Hello Blade81. Thanks so much for your help.
When I try to send the results of the OTViewIt files I get this message: Fatal error: Maximum execution time of 30 seconds exceeded in /arrayx/www/forums/includes/functions.php on line 1745
So I will try to send one at a time to see if that works.
OTViewIt logfile created on: 1/26/2009 12:53:37 AM - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 70.32% Memory free
3.85 Gb Paging File | 3.44 Gb Available in Paging File | 89.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 209.92 Gb Free Space | 90.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MVP-97C98CED986
Current User Name: Admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ==========
[2004/08/25 12:26:56 | 00,389,120 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
[2007/05/29 15:33:36 | 00,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
[2007/05/29 15:33:26 | 00,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
[2007/07/26 18:25:20 | 01,181,016 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
[2008/10/30 13:43:53 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2007/05/29 15:33:22 | 00,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[2007/10/07 19:48:40 | 00,125,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
[2004/10/14 13:42:54 | 01,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
[2008/12/27 10:20:38 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2004/12/14 01:12:02 | 00,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
[2008/06/24 15:06:06 | 01,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
[2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[2008/09/10 11:00:00 | 00,525,664 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
[2007/10/07 19:48:24 | 00,031,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
[2008/10/23 05:30:40 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[2008/12/27 10:20:38 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2008/06/08 08:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
[2006/12/19 09:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe
[2007/10/07 19:48:32 | 01,822,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
[2008/05/26 22:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe
[2004/08/04 02:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/06/24 15:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
[2009/01/26 00:50:14 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTViewIt.exe
========== (O23) Win32 Services ==========
[2008/10/30 13:43:53 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/09/14 11:41:34 | 00,069,632 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2004/08/25 12:26:56 | 00,389,120 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2004/08/25 11:52:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2007/05/29 15:33:26 | 00,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr [Auto | Running])
[2007/05/29 15:33:36 | 00,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr [Auto | Running])
[2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/10/07 19:48:24 | 00,031,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch [Auto | Running])
[2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/10/23 05:30:40 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
[2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/12/27 10:20:38 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/08/28 18:04:25 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2008/06/08 08:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
[2003/03/03 12:33:40 | 00,143,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc [On_Demand | Stopped])
[2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2008/06/24 15:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
[2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006/12/19 09:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
[2007/10/07 19:48:36 | 00,116,664 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam [On_Demand | Stopped])
[2007/08/27 16:14:00 | 00,214,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc [On_Demand | Stopped])
[2007/07/26 18:25:20 | 01,181,016 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc [Auto | Running])
[2007/10/07 19:48:32 | 01,822,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus [Auto | Running])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2008/05/26 22:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe -- (WSearch [Auto | Running])
========== Driver Services ==========
[2004/08/25 12:28:46 | 00,787,456 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2004/12/13 13:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
[2004/08/03 21:58:30 | 00,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\Dot4.sys -- (Dot4 [On_Demand | Running])
[2001/08/17 12:47:32 | 00,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\Dot4Prt.sys -- (Dot4Print [On_Demand | Running])
[2005/06/13 12:58:04 | 00,162,816 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2008/09/14 00:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
[2008/09/17 00:00:00 | 00,099,376 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
[2008/07/09 10:30:16 | 00,040,368 | ---- | M] (Paragon Software Group) -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3 [Boot | Running])
[2004/03/05 21:14:42 | 01,233,525 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51 [On_Demand | Running])
[2004/03/05 21:15:34 | 00,647,929 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52 [On_Demand | Running])
[2004/06/15 21:52:40 | 00,061,157 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53 [On_Demand | Running])
[2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
[2004/03/05 21:13:38 | 00,037,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt [On_Demand | Running])
[2008/11/20 01:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090123.003\NAVENG.SYS -- (NAVENG [On_Demand | Running])
[2008/11/20 01:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090123.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
[2001/08/22 07:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI [System | Running])
[2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2006/09/06 13:41:20 | 00,337,592 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT [System | Running])
[2006/09/06 13:41:20 | 00,054,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL [System | Running])
[2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/09/17 08:02:54 | 00,732,928 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt [On_Demand | Running])
[2005/01/27 14:31:06 | 00,260,352 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
[2007/07/26 18:25:18 | 00,400,216 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [System | Running])
[2008/09/14 11:14:06 | 00,110,952 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
[2007/08/27 16:13:32 | 00,023,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV [On_Demand | Running])
[2007/08/27 16:13:36 | 00,189,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI [System | Running])
========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://google.com/
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://google.com/
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
========== (O1) Hosts File ==========
HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ==========
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" (Nero AG)
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe (Symantec Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (Nero AG)
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (Nero AG)
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
========== (O4) Startup Folders ==========
[2008/09/14 11:41:30 | 00,025,214 | R--- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
[2000/08/24 13:16:34 | 00,110,592 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[2008/09/10 11:00:00 | 00,525,664 | R--- | M] (WinZip Computing, S.L.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Convert link target to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert link target to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selected links to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selected links to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selection to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selection to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\Software\Microsoft\Internet Explorer\MenuExt\]
Convert link target to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert link target to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selected links to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selected links to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selection to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert selection to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Convert to existing PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004/12/14 01:13:40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2008/09/15 14:25:44 | 01,562,960 | -HS- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1935655697-57989841-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{215B8138-A3CF-44C5-803F-8226143CFC0A}: http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab -- Trend Micro ActiveX Scan Agent 6.6
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229764063562 -- WUWebControl Class
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229766108484 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1230409817327&h=058a79393a2fba06c5498cafde81676b/&filename=jinstall-6u11-windows-i586-jc.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
========== (O17) DNS Name Servers ==========
{5076978C-A116-48D2-9B00-BE2472A58C93} (Servers: | Description: Intel(R) PRO/100 VE Network Connection)
========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
NavLogon: "DllName" = C:\WINDOWS\system32\NavLogon.dll -- C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" (HKLM) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
========== Safeboot Options ==========
"AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2008/09/14 01:05:23 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== MountPoints2 ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c98b113e-8290-11dd-9b5f-e026a45cc502}\Shell\AutoRun\command]
""=Secret.exe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c98b113e-8290-11dd-9b5f-e026a45cc502}\Shell\explore\Command]
""=Secret.exe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c98b113e-8290-11dd-9b5f-e026a45cc502}\Shell\open\Command]
""=Secret.exe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e277f841-d073-11dd-a8b5-001111ce353f}\Shell]
""=AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e277f841-d073-11dd-a8b5-001111ce353f}\Shell\AutoRun]
""=Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e277f841-d073-11dd-a8b5-001111ce353f}\Shell\AutoRun\command]
""=J:\LaunchU3.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell]
""=AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\AutoRun]
""=Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\AutoRun\command]
""=J:\LaunchU3.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[5 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/01/26 00:50:13 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTViewIt.exe
[2009/01/24 15:06:56 | 00,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/01/24 15:06:56 | 00,001,666 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/01/24 15:06:56 | 00,000,992 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009/01/21 11:13:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/01/21 11:12:15 | 00,000,617 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\NTREGOPT.lnk
[2009/01/21 11:12:15 | 00,000,598 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\ERUNT.lnk
[2009/01/21 11:12:14 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/01/21 10:43:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Security
[2009/01/20 18:50:48 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/01/20 18:50:48 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/01/20 16:46:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\ApplicationHistory
[2009/01/20 16:24:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Windows Search
[2009/01/20 16:18:10 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/01/20 16:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/01/20 16:16:52 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/01/20 16:11:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/01/20 16:10:36 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/01/20 16:09:44 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2009/01/20 16:09:29 | 00,000,000 | ---D | C] -- C:\0512ca9df8120aa82bf5f92ef643
[2009/01/20 16:09:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Windows Desktop Search
[2009/01/20 16:09:10 | 00,001,793 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/01/20 16:09:01 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/01/20 16:09:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/01/20 16:08:12 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/01/20 16:07:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/01/20 16:02:47 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/01/20 16:02:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/01/20 16:02:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2009/01/20 15:58:18 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/01/20 15:58:18 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/01/20 15:58:18 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/01/01 15:30:34 | 00,000,855 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to HiJackThis.lnk
[2008/12/28 21:14:00 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Admin\My Documents\My Videos
[2008/12/27 21:06:42 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/27 21:06:42 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2008/12/27 21:05:46 | 00,781,851 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\RSIT.exe
[2008/12/27 17:42:58 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2008/12/27 17:42:34 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/12/27 17:42:18 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2008/12/27 17:42:10 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2008/12/27 17:40:20 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2008/12/27 17:40:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/12/27 17:40:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2008/12/27 10:21:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/12/27 10:20:35 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/12/27 10:18:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Sun
========== Files - Modified Within 30 Days ==========
[5 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/01/26 00:50:14 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTViewIt.exe
[2009/01/25 10:18:11 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/01/24 16:08:14 | 00,008,192 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/24 16:07:29 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/01/24 15:08:41 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/01/24 15:08:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/01/24 15:08:17 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/01/24 15:07:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/01/24 15:06:56 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/01/24 15:06:56 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/01/24 15:06:56 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/01/21 12:19:48 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Office Word 2003.lnk
[2009/01/21 11:12:15 | 00,000,617 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\NTREGOPT.lnk
[2009/01/21 11:12:15 | 00,000,598 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\ERUNT.lnk
[2009/01/21 09:44:25 | 00,063,984 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/01/20 18:50:48 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/01/20 18:03:45 | 00,551,928 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/01/20 18:03:45 | 00,462,668 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/20 18:03:45 | 00,078,362 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/20 17:08:47 | 00,243,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/20 16:09:41 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/01/20 16:09:10 | 00,001,793 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/01/09 17:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/01/09 08:45:17 | 00,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2009/01/04 12:59:17 | 00,002,495 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Excel 2003.lnk
[2009/01/01 15:30:34 | 00,000,855 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to HiJackThis.lnk
[2008/12/27 21:05:59 | 00,781,851 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\RSIT.exe
[2008/12/27 18:47:40 | 00,000,157 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\default.pls
[2008/12/27 17:42:26 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/27 17:42:26 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/27 17:40:20 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2008/12/27 17:39:12 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
< End of report >
OTViewIt Extras logfile created on: 1/26/2009 12:53:37 AM - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 70.32% Memory free
3.85 Gb Paging File | 3.44 Gb Available in Paging File | 89.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 209.92 Gb Free Space | 90.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MVP-97C98CED986
Current User Name: Admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/10/14 23:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer
[2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2000/04/19 17:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/03/14 13:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/05/10 13:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])
========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 13:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=ATI Control Panel
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}"=Google Earth
"{2085C617-589C-40F8-BE40-EDBC9E2CA2EB}"=Symantec AntiVirus
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java(TM) 6 Update 11
"{2BA00471-0328-3743-93BD-FA813353A783}"=Microsoft .NET Framework 3.0 Service Pack 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}"=VCRedistSetup
"{412033BC-44CF-48D9-B813-4B835101F4D3}"=Adobe Illustrator 10
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}"=Microsoft Office Live Add-in 1.3
"{5D0EE2EF-CD4F-40CB-B6ED-A71B39E59742}"=Paragon Total Defrag 2009
"{8984E374-6C93-427C-A3B9-AD92472FDCA0}"=Windows Live Sign-in Assistant
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{97E38F11-0FBE-4BC2-9EE1-5B1421C76F27}"=Adobe GoLive 6.0
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}"=Intel(R) PROSet
"{AA2AAB2B-DE21-48DB-B15B-118AB957D3FF}"=Adobe LiveMotion 2.0
"{AC76BA86-1033-0000-7760-000000000002}"=Adobe Acrobat 7.0 Professional
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{BAF78226-3200-4DB4-BE33-4D922A799840}"=Windows Presentation Foundation
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}"=WinZip 12.0
"{D6C9AF27-9414-46C8-B9D8-D878BA041033}"=Nero 8
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}"=Dell ResourceCD
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware
"{F0A37341-D692-11D4-A984-009027EC0A9C}"=SoundMAX
"Adobe Acrobat 7.0 Professional"=Adobe Acrobat 7.0 Professional
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Photoshop 7.0"=Adobe Photoshop 7.0
"Adobe SVG Viewer"=Adobe SVG Viewer 3.0
"All ATI Software"=ATI - Software Uninstall Utility
"ATI Display Driver"=ATI Display Driver
"ERUNT_is1"=ERUNT 1.1j
"Google Updater"=Google Updater
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"Intel(R) 537EP V9x DF PCI Modem"=Intel(R) 537EP V9x DF PCI Modem
"K9-Ped"=K9-Ped
"LiveUpdate"=LiveUpdate 3.2 (Symantec Corporation)
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"PROSet"=Intel(R) PRO Network Connections Drivers
"QuickTime"=QuickTime
"WIC"=Windows Imaging Component
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/26/2008 9:37:02 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.3156, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/26/2008 9:37:42 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.3156, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/26/2008 9:39:05 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/26/2008 9:39:06 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/26/2008 9:39:21 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.3156, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 1/20/2009 8:09:34 PM | Computer Name = MVP-97C98CED986 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog
Error - 1/20/2009 10:13:23 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 1/20/2009 10:13:50 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1001
Description = Fault bucket 1015682910.
Error - 1/20/2009 10:40:50 PM | Computer Name = MVP-97C98CED986 | Source = MsiInstaller | ID = 1013
Description = Product: Windows Live Sign-in Assistant -- Newer version already installed.
Error - 1/21/2009 1:26:35 PM | Computer Name = MVP-97C98CED986 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 12/20/2008 5:38:49 AM | Computer Name = MVP-97C98CED986 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 12/20/2008 5:40:23 AM | Computer Name = MVP-97C98CED986 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 12/20/2008 5:41:29 AM | Computer Name = MVP-97C98CED986 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 12/28/2008 12:29:10 AM | Computer Name = MVP-97C98CED986 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.
Error - 12/28/2008 12:29:30 AM | Computer Name = MVP-97C98CED986 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk3\D.
Error - 1/1/2009 3:12:43 PM | Computer Name = MVP-97C98CED986 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000056'
while processing the file '~efe2.tmp' on the volume 'HarddiskVolume1'. It has
stopped monitoring the volume.
Error - 1/4/2009 7:06:01 PM | Computer Name = MVP-97C98CED986 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 001111CE353F has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 1/4/2009 7:06:54 PM | Computer Name = MVP-97C98CED986 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 001111CE353F has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 1/19/2009 12:18:14 AM | Computer Name = MVP-97C98CED986 | Source = Print | ID = 6161
Description = The document Microsoft Word - Document1 owned by Admin failed to print
on printer HP OfficeJet G85xi. Data type: NT EMF 1.008. Size of the spool file
in bytes: 65536. Number of bytes printed: 0. Total number of pages in the document:
2. Number of pages printed: 0. Client machine: \\MVP-97C98CED986. Win32 error code
returned by the print processor: 31 (0x1f).
Error - 1/19/2009 12:21:59 AM | Computer Name = MVP-97C98CED986 | Source = Print | ID = 6161
Description = The document Microsoft Word - Document1 owned by Admin failed to print
on printer HP OfficeJet G85xi. Data type: NT EMF 1.008. Size of the spool file
in bytes: 65536. Number of bytes printed: 0. Total number of pages in the document:
2. Number of pages printed: 0. Client machine: \\MVP-97C98CED986. Win32 error code
returned by the print processor: 31 (0x1f).
< End of report >