Alright, I wasn't sure if you would prefer for me to post this to a new thread or keep it here, but if you would like me to move it to a new thread, just let me know. Following are the generated logs from Malwarebytes Anti-Malware, OTL, Security Check, and ESET Online Scan:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8111
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
11/8/2011 10:19:39 PM
mbam-log-2011-11-08 (22-19-38).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 319898
Time elapsed: 11 hour(s), 1 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 11/15/2011 2:05:30 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Justin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.32 Mb Total Physical Memory | 356.37 Mb Available Physical Memory | 39.89% Memory free
2.09 Gb Paging File | 1.05 Gb Available in Paging File | 50.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 101.71 Gb Total Space | 16.38 Gb Free Space | 16.10% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.32 Gb Free Space | 53.20% Space Free | Partition Type: NTFS
Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011/11/07 21:28:26 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/10/12 10:45:34 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2011/07/29 07:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/01/06 20:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
PRC - [2010/01/06 20:07:00 | 000,124,240 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2010/01/06 20:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2010/01/06 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
PRC - [2010/01/06 20:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2010/01/06 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
PRC - [2009/04/10 23:28:12 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/03/14 19:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2008/03/14 19:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2008/03/14 19:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2008/03/14 19:00:00 | 000,091,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011/10/30 20:57:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/08/19 10:33:19 | 000,516,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/07/29 07:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 07:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/06/03 18:35:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2005/08/23 06:38:16 | 003,264,512 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/10/30 14:14:23 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/06/28 10:33:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/06 20:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe -- (McShield)
SRV - [2010/01/06 20:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2010/01/06 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe -- (McTaskManager)
SRV - [2010/01/06 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe -- (McAfeeEngineService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/03/14 19:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2008/01/19 15:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/16 02:25:22 | 000,248,416 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011/11/07 21:30:20 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_32301.sys -- (RapportCerberus_32301)
DRV - [2011/11/07 21:28:40 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/11/07 21:28:38 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/11/02 07:49:21 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\39772986.sys -- (39772986)
DRV - [2011/08/19 10:33:15 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2011/08/18 15:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/08/18 15:25:12 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/12/02 22:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/05/11 02:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/18 02:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/06 20:07:00 | 000,343,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/01/06 20:07:00 | 000,091,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/01/06 20:07:00 | 000,075,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/01/06 20:07:00 | 000,066,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/01/06 20:07:00 | 000,064,208 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2010/01/06 20:07:00 | 000,043,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/06/03 21:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/06/03 21:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006/11/02 15:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.pugetsound.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.pugetsound.edu%2fowa%2f
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.nytimes.com/|https://webmail.pugetsound.edu/exchweb/bin/auth/owalogon.asp?url=https://webmail.pugetsound.edu/Exchange/&reason=0&replaceCurrent=1"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/15 07:41:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/15 07:41:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/11 13:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/19 15:08:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.15\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/11/04 23:40:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.15\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/09/19 15:08:07 | 000,000,000 | ---D | M]
[2011/03/09 21:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions
[2011/03/09 21:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/12/04 10:36:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2lx9ljnx.default\extensions
[2010/08/29 10:16:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2lx9ljnx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/04 10:36:37 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2lx9ljnx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/09/01 11:05:50 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2lx9ljnx.default\extensions\foxyproxy@eric.h.jung
[2011/09/29 07:57:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\rcbxb7cc.Justin\extensions
[2010/12/04 11:12:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\rcbxb7cc.Justin\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/10 11:39:00 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\rcbxb7cc.Justin\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/11/11 13:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/29 08:39:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/29 13:27:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/11/11 13:18:12 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/06 20:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/07 19:31:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/11 13:18:14 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/02/18 02:15:24 | 000,622,039 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com #[server down?]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16422 more lines...
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [nusbantivirus] C:\Program Files\Naevius USB Antivirus\usbantivirus.exe ()
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39772986.lnk = File not found
O4 - Startup: C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69508811.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 202.201.106.7 202.201.106.8 202.201.106.9 202.201.89.131 202.201.0.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06602900-9722-4E05-B06F-7793462CC5C1}: DhcpNameServer = 202.201.106.7 202.201.106.8 202.201.106.9 202.201.89.131 202.201.0.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{973D89AB-DECB-46A9-ACA2-6356708703CF}: DhcpNameServer = 202.201.106.7 202.201.106.8 202.201.106.9 202.201.89.131 202.201.0.132
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 05:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/11/07 21:28:38 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2011/11/06 14:13:10 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/04 12:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2011/11/04 12:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/11/04 12:11:04 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Justin\Desktop\HJTInstall.exe
[2011/11/03 13:00:12 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\39772986.sys
[2011/11/01 15:16:41 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\f-secure
[2011/10/29 13:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/10/29 13:27:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/10/29 13:27:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/10/29 13:27:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[1 C:\Users\Justin\Documents\*.tmp files -> C:\Users\Justin\Documents\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/11/15 13:52:06 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-263065739-974920414-1317667849-1000UA.job
[2011/11/15 13:35:26 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/15 13:35:26 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/15 12:48:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/15 07:45:50 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/15 07:45:50 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 14:52:24 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-263065739-974920414-1317667849-1000Core.job
[2011/11/13 10:26:10 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/11/13 10:25:18 | 935,395,328 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2011/11/07 04:54:45 | 000,000,204 | ---- | M] () -- C:\Windows\System32\C
[2011/11/06 14:13:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/04 12:14:29 | 000,001,876 | ---- | M] () -- C:\Users\Justin\Desktop\HijackThis.lnk
[2011/11/04 12:11:39 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Justin\Desktop\HJTInstall.exe
[2011/11/03 13:05:50 | 000,000,806 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39772986.lnk
[2011/11/02 07:49:21 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\39772986.sys
[2011/10/30 10:26:02 | 000,000,806 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69508811.lnk
[1 C:\Users\Justin\Documents\*.tmp files -> C:\Users\Justin\Documents\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/11/11 07:35:05 | 935,395,328 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/04 12:14:29 | 000,001,876 | ---- | C] () -- C:\Users\Justin\Desktop\HijackThis.lnk
[2011/11/03 13:05:50 | 000,000,806 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39772986.lnk
[2011/10/30 10:26:02 | 000,000,806 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69508811.lnk
[2011/06/19 01:12:22 | 000,468,264 | ---- | C] () -- C:\Users\Justin\AppData\Local\census.cache
[2011/06/19 01:11:25 | 000,178,482 | ---- | C] () -- C:\Users\Justin\AppData\Local\ars.cache
[2011/06/16 13:32:34 | 000,000,036 | ---- | C] () -- C:\Users\Justin\AppData\Local\housecall.guid.cache
[2011/05/18 10:15:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pngfilt.dll
[2011/05/13 14:35:54 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/05/13 14:35:54 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/02/20 12:01:22 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011/02/20 12:01:22 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011/02/20 12:01:21 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011/02/20 00:34:40 | 000,037,403 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011/02/18 17:26:34 | 000,055,474 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010/10/22 12:32:56 | 000,000,680 | ---- | C] () -- C:\Users\Justin\AppData\Local\d3d9caps.dat
[2010/10/05 19:11:40 | 000,000,091 | ---- | C] () -- C:\Windows\CIV.INI
[2010/08/16 20:30:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/08/16 20:29:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\WMVSDECD.DLL
[2010/08/16 20:29:06 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/06/30 11:18:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/06/28 15:07:09 | 000,028,672 | ---- | C] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/28 14:13:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/18 19:07:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\NlsLexicons0013.dll
[2010/06/18 19:05:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\NlsData000c.dll
[2010/06/14 10:43:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/06/03 18:02:02 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/04/29 12:09:10 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/03/06 15:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007/12/10 08:00:00 | 000,430,080 | ---- | C] () -- C:\Windows\System32\ZSHP1018.EXE
[2006/11/02 20:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 20:47:37 | 000,397,768 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 20:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 18:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 18:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 18:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 18:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 18:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 16:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 16:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 15:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 15:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/08/27 17:27:23 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\.anki
[2011/08/27 10:32:07 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\.matplotlib
[2011/02/17 23:02:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DAEMON Tools Lite
[2011/11/01 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\f-secure
[2010/10/08 21:06:30 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\mplayer
[2010/08/20 10:07:12 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\OpenOffice.org
[2011/03/09 21:47:31 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Thunderbird
[2011/05/24 12:08:38 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Trusteer
[2011/11/13 08:15:35 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011/10/23 11:11:20 | 000,000,216 | ---- | M] ()(C:\Windows\System32\?;Ä;) -- C:\Windows\System32\;Ä;
[2011/10/23 11:11:06 | 000,000,216 | ---- | C] ()(C:\Windows\System32\?;Ä;) -- C:\Windows\System32\;Ä;
[2011/09/29 10:42:12 | 000,030,720 | ---- | M] ()(C:\Users\Justin\Documents\?????????(??).doc2010.9.doc) -- C:\Users\Justin\Documents\.doc2010.9.doc
[2011/09/29 10:25:26 | 000,030,720 | ---- | C] ()(C:\Users\Justin\Documents\?????????(??).doc2010.9.doc) -- C:\Users\Justin\Documents\.doc2010.9.doc
[2011/06/24 00:09:49 | 000,000,208 | ---- | M] ()(C:\Windows\System32\?ü??) -- C:\Windows\System32\ü
[2011/06/24 00:08:56 | 000,000,208 | ---- | C] ()(C:\Windows\System32\?ü??) -- C:\Windows\System32\ü
[2011/01/03 16:35:16 | 000,022,528 | ---- | M] ()(C:\Users\Justin\Documents\???.doc) -- C:\Users\Justin\Documents\.doc
[2011/01/03 16:35:14 | 000,022,528 | ---- | C] ()(C:\Users\Justin\Documents\???.doc) -- C:\Users\Justin\Documents\.doc
[2010/08/31 17:20:49 | 000,000,030 | ---- | M] ()(C:\Windows\System32\?ñ?ñ) -- C:\Windows\System32\ññ
[2010/08/31 17:20:49 | 000,000,030 | ---- | C] ()(C:\Windows\System32\?ñ?ñ) -- C:\Windows\System32\ññ
OTL Extras logfile created on: 10/12/2011 10:54:16 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Justin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.32 Mb Total Physical Memory | 436.34 Mb Available Physical Memory | 48.84% Memory free
2.00 Gb Paging File | 1.33 Gb Available in Paging File | 66.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 101.71 Gb Total Space | 17.81 Gb Free Space | 17.51% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.32 Gb Free Space | 53.20% Space Free | Partition Type: NTFS
Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05193EA5-3653-4053-95BF-2A68CF2447D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{0AA3E994-D918-4EDD-97A8-745B6ED259C9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{338BBF26-0AB9-47D0-A910-5FC97CB1C4CB}" = rport=138 | protocol=17 | dir=out | app=system |
"{3A872738-79A5-4BE7-83F5-4BF668EE6E9F}" = rport=445 | protocol=6 | dir=out | app=system |
"{455C4031-A8A5-4ACC-9E4C-33D9072CE96B}" = lport=138 | protocol=17 | dir=in | app=system |
"{5CEDC9AC-A314-40D3-A992-A9716A40D682}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6054D3D5-2E95-4C5F-8612-972DFC3624FE}" = lport=139 | protocol=6 | dir=in | app=system |
"{9BC59D1A-518F-4749-82E7-3F655A250499}" = lport=137 | protocol=17 | dir=in | app=system |
"{D877F81F-82D1-45F9-9750-E369A41B5B67}" = lport=445 | protocol=6 | dir=in | app=system |
"{EFFD4615-D87B-452F-B1BE-70C75518E86F}" = rport=139 | protocol=6 | dir=out | app=system |
"{FF5F909B-DD6C-436F-A16B-1E492948F3F9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{33EAFF10-585A-41FD-8A52-A44F869E95D5}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{378CE52D-4234-4119-9954-3E3BB1CD3D51}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3AAE7CF5-3A40-408D-83DD-B141A12EBA1B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3ECA9BE2-B82B-40C2-8C71-CD450FDFA2FA}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{410D5A8B-956E-443A-AF81-38A81A06491F}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{49314C6A-EA02-414D-8CC0-BA281ED0BC70}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{4E5AFE4F-EC9B-47B0-862A-B9D7061C49D0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6DDADB72-4286-49D1-B49E-C9EBAE1EADD7}" = protocol=6 | dir=in | app=c:\users\justin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{738A5CD7-548F-480B-BBEE-8C8040E0FD72}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7A817419-6D02-49E5-8E56-90ADD999D31A}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{7B76EB7C-EBDC-490E-80DB-FA6DF716D831}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{7CA60ED2-4719-4B58-9DBB-929BF4D82992}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{85DC8EF8-48C1-432A-9276-61129E305F58}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{86FA76F7-9FF0-4886-B540-9B1BCB736AC6}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{8D93471A-93FC-405A-B71D-EB11AE2A2BB0}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{9354CE64-7D08-4F66-B2E1-A7123518518C}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{95EAB2C3-48A9-4061-B6B6-D0A3C470112F}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{9C9F7BB2-3C93-4FE9-8ED4-82AD4767F566}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{A091ED34-1C10-4996-9B6C-E8511011ED8D}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{A2957EF2-3413-4551-B6B0-11033A01AD78}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7959C31-F8D8-4DB1-A392-099BD2AFC836}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A7EDC0E4-F726-4C63-945B-4147F04085C2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B284C70D-E30A-435A-9AE4-9FFB3AC5A344}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{B35E2C1A-F02F-4977-8708-A1F2D84FD669}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B36EAC77-6BD7-4930-9ED9-18E367029DA8}" = protocol=17 | dir=in | app=c:\users\justin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{B59CB5C8-CA67-400F-821E-70D26847FF8C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C3633331-307C-45F6-8540-6B3A3A0BC455}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C378691E-2E57-4339-A443-40D838F874B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E53E8A80-6130-473F-B3FA-785BA3E6B52D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB18AAF5-4C58-4CEF-9063-A478AD271185}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F7279600-B75D-45DD-9109-74F5FDCCAA23}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{DEA72CEF-3BC3-4370-9A63-4978B8201CE0}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{2C2D8C19-BD7B-486C-A8A2-E3D19A665D2C}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23170F69-40C1-2701-0920-000001000000}" = 7-Zip 9.20
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD
"{385DD1DD-65AA-408D-8E70-74601C2DB7E6}" = Ad-Aware
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype 5.3
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A638557B-1F13-40A0-9627-C892FBCA6960}" = McAfee Agent
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Anki" = Anki
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"McAfee Anti-Spyware Enterprise Module" = McAfee AntiSpyware Enterprise Module
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"ÖÐÊÀ½ç2£È«ÃæÕ½Õù_is1" = ÖÐÊÀ½ç2£È«ÃæÕ½Õù
"Rapport_msi" = Rapport
"Warcraft III" = Warcraft III
"WebWasher" = WebWasher
"YTdetect" = Yahoo! Detect
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 10/8/2011 10:53:35 AM | Computer Name = Justin-PC | Source = McLogEvent | ID = 259
Description = The scan found detections. Scan engine version 5400.1158 DAT version
6492.
Error - 10/9/2011 5:12:16 AM | Computer Name = Justin-PC | Source = Application Error | ID = 1000
Description = Faulting application vstskmgr.exe, version 8.7.0.810, time stamp 0x4b3d15d1,
faulting module msvcrt.dll, version 7.0.6002.18005, time stamp 0x49e0379e, exception
code 0xc0000005, fault offset 0x000136c9, process id 0x7b8, application start time
0x01cc864c148c5ece.
Error - 10/9/2011 5:38:11 AM | Computer Name = Justin-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3324 (0xcfc) Thread address : 0x772F5CA4 Thread message : Build VSCORE.14.1.0.524
/ 5400.1158 Object being scanned = \Device\HarddiskVolume3\Windows\SoftwareDistribution\DataStore\DataStore.edb
by C:\Windows\system32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 10/9/2011 5:38:11 AM | Computer Name = Justin-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3304 (0xce8) Thread address : 0x772F5CA4 Thread message : Build VSCORE.14.1.0.524
/ 5400.1158 Object being scanned = \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\user\conf\352923\fsmmgmt2_var_0.tssvm.data
by C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe 4(0)(0) 4(0)(0)
7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 10/10/2011 2:05:36 AM | Computer Name = Justin-PC | Source = Application Error | ID = 1000
Description = Faulting application AAWService.exe, version 9.0.0.0, time stamp 0x4e5ccf66,
faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception
code 0xc0000005, fault offset 0x00066579, process id 0x6a0, application start time
0x01cc864c10bd472c.
Error - 10/10/2011 2:06:55 AM | Computer Name = Justin-PC | Source = Application Hang | ID = 1002
Description = The program Ad-Aware.exe version 9.0.0.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 10d4 Start Time: 01cc870062fe825d Termination Time: 534
Error - 10/10/2011 10:40:52 PM | Computer Name = Justin-PC | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 7.0.1.4288, time stamp 0x4e83b93a,
faulting module RapportUtil.dll, version 3.5.1105.59, time stamp 0x4e7f4c2a, exception
code 0xc0000005, fault offset 0x00159309, process id 0x8d4, application start time
0x01cc8653d2ff2551.
Error - 10/11/2011 5:26:39 AM | Computer Name = Justin-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2736 (0xab0) Thread address : 0x77645CA4 Thread message : Build VSCORE.14.1.0.524
/ 5400.1158 Object being scanned = \Device\HarddiskVolume3\ProgramData\McAfee\Common
Framework\Current\BOCVSE__1000\BocDet_VSE.McS by C:\Program Files\McAfee\Common
Framework\McScript_InUse.exe 4(1079)(0) 4(1079)(0) 7200(1079)(0) 7595(1079)(0)
7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 10/11/2011 5:27:03 AM | Computer Name = Justin-PC | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 5 seconds;
Error - 10/11/2011 9:59:07 AM | Computer Name = Justin-PC | Source = Application Hang | ID = 1002
Description = The program mbam-setup-1.51.2.1300.tmp version 51.52.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 88c Start Time: 01cc87d1bd27d956 Termination Time: 331
[ System Events ]
Error - 10/11/2011 12:08:40 AM | Computer Name = Justin-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 10/11/2011 2:35:22 AM | Computer Name = Justin-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 219.246.173.121. The computer with the IP address 219.246.173.69
did not allow the name to be claimed by this computer.
Error - 10/11/2011 2:35:27 AM | Computer Name = Justin-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 219.246.173.121. The computer with the IP address 219.246.173.69
did not allow the name to be claimed by this computer.
Error - 10/11/2011 2:40:39 AM | Computer Name = Justin-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 219.246.173.121. The computer with the IP address 219.246.173.69
did not allow the name to be claimed by this computer.
Error - 10/11/2011 2:41:27 AM | Computer Name = Justin-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 219.246.173.121. The computer with the IP address 219.246.173.69
did not allow the name to be claimed by this computer.
Error - 10/11/2011 2:46:39 AM | Computer Name = Justin-PC | Source = BROWSER | ID = 8009
Description =
Error - 10/11/2011 2:46:39 AM | Computer Name = Justin-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 219.246.173.121. The computer with the IP address 219.246.173.69
did not allow the name to be claimed by this computer.
Error - 10/11/2011 5:27:35 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 10/11/2011 3:39:30 PM | Computer Name = Justin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 10/11/2011 8:22:04 PM | Computer Name = Justin-PC | Source = DCOM | ID = 10010
Description =
Results of screen317's Security Check version 0.99.24
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
[u]Antivirus/Firewall Check:[/u]
Windows Firewall Enabled!
ESET Online Scanner v3
McAfee VirusScan Enterprise
McAfee AntiSpyware Enterprise Module
McAfee Agent
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
[u]Anti-malware/Other Utilities Check:[/u]
Ad-Aware
MVPS Hosts File
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java(TM) 6 Update 29
Adobe Flash Player 11.0.1.152
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..)
Mozilla Thunderbird (3.1.15) [color=red]Thunderbird Out of Date![/color]
````````````````````````````````
Process Check:
[u]objlist.exe by Laurent[/u]
[color=red]Ad-Aware AAWService.exe is disabled![/color]
[color=red]Ad-Aware AAWTray.exe is disabled![/color]
[color=red]Spybot Teatimer.exe is disabled![/color]
McAfee VirusScan Enterprise engineserver.exe
McAfee VirusScan Enterprise vstskmgr.exe
McAfee VirusScan Enterprise mcshield.exe
McAfee VirusScan Enterprise mfeann.exe
McAfee VirusScan Enterprise shstat.exe
``````````End of Log````````````
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=72160387260fb14f8d8b160a00e42252
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-12 10:57:05
# local_time=2011-10-13 06:57:05 (+0800, China Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 0 155947965 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=170149
# found=0
# cleaned=0
# scan_time=41415
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=72160387260fb14f8d8b160a00e42252
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-29 10:02:53
# local_time=2011-10-29 06:02:53 (+0800, China Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 0 157395531 0 0
# compatibility_mode=8192 67108863 100 0 640972 640972 0 0
# scanned=50937
# found=0
# cleaned=0
# scan_time=16167
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.DLL:pipe not connected. attempts=120
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=72160387260fb14f8d8b160a00e42252
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-29 09:42:26
# local_time=2011-10-30 05:42:26 (+0800, China Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 0 157431517 0 0
# compatibility_mode=8192 67108863 100 0 676958 676958 0 0
# scanned=169938
# found=0
# cleaned=0
# scan_time=22171
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.DLL:pipe not connected. attempts=120
esets_scanner_update returned -1 esets_gle=12
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=72160387260fb14f8d8b160a00e42252
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-15 06:39:50
# local_time=2011-11-16 02:39:50 (+0800, China Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 132806 132806 0 0
# compatibility_mode=5892 16776574 100 100 646923 158877202 0 0
# compatibility_mode=8192 67108863 100 0 2122643 2122643 0 0
# scanned=170527
# found=0
# cleaned=0
# scan_time=34337