42 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\etherui.dll
[2003/01/07 11:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2009/11/01 16:04:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/10/29 06:13:25 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/03 07:16:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cerience
[2009/05/28 06:25:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/10/10 12:14:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2009/10/23 00:23:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/06/01 12:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/28 07:14:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2009/05/27 23:08:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/11/01 16:04:09 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\enterprisoperations\Application Data
[2009/10/28 01:40:51 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\enterprisoperations\Application Data\.#
[2009/05/31 01:50:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\ATI
[2009/06/17 16:33:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\BitTorrent
[2009/06/02 13:32:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\DAEMON Tools Pro
[2009/11/01 16:07:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\DNA
[2009/07/26 12:47:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\dvdcss
[2009/11/01 04:01:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\LimeWire
[2009/10/10 18:05:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\Mobipocket
[2009/10/03 07:39:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\Research In Motion
[2009/07/13 21:58:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\SmartDraw
[2009/11/01 07:14:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\Wave Systems Corp
[2009/06/02 13:45:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\XemiComputers
[2009/07/08 12:55:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\enterprisoperations\Application Data\X-Wave MP3 Cutter Joiner
[2009/11/01 14:40:52 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2009/11/01 15:26:00 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2009/11/01 04:02:41 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2009/11/01 14:08:06 | 00,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/11/01 14:36:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/11/01 14:38:06 | 00,000,490 | ---- | M] () -- C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
< End of report >
Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
McAfee VirusScan Enterprise
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Spybot - Search & Destroy
Norton Ghost
Java™ 6 Update 14
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 7.1.0
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
``````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
`````````End of Log```````````
Full Version: help think im infected
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it at least 20-30 minutes to finish if needed.
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it at least 20-30 minutes to finish if needed.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.