toby1015
2009-12-24, 00:32
Hi,
Here is the link to original message:
http://forums.spybot.info/showthread.php?t=54005
I ran the recommended programs, things seem to be better already. What should I do next?
Many thanks!
here are the logs:
Malwarebytes' Anti-Malware 1.42
Database version: 3418
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
12/23/2009 2:03:36 PM
mbam-log-2009-12-23 (14-03-36).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 251577
Time elapsed: 1 hour(s), 13 minute(s), 33 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 5
Folders Infected: 3
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Guard 2009 (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Personal Guard 2009 (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sigivufuf (Trojan.Vundo.H) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe logon.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1bbd8cfa-b4f0-4c8b-8b49-6f80213e3c18}\NameServer (Trojan.DNSChanger) -> Data: 83.149.115.182 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{649f5fd6-5fef-48a4-a19e-622d6ad9ee8e}\NameServer (Trojan.DNSChanger) -> Data: 83.149.115.182 -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\Personal Guard 2009 (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\Personal Guard 2009\q (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Microsoft AData (Rogue.SmartProtector) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\neweyoko.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP554\A0057251.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP555\A0057302.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\logon.exe (Worm.Emold) -> Delete on reboot.
C:\Documents and Settings\All Users\Microsoft AData\t.sid (Rogue.SmartProtector) -> Quarantined and deleted successfully.
C:\WINDOWS\certSystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Microsoftdef.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\regred.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\securits.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\spoov.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\usExplorer.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
OTL logfile created on: 12/23/2009 2:11:55 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 528.00 Mb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.68 Gb Total Space | 48.98 Gb Free Space | 72.37% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 5.08 Gb Free Space | 74.35% Space Free | Partition Type: FAT32
Drive E: | 287.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KIM
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\MozyHome\mozystat.exe ()
PRC - C:\Program Files\MozyHome\mozybackup.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\2020V8\Mswin\60\SCBar.Exe (MKS Informatique)
PRC - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
PRC - C:\Program Files\Lexmark 9300 Series\lxcqmon.exe ()
PRC - C:\WINDOWS\system32\lxcqcoms.exe ( )
PRC - C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Yahoo!\browser\ycommon.exe (Yahoo!, Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\Brmfrmps.exe (Brother Industries, Ltd.)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (mozybackup) -- C:\Program Files\MozyHome\mozybackup.exe ()
SRV - (lxcq_device) -- C:\WINDOWS\System32\lxcqcoms.exe ( )
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (brmfrmps) -- C:\WINDOWS\System32\Brmfrmps.exe (Brother Industries, Ltd.)
SRV - (Brother XP spl Service) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
========== Driver Services (SafeList) ==========
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Cdr4_xp) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys (Roxio)
DRV - (mozyFilter) -- C:\WINDOWS\system32\drivers\mozy.sys (Mozy, Inc.)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (Sentinel) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)
DRV - (SNTNLUSB) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (SafeNet, Inc.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (Cdralw2k) -- C:\WINDOWS\system32\drivers\cdralw2k.sys (Roxio)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camchal.sys (Conexant Systems Inc.)
DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camcaud.sys (Conexant Systems Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (mdmxsdk) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (mxnic) -- C:\WINDOWS\system32\drivers\mxnic.sys (Macronix International Co., Ltd. )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [Lexmark 9300 Series Fax Server] C:\Program Files\Lexmark 9300 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCQCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcqmon.exe] C:\Program Files\Lexmark 9300 Series\lxcqmon.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\20-20 Shortcut Bar.lnk = C:\2020V8\Mswin\60\SCBar.Exe (MKS Informatique)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (c:\windows\system32\huzaweli.dll) - C:\WINDOWS\System32\huzaweli.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\litinika.dll) - C:\WINDOWS\System32\litinika.dll File not found
O20 - AppInit_DLLs: (vusiluya.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\fiyamepe.dll) - C:\WINDOWS\System32\fiyamepe.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O21 - SSODL: bezaweget - {77e15052-7b5a-4d4e-b5f5-e1837aa36758} - C:\WINDOWS\System32\huzaweli.dll File not found
O21 - SSODL: nelebosog - {f17ff03e-41e1-4fbe-90cb-fa1981236e2c} - C:\WINDOWS\System32\fiyamepe.dll File not found
O21 - SSODL: SysNet - {0D88706E-E18A-4D92-A316-2C924EC1B75C} - C:\Documents and Settings\All Users\Microsoft AData\sysnet.dll File not found
O21 - SSODL: vuheborud - {512c48b8-d21c-4920-ae10-97341d325234} - C:\WINDOWS\System32\litinika.dll File not found
O22 - SharedTaskScheduler: {512c48b8-d21c-4920-ae10-97341d325234} - kupuhivus - C:\WINDOWS\System32\litinika.dll File not found
O22 - SharedTaskScheduler: {77e15052-7b5a-4d4e-b5f5-e1837aa36758} - mujuzedij - C:\WINDOWS\System32\huzaweli.dll File not found
O22 - SharedTaskScheduler: {f17ff03e-41e1-4fbe-90cb-fa1981236e2c} - mujuzedij - C:\WINDOWS\System32\fiyamepe.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/09 17:13:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 13:15:24 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/06/09 12:29:29 | 00,000,027 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2009/12/23 14:10:54 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/12/23 12:42:35 | 04,844,264 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/12/08 14:07:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/08 14:06:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/08 14:05:45 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\My Documents\HijackThisInstaller.exe
[2009/12/08 14:01:57 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/07 12:00:59 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/12/07 12:00:08 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/11/06 15:45:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/04/28 11:17:49 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCQhcp.dll
[2009/04/28 11:17:48 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqinpa.dll
[2009/04/28 11:17:47 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqiesc.dll
[2009/04/28 11:17:46 | 01,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqserv.dll
[2009/04/28 11:17:46 | 00,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqusb1.dll
[2009/04/28 11:17:45 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpmui.dll
[2009/04/28 11:17:45 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqlmpm.dll
[2009/04/28 11:17:45 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqprox.dll
[2009/04/28 11:17:45 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpplc.dll
[2009/04/28 11:17:43 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqhbn3.dll
[2009/04/28 11:17:42 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomm.dll
[2009/04/28 11:17:41 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomc.dll
[2008/02/27 14:19:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/02/27 14:19:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/02/27 14:19:16 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/12/18 13:47:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2007/12/18 13:47:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2007/11/20 12:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\yahoo!
[2006/08/18 20:15:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/06/02 02:13:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[5 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/12/23 14:10:57 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/12/23 14:07:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/23 14:06:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/23 14:05:22 | 05,242,880 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2009/12/23 14:05:22 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2009/12/23 14:05:11 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\xoudbsqf.job
[2009/12/23 14:05:11 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\ngiyxscn.job
[2009/12/23 14:05:11 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\dihjeyjn.job
[2009/12/23 13:13:48 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2BF702A0-C08D-4728-93F3-9B07EACAFAAD}.job
[2009/12/23 12:42:35 | 04,844,264 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/12/23 11:33:50 | 46,946,585 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/23 11:29:05 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/22 11:27:12 | 00,127,709 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/16 17:14:18 | 00,034,486 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2009/12/08 14:07:04 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\HijackThis.lnk
[2009/12/08 14:05:45 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\My Documents\HijackThisInstaller.exe
[2009/12/08 14:02:21 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/12/08 14:02:01 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ERUNT.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/02 11:56:49 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\tojufuze
[5 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/12/08 14:07:04 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\HijackThis.lnk
[2009/12/08 14:02:21 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/12/08 14:02:01 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ERUNT.lnk
[2009/12/01 11:14:44 | 00,000,296 | ---- | C] () -- C:\WINDOWS\tasks\ngiyxscn.job
[2009/04/28 11:23:56 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcqvs.dll
[2009/04/28 11:23:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcqcoin.dll
[2009/04/28 11:23:25 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcqcaps.dll
[2009/04/28 11:23:24 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcqdrs.dll
[2009/04/28 11:23:24 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcqcnv4.dll
[2009/04/28 11:18:52 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lxcqpmon.dll
[2009/04/28 11:18:52 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCQFXPU.DLL
[2009/04/28 11:18:03 | 00,000,031 | ---- | C] () -- C:\WINDOWS\System32\lxcqrwrd.ini
[2009/04/28 11:17:49 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCQinst.dll
[2009/04/28 11:17:43 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxcqgrd.dll
[2008/09/15 16:14:24 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/15 16:11:10 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/01/28 15:32:00 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/12/07 16:03:50 | 00,010,240 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/12 21:19:03 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/07/10 13:32:53 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/07/10 13:31:27 | 00,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2007/07/10 13:31:06 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/04/12 12:57:01 | 00,327,680 | ---- | C] () -- C:\WINDOWS\System32\SmaRTEng.dll
[2007/04/07 12:20:52 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2006/06/14 19:39:43 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/06/14 18:17:43 | 00,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/06/14 18:17:43 | 00,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2006/06/14 18:17:12 | 00,034,486 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2006/06/12 18:22:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006/06/12 16:47:42 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2006/06/12 16:36:54 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2006/06/12 16:02:34 | 00,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2006/06/12 16:02:34 | 00,000,234 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2006/06/12 16:02:34 | 00,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2006/06/12 16:02:34 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/06/12 15:59:36 | 00,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2006/06/01 07:36:19 | 00,000,067 | ---- | C] () -- C:\WINDOWS\rprtvwr.ini
[2006/04/25 09:20:07 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/05 21:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/07 12:53:18 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2005/01/12 09:38:00 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/09 15:49:16 | 00,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/09 15:49:16 | 00,000,521 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2002/03/04 09:16:34 | 00,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
< End of report >
OTL Extras logfile created on: 12/23/2009 2:11:55 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 528.00 Mb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.68 Gb Total Space | 48.98 Gb Free Space | 72.37% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 5.08 Gb Free Space | 74.35% Space Free | Partition Type: FAT32
Drive E: | 287.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KIM
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\PROGRA~1\INTERN~1\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\PROGRA~1\INTERN~1\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\PROGRA~1\INTERN~1\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YPAGER.EXE" = C:\Program Files\Yahoo!\Messenger\YPAGER.EXE:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\yserver.exe" = C:\Program Files\Yahoo!\Messenger\yserver.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Lexmark 9300 Series\LXCQlpx.exe" = C:\Program Files\Lexmark 9300 Series\LXCQlpx.exe:*:Enabled:Lexmark Productivity Suite -- ()
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\1145986384\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1145986384\EE\AOLServiceHost.exe:*:Disabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Disabled:AOLTopSpeed -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Disabled:AOLTsMon -- File not found
"C:\2020V8\Mswin\60\design.exe" = C:\2020V8\Mswin\60\design.exe:*:Enabled:Design -- (20-20 Technologies Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\WINDOWS\system32\lxcqcoms.exe" = C:\WINDOWS\system32\lxcqcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0605656D-AA3F-4723-9E2D-527507F39C9B}" = 20-20 Version 8
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{1727CD47-A408-11d2-AFAD-00C04F72FB3E}" = VBA (2720)
"{178546CA-51FD-468B-B8B4-9629D457BE09}" = 20-20 Version 8
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FAC640E-FFD6-4AA2-A26D-5500E433A29C}" = 20-20 Version 8
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2b02f822-a9b9-458c-80e5-3ea8c0de8471}" = QuickBooks Pro Edition 2004
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A62D394-59E0-4304-93EA-493481A321F2}" = 20-20 Version 8
"{3D387C36-AE6B-4CF2-B9AA-BF7C79CB2B2C}" = 20-20 Version 8
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40A6C96D-808E-41DD-8716-617AB6B0F1F1}" = Brother MFL-Pro Suite
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41252F84-7351-4702-B65C-7EE77A62F370}" = 20-20 Version 8
"{5A7B2D2E-3AFA-404D-B1B8-07D78AA8A05C}" = 20-20 Version 8
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.10
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = TIxx21
"{97407E09-4EA8-49F0-A513-2C1776A6DEC0}" = Sentinel Protection Installer 7.2.1
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B79920F8-AB6E-45B2-B257-900BBA969FF7}" = Presto! Forms 3.50.02
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E1785E49-0805-4D98-9CFB-EED4934DE8CD}" = 20-20 Version 8
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E39BF0C7-9F82-403E-ACEC-FA316D1A65F6}" = 20-20 Version 8
"{E43FB20D-0847-4794-B7FC-D5559E04DE5B}" = MRCG Order Form
"{FA69D133-6732-4AB1-91A8-11B752F12AF4}" = KraftMaid Cabinetry, Inc. 20-20 Catalogs.
"{FC8AEEF2-C1CC-42D3-A1DD-6F49AE7563C3}" = KraftMaidOrderForm
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG Free 9.0
"BigFix" = BigFix
"Bricsnet IntelliCAD 2000" = Bricsnet IntelliCAD 2000
"BroadJump Client Foundation" = BroadJump Client Foundation
"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_0460107B" = SoftV92 Data Fax Modem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = Texas Instruments PCIxx21/x515 drivers.
"Lexmark 9300 Series" = Lexmark 9300 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mozy_is1" = MozyHome 1.8.6.21
"PartyPoker" = PartyPoker
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"QuickTime" = QuickTime
"Rainbow Client Activator 2.0 English" = Client Activator 2.0 - English
"RealPlayer 6.0" = RealPlayer Basic
"SBC Yahoo! DSL Activation" = SBC Yahoo! DSL Activation
"SBC.MCCInstall" = AT&T Self Support Tool
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WGA" = Windows Genuine Advantage Validation Tool
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format Runtime
"Yahoo! Applications" = AT&T Yahoo! Applications
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/24/2008 8:35:51 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application ybrowser.exe, version 2006.8.11.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/25/2008 9:10:08 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application design.exe, version 8.0.3.1347, faulting module
mfc71.dll, version 7.10.3077.0, fault address 0x000358a5.
Error - 11/25/2008 9:10:42 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application design.exe, version 8.0.3.1347, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/4/2009 4:02:13 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application pi.exe, version 11.0.422.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 3/24/2009 5:51:30 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application design.exe, version 8.0.3.1347, faulting module
coretevent.dll, version 8.0.3.1347, fault address 0x003f9fd2.
Error - 5/7/2009 5:11:55 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application ybrowser.exe, version 2006.8.11.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/12/2009 7:59:17 PM | Computer Name = KIM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 5/21/2009 6:09:18 PM | Computer Name = KIM | Source = AVG7 | ID = 100
Description =
Error - 6/17/2009 4:53:09 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application ybrowser.exe, version 2006.8.11.1, faulting module
mshtml.dll, version 6.0.2900.3527, fault address 0x00095f3d.
Error - 6/17/2009 5:11:37 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application ybrowser.exe, version 2006.8.11.1, faulting module
mshtml.dll, version 6.0.2900.3527, fault address 0x00095f3d.
[ System Events ]
Error - 12/17/2009 3:56:29 PM | Computer Name = KIM | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00166F26B358. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 12/18/2009 3:20:49 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/19/2009 6:17:35 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/21/2009 3:38:20 PM | Computer Name = KIM | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'avglngx.dll.old' on the volume 'HarddiskVolume1'. It
has stopped monitoring the volume.
Error - 12/21/2009 3:39:25 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/22/2009 3:24:14 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/23/2009 3:29:29 PM | Computer Name = KIM | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'avgcorex.dll.old' on the volume 'HarddiskVolume1'.
It has stopped monitoring the volume.
Error - 12/23/2009 3:30:43 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/23/2009 6:08:31 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/23/2009 6:08:36 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
< End of report >
Here is the link to original message:
http://forums.spybot.info/showthread.php?t=54005
I ran the recommended programs, things seem to be better already. What should I do next?
Many thanks!
here are the logs:
Malwarebytes' Anti-Malware 1.42
Database version: 3418
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
12/23/2009 2:03:36 PM
mbam-log-2009-12-23 (14-03-36).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 251577
Time elapsed: 1 hour(s), 13 minute(s), 33 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 5
Folders Infected: 3
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Guard 2009 (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Personal Guard 2009 (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sigivufuf (Trojan.Vundo.H) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe logon.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1bbd8cfa-b4f0-4c8b-8b49-6f80213e3c18}\NameServer (Trojan.DNSChanger) -> Data: 83.149.115.182 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{649f5fd6-5fef-48a4-a19e-622d6ad9ee8e}\NameServer (Trojan.DNSChanger) -> Data: 83.149.115.182 -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\Personal Guard 2009 (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\Personal Guard 2009\q (Rogue.PersonalGuard2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Microsoft AData (Rogue.SmartProtector) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\neweyoko.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP554\A0057251.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP555\A0057302.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\logon.exe (Worm.Emold) -> Delete on reboot.
C:\Documents and Settings\All Users\Microsoft AData\t.sid (Rogue.SmartProtector) -> Quarantined and deleted successfully.
C:\WINDOWS\certSystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Microsoftdef.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\regred.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\securits.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\spoov.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\usExplorer.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
OTL logfile created on: 12/23/2009 2:11:55 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 528.00 Mb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.68 Gb Total Space | 48.98 Gb Free Space | 72.37% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 5.08 Gb Free Space | 74.35% Space Free | Partition Type: FAT32
Drive E: | 287.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KIM
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\MozyHome\mozystat.exe ()
PRC - C:\Program Files\MozyHome\mozybackup.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\2020V8\Mswin\60\SCBar.Exe (MKS Informatique)
PRC - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
PRC - C:\Program Files\Lexmark 9300 Series\lxcqmon.exe ()
PRC - C:\WINDOWS\system32\lxcqcoms.exe ( )
PRC - C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Yahoo!\browser\ycommon.exe (Yahoo!, Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\Brmfrmps.exe (Brother Industries, Ltd.)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (mozybackup) -- C:\Program Files\MozyHome\mozybackup.exe ()
SRV - (lxcq_device) -- C:\WINDOWS\System32\lxcqcoms.exe ( )
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (brmfrmps) -- C:\WINDOWS\System32\Brmfrmps.exe (Brother Industries, Ltd.)
SRV - (Brother XP spl Service) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
========== Driver Services (SafeList) ==========
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Cdr4_xp) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys (Roxio)
DRV - (mozyFilter) -- C:\WINDOWS\system32\drivers\mozy.sys (Mozy, Inc.)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (Sentinel) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)
DRV - (SNTNLUSB) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (SafeNet, Inc.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (Cdralw2k) -- C:\WINDOWS\system32\drivers\cdralw2k.sys (Roxio)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camchal.sys (Conexant Systems Inc.)
DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camcaud.sys (Conexant Systems Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (mdmxsdk) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (mxnic) -- C:\WINDOWS\system32\drivers\mxnic.sys (Macronix International Co., Ltd. )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [Lexmark 9300 Series Fax Server] C:\Program Files\Lexmark 9300 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCQCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcqmon.exe] C:\Program Files\Lexmark 9300 Series\lxcqmon.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\20-20 Shortcut Bar.lnk = C:\2020V8\Mswin\60\SCBar.Exe (MKS Informatique)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (c:\windows\system32\huzaweli.dll) - C:\WINDOWS\System32\huzaweli.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\litinika.dll) - C:\WINDOWS\System32\litinika.dll File not found
O20 - AppInit_DLLs: (vusiluya.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\fiyamepe.dll) - C:\WINDOWS\System32\fiyamepe.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O21 - SSODL: bezaweget - {77e15052-7b5a-4d4e-b5f5-e1837aa36758} - C:\WINDOWS\System32\huzaweli.dll File not found
O21 - SSODL: nelebosog - {f17ff03e-41e1-4fbe-90cb-fa1981236e2c} - C:\WINDOWS\System32\fiyamepe.dll File not found
O21 - SSODL: SysNet - {0D88706E-E18A-4D92-A316-2C924EC1B75C} - C:\Documents and Settings\All Users\Microsoft AData\sysnet.dll File not found
O21 - SSODL: vuheborud - {512c48b8-d21c-4920-ae10-97341d325234} - C:\WINDOWS\System32\litinika.dll File not found
O22 - SharedTaskScheduler: {512c48b8-d21c-4920-ae10-97341d325234} - kupuhivus - C:\WINDOWS\System32\litinika.dll File not found
O22 - SharedTaskScheduler: {77e15052-7b5a-4d4e-b5f5-e1837aa36758} - mujuzedij - C:\WINDOWS\System32\huzaweli.dll File not found
O22 - SharedTaskScheduler: {f17ff03e-41e1-4fbe-90cb-fa1981236e2c} - mujuzedij - C:\WINDOWS\System32\fiyamepe.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/09 17:13:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 13:15:24 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/06/09 12:29:29 | 00,000,027 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2009/12/23 14:10:54 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/12/23 12:42:35 | 04,844,264 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/12/08 14:07:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/08 14:06:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/08 14:05:45 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\My Documents\HijackThisInstaller.exe
[2009/12/08 14:01:57 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/07 12:00:59 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/12/07 12:00:08 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/11/06 15:45:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/04/28 11:17:49 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCQhcp.dll
[2009/04/28 11:17:48 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqinpa.dll
[2009/04/28 11:17:47 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqiesc.dll
[2009/04/28 11:17:46 | 01,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqserv.dll
[2009/04/28 11:17:46 | 00,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqusb1.dll
[2009/04/28 11:17:45 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpmui.dll
[2009/04/28 11:17:45 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqlmpm.dll
[2009/04/28 11:17:45 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqprox.dll
[2009/04/28 11:17:45 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpplc.dll
[2009/04/28 11:17:43 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqhbn3.dll
[2009/04/28 11:17:42 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomm.dll
[2009/04/28 11:17:41 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomc.dll
[2008/02/27 14:19:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/02/27 14:19:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/02/27 14:19:16 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/12/18 13:47:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2007/12/18 13:47:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2007/11/20 12:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\yahoo!
[2006/08/18 20:15:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/06/02 02:13:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[5 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/12/23 14:10:57 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/12/23 14:07:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/23 14:06:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/23 14:05:22 | 05,242,880 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2009/12/23 14:05:22 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2009/12/23 14:05:11 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\xoudbsqf.job
[2009/12/23 14:05:11 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\ngiyxscn.job
[2009/12/23 14:05:11 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\dihjeyjn.job
[2009/12/23 13:13:48 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2BF702A0-C08D-4728-93F3-9B07EACAFAAD}.job
[2009/12/23 12:42:35 | 04,844,264 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/12/23 11:33:50 | 46,946,585 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/23 11:29:05 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/22 11:27:12 | 00,127,709 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/16 17:14:18 | 00,034,486 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2009/12/08 14:07:04 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\HijackThis.lnk
[2009/12/08 14:05:45 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\My Documents\HijackThisInstaller.exe
[2009/12/08 14:02:21 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/12/08 14:02:01 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ERUNT.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/02 11:56:49 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\tojufuze
[5 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/12/08 14:07:04 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\HijackThis.lnk
[2009/12/08 14:02:21 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/12/08 14:02:01 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ERUNT.lnk
[2009/12/01 11:14:44 | 00,000,296 | ---- | C] () -- C:\WINDOWS\tasks\ngiyxscn.job
[2009/04/28 11:23:56 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcqvs.dll
[2009/04/28 11:23:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcqcoin.dll
[2009/04/28 11:23:25 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcqcaps.dll
[2009/04/28 11:23:24 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcqdrs.dll
[2009/04/28 11:23:24 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcqcnv4.dll
[2009/04/28 11:18:52 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lxcqpmon.dll
[2009/04/28 11:18:52 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCQFXPU.DLL
[2009/04/28 11:18:03 | 00,000,031 | ---- | C] () -- C:\WINDOWS\System32\lxcqrwrd.ini
[2009/04/28 11:17:49 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCQinst.dll
[2009/04/28 11:17:43 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxcqgrd.dll
[2008/09/15 16:14:24 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/15 16:11:10 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/01/28 15:32:00 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/12/07 16:03:50 | 00,010,240 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/12 21:19:03 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/07/10 13:32:53 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/07/10 13:31:27 | 00,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2007/07/10 13:31:06 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/04/12 12:57:01 | 00,327,680 | ---- | C] () -- C:\WINDOWS\System32\SmaRTEng.dll
[2007/04/07 12:20:52 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2006/06/14 19:39:43 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/06/14 18:17:43 | 00,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/06/14 18:17:43 | 00,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2006/06/14 18:17:12 | 00,034,486 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2006/06/12 18:22:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006/06/12 16:47:42 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2006/06/12 16:36:54 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2006/06/12 16:02:34 | 00,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2006/06/12 16:02:34 | 00,000,234 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2006/06/12 16:02:34 | 00,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2006/06/12 16:02:34 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/06/12 15:59:36 | 00,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2006/06/01 07:36:19 | 00,000,067 | ---- | C] () -- C:\WINDOWS\rprtvwr.ini
[2006/04/25 09:20:07 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/05 21:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/07 12:53:18 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2005/01/12 09:38:00 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/09 15:49:16 | 00,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/09 15:49:16 | 00,000,521 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2002/03/04 09:16:34 | 00,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
< End of report >
OTL Extras logfile created on: 12/23/2009 2:11:55 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 528.00 Mb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.68 Gb Total Space | 48.98 Gb Free Space | 72.37% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 5.08 Gb Free Space | 74.35% Space Free | Partition Type: FAT32
Drive E: | 287.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KIM
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\PROGRA~1\INTERN~1\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\PROGRA~1\INTERN~1\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\PROGRA~1\INTERN~1\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YPAGER.EXE" = C:\Program Files\Yahoo!\Messenger\YPAGER.EXE:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\yserver.exe" = C:\Program Files\Yahoo!\Messenger\yserver.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Lexmark 9300 Series\LXCQlpx.exe" = C:\Program Files\Lexmark 9300 Series\LXCQlpx.exe:*:Enabled:Lexmark Productivity Suite -- ()
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\1145986384\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1145986384\EE\AOLServiceHost.exe:*:Disabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Disabled:AOLTopSpeed -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Disabled:AOLTsMon -- File not found
"C:\2020V8\Mswin\60\design.exe" = C:\2020V8\Mswin\60\design.exe:*:Enabled:Design -- (20-20 Technologies Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\WINDOWS\system32\lxcqcoms.exe" = C:\WINDOWS\system32\lxcqcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0605656D-AA3F-4723-9E2D-527507F39C9B}" = 20-20 Version 8
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{1727CD47-A408-11d2-AFAD-00C04F72FB3E}" = VBA (2720)
"{178546CA-51FD-468B-B8B4-9629D457BE09}" = 20-20 Version 8
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FAC640E-FFD6-4AA2-A26D-5500E433A29C}" = 20-20 Version 8
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2b02f822-a9b9-458c-80e5-3ea8c0de8471}" = QuickBooks Pro Edition 2004
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A62D394-59E0-4304-93EA-493481A321F2}" = 20-20 Version 8
"{3D387C36-AE6B-4CF2-B9AA-BF7C79CB2B2C}" = 20-20 Version 8
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40A6C96D-808E-41DD-8716-617AB6B0F1F1}" = Brother MFL-Pro Suite
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41252F84-7351-4702-B65C-7EE77A62F370}" = 20-20 Version 8
"{5A7B2D2E-3AFA-404D-B1B8-07D78AA8A05C}" = 20-20 Version 8
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.10
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = TIxx21
"{97407E09-4EA8-49F0-A513-2C1776A6DEC0}" = Sentinel Protection Installer 7.2.1
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B79920F8-AB6E-45B2-B257-900BBA969FF7}" = Presto! Forms 3.50.02
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E1785E49-0805-4D98-9CFB-EED4934DE8CD}" = 20-20 Version 8
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E39BF0C7-9F82-403E-ACEC-FA316D1A65F6}" = 20-20 Version 8
"{E43FB20D-0847-4794-B7FC-D5559E04DE5B}" = MRCG Order Form
"{FA69D133-6732-4AB1-91A8-11B752F12AF4}" = KraftMaid Cabinetry, Inc. 20-20 Catalogs.
"{FC8AEEF2-C1CC-42D3-A1DD-6F49AE7563C3}" = KraftMaidOrderForm
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG Free 9.0
"BigFix" = BigFix
"Bricsnet IntelliCAD 2000" = Bricsnet IntelliCAD 2000
"BroadJump Client Foundation" = BroadJump Client Foundation
"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_0460107B" = SoftV92 Data Fax Modem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = Texas Instruments PCIxx21/x515 drivers.
"Lexmark 9300 Series" = Lexmark 9300 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mozy_is1" = MozyHome 1.8.6.21
"PartyPoker" = PartyPoker
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"QuickTime" = QuickTime
"Rainbow Client Activator 2.0 English" = Client Activator 2.0 - English
"RealPlayer 6.0" = RealPlayer Basic
"SBC Yahoo! DSL Activation" = SBC Yahoo! DSL Activation
"SBC.MCCInstall" = AT&T Self Support Tool
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WGA" = Windows Genuine Advantage Validation Tool
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format Runtime
"Yahoo! Applications" = AT&T Yahoo! Applications
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/24/2008 8:35:51 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application ybrowser.exe, version 2006.8.11.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/25/2008 9:10:08 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application design.exe, version 8.0.3.1347, faulting module
mfc71.dll, version 7.10.3077.0, fault address 0x000358a5.
Error - 11/25/2008 9:10:42 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application design.exe, version 8.0.3.1347, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/4/2009 4:02:13 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application pi.exe, version 11.0.422.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 3/24/2009 5:51:30 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application design.exe, version 8.0.3.1347, faulting module
coretevent.dll, version 8.0.3.1347, fault address 0x003f9fd2.
Error - 5/7/2009 5:11:55 PM | Computer Name = KIM | Source = Application Hang | ID = 1002
Description = Hanging application ybrowser.exe, version 2006.8.11.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/12/2009 7:59:17 PM | Computer Name = KIM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 5/21/2009 6:09:18 PM | Computer Name = KIM | Source = AVG7 | ID = 100
Description =
Error - 6/17/2009 4:53:09 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application ybrowser.exe, version 2006.8.11.1, faulting module
mshtml.dll, version 6.0.2900.3527, fault address 0x00095f3d.
Error - 6/17/2009 5:11:37 PM | Computer Name = KIM | Source = Application Error | ID = 1000
Description = Faulting application ybrowser.exe, version 2006.8.11.1, faulting module
mshtml.dll, version 6.0.2900.3527, fault address 0x00095f3d.
[ System Events ]
Error - 12/17/2009 3:56:29 PM | Computer Name = KIM | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00166F26B358. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 12/18/2009 3:20:49 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/19/2009 6:17:35 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/21/2009 3:38:20 PM | Computer Name = KIM | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'avglngx.dll.old' on the volume 'HarddiskVolume1'. It
has stopped monitoring the volume.
Error - 12/21/2009 3:39:25 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/22/2009 3:24:14 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/23/2009 3:29:29 PM | Computer Name = KIM | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'avgcorex.dll.old' on the volume 'HarddiskVolume1'.
It has stopped monitoring the volume.
Error - 12/23/2009 3:30:43 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/23/2009 6:08:31 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1058
Error - 12/23/2009 6:08:36 PM | Computer Name = KIM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
< End of report >