TheTechGuide Forum
General Category => Tech Clinic => Topic started by: snafu777 on December 14, 2009, 08:10:04 PM
-
My Dell Dimension 8250 with windows xp home edition has practically stopped responding to commands. I try to open applications and the hour glass comes up but it takes forever for the app to launch...please help. Thanks, Mike
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:01:35 PM, on 12/14/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pandora.com/ (http://\"http://pandora.com/\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_12_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil9c.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB (http://\"http://pcpitstop.com/pcpitstop/PCPitStop.CAB\")
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab (http://\"http://www.ipix.com/viewers/ipixx.cab\")
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (http://\"http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab\")
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo2.walgreens.com/WalgreensActivia.cab (http://\"http://photo2.walgreens.com/WalgreensActivia.cab\")
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe (http://\"http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe\")
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab\")
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,7...pdatePortal.cab (http://\"http://www.amiuptodate.com/vsc/bin/1,0,0,7/McUpdatePortal.cab\")
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab (http://\"http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab\")
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab (http://\"http://chat.yahoo.com/cab/yacsui.cab\")
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab (http://\"http://chat.yahoo.com/cab/yuplapp.cab\")
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab (http://\"http://toolbar.google.com/data/GoogleActivate.cab\")
O16 - DPF: {97AFC0D9-660E-4ACE-B025-46FD64AE335A} (EmailImport.EmailImportControl) - http://www.friendster.com/import/emailimport.cab (http://\"http://www.friendster.com/import/emailimport.cab\")
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll\")
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} (Autodesk Express Viewer Control) - http://www.autodesk.com/global/expressview...ViewerSetup.cab (http://\"http://www.autodesk.com/global/expressviewer/installer/ExpressViewerSetup.cab\")
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab\")
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab\")
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab (http://\"http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab\")
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 12349 bytes
-
Download [color=\"#FF0000\"]OTL.exe[/color] (http://\"http://oldtimer.geekstogo.com/OTL.exe\")[/url] by OldTimer to your Desktop.
- Close all windows and double click on OTL.exe to run it
- Click Run Scan and let the program run uninterrupted.
- It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
- You may need to use two posts to get it all.
NOTE: If you have trouble, or an error message trying to post the logs
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"
-
[quote name=\'guestolo\' post=\'466859\' date=\'Dec 14 2009, 08:14 PM\']Download [color=\"#FF0000\"]OTL.exe[/color] (http://\"http://oldtimer.geekstogo.com/OTL.exe\")[/url] by OldTimer to your Desktop.
- Close all windows and double click on OTL.exe to run it
- Click Run Scan and let the program run uninterrupted.
- It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
- You may need to use two posts to get it all.
NOTE: If you have trouble, or an error message trying to post the logs
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"[/quote]
OTL logfile created on: 12/14/2009 8:39:01 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
254.98 Mb Total Physical Memory | 65.43 Mb Available Physical Memory | 25.66% Memory free
664.27 Mb Paging File | 131.58 Mb Available in Paging File | 19.81% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 14.71 Gb Free Space | 19.75% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELLOFFICE
Current User Name: Mike
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]
PRC - [2009/12/14 20:37:55 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2009/12/12 23:55:08 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/02/05 16:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/02/19 11:01:46 | 00,278,528 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
PRC - [2007/06/12 23:47:38 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/03/30 12:34:08 | 25,263,144 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2007/01/15 13:23:48 | 00,344,064 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2006/10/11 11:45:12 | 00,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2006/09/20 07:35:26 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2006/09/19 15:05:32 | 00,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/08/28 17:10:01 | 00,684,032 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
PRC - [2006/05/31 14:08:04 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2005/09/27 06:59:10 | 00,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2005/06/03 02:52:54 | 00,241,775 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
PRC - [2005/06/03 02:52:54 | 00,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
PRC - [2005/05/10 16:04:52 | 00,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
PRC - [2003/10/06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2003/03/31 15:34:14 | 00,282,684 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2003/02/04 08:22:30 | 00,181,312 | ---- | M] () -- C:\WINDOWS\system32\ScsiAccess.EXE
PRC - [2003/01/27 15:40:42 | 00,049,152 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\GEARSEC.EXE
PRC - [2002/09/03 11:35:04 | 00,091,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2002/09/03 11:32:50 | 01,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/08/16 23:41:58 | 00,028,738 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]
MOD - [2009/12/14 20:37:55 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2006/10/04 21:07:12 | 00,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
MOD - [2006/08/25 10:53:52 | 00,925,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1891_x-ww_7d3bbc01\comctl32.dll
MOD - [2002/09/03 12:07:53 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll
MOD - [2002/09/03 11:59:13 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009/12/12 23:55:08 | 00,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/05/12 15:53:29 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2006/02/23 14:45:06 | 00,323,584 | ---- | M] (Apple Computer, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService)
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/09/27 05:19:26 | 00,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2005/08/30 15:00:50 | 00,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/08/30 14:55:18 | 00,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/08/30 14:49:34 | 00,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2003/10/06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/03/31 15:34:14 | 00,282,684 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/02/04 08:22:30 | 00,181,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ScsiAccess.EXE -- (ScsiAccess)
SRV - [2003/01/27 15:40:42 | 00,049,152 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\GEARSEC.EXE -- (GEARSecurity)
[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]
DRV - [2009/02/05 16:08:10 | 00,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 16:07:23 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 16:06:20 | 00,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 16:06:10 | 00,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 16:05:11 | 00,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2006/11/02 16:57:04 | 00,036,624 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/10/04 21:42:42 | 00,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 00,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/08/28 17:10:02 | 00,241,280 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2006/08/28 17:10:02 | 00,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2006/08/28 17:10:02 | 00,144,250 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2006/08/28 17:10:02 | 00,030,662 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2006/08/28 17:10:02 | 00,025,930 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2005/02/23 14:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/02 00:21:04 | 00,014,408 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2003/11/28 11:22:45 | 00,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2003/11/11 20:29:44 | 00,031,680 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin)
DRV - [2003/10/06 14:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/03/31 15:34:14 | 00,134,421 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2003/03/31 15:34:14 | 00,061,568 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2003/03/31 15:34:14 | 00,061,114 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2003/03/31 15:34:14 | 00,036,730 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/03/31 15:34:14 | 00,008,058 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2003/02/21 12:57:56 | 00,037,941 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2002/10/11 10:29:00 | 00,207,936 | R--- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtlsVid.sys -- (EMATCORE)
DRV - [2002/10/11 10:29:00 | 00,025,600 | R--- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtlsAud.sys -- (AtlsAud)
DRV - [2002/09/27 18:56:50 | 00,009,856 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/09/03 11:53:10 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/09/03 11:50:32 | 00,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002/09/03 11:50:32 | 00,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002/09/03 11:50:31 | 00,084,864 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2002/09/03 11:49:27 | 00,038,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2002/06/10 14:20:50 | 00,039,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840)
DRV - [2002/04/30 12:53:08 | 00,139,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [2002/01/24 10:23:40 | 00,013,545 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\STLTRK2K.sys -- (Stltrk2k)
DRV - [2001/08/22 08:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 08:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 08:28:12 | 00,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 08:28:12 | 00,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 08:28:10 | 00,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 08:28:10 | 00,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001/08/17 08:28:10 | 00,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 08:28:08 | 00,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 08:28:06 | 00,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 08:28:06 | 00,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 08:28:06 | 00,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 08:28:04 | 00,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/08/17 07:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel® 82801 Audio Driver Install Service (WDM)
DRV - [1999/09/10 07:06:00 | 00,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (ASPI32)
DRV - [1998/02/26 14:10:28 | 00,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\a4sii300.sys -- (A4SII300)
DRV - [1997/12/09 00:07:16 | 00,003,616 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\as6eio.SYS -- (as6eio)
[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]
[color=\"#E56717\"]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/cs/ymsgr/*http://www.yahoo.com/ext/search/search.html\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com (http://\"http://www.google.com\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pandora.com/ (http://\"http://pandora.com/\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (686 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (IeCaptureBho Object) - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (Google)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_12_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe (Roxio)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe (ArcSoft, Inc.)
O4 - Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Yahoo! Dictionary - C:\Program Files\Yahoo!\Common [2007/07/11 08:57:58 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! Search - C:\Program Files\Yahoo!\Common [2007/07/11 08:57:58 | 00,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: 22 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab (http://\"http://download.microsoft.com/download/8/B/E/8BE028EC-F134-4AA0-84AB-64F76D6B9842/wmsp9dmo.cab\") (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/pcpitstop/PCPitStop.CAB (http://\"http://pcpitstop.com/pcpitstop/PCPitStop.CAB\") (PCPitstop Utility)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (http://\"http://www.ipix.com/viewers/ipixx.cab\") (iPIX ActiveX Control)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (http://\"http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab\") (Yahoo! Audio Conferencing)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB (http://\"http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB\") (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (http://\"http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab\") (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgreens.com/WalgreensActivia.cab (http://\"http://photo2.walgreens.com/WalgreensActivia.cab\") (Snapfish Activia)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe (http://\"http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe\") (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab\") (Reg Error: Key error.)
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} http://www.amiuptodate.com/vsc/bin/1,0,0,7...pdatePortal.cab (http://\"http://www.amiuptodate.com/vsc/bin/1,0,0,7/McUpdatePortal.cab\") (McUpdatePortalFactory Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab (http://\"http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab\") (Groove Control)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (http://\"http://chat.yahoo.com/cab/yacsui.cab\") (Yahoo! Audio UI1)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (http://\"http://chat.yahoo.com/cab/yuplapp.cab\") (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab\") (Java Plug-in 1.5.0_04)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} http://toolbar.google.com/data/GoogleActivate.cab (http://\"http://toolbar.google.com/data/GoogleActivate.cab\") (Reg Error: Key error.)
O16 - DPF: {97AFC0D9-660E-4ACE-B025-46FD64AE335A} http://www.friendster.com/import/emailimport.cab (http://\"http://www.friendster.com/import/emailimport.cab\") (EmailImport.EmailImportControl)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll\") (YahooYMailTo Class)
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} http://www.autodesk.com/global/expressview...ViewerSetup.cab (http://\"http://www.autodesk.com/global/expressviewer/installer/ExpressViewerSetup.cab\") (Autodesk Express Viewer Control)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab\") (YAddBook Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab\") (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab\") (Java Plug-in 1.5.0_04)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (http://\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\") (Shockwave Flash Object)
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab (http://\"http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab\") (EPSImageControl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/24 09:36:47 | 00,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009/12/14 20:37:52 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2009/12/14 20:01:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/11/24 14:51:31 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/03/15 21:43:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2008/03/15 21:35:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\NetMon
[2004/10/22 20:21:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2002/12/24 09:39:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2002/12/24 09:39:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]
[2009/12/14 20:54:00 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/12/14 20:37:55 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2009/12/14 20:01:02 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk
[2009/12/14 19:45:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/14 19:45:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/14 19:45:05 | 26,743,6032 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/14 18:11:35 | 00,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/14 18:11:35 | 00,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/14 18:11:29 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]
[2009/12/14 20:01:02 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk
[2009/02/24 20:15:49 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameE.txt
[2008/09/06 16:35:41 | 00,000,253 | ---- | C] () -- C:\WINDOWS\Creator.INI
[2008/03/15 21:53:55 | 00,000,319 | -HS- | C] () -- C:\WINDOWS\System32\utvwa.ini2
[2008/03/15 21:40:35 | 00,230,060 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini2
[2008/03/15 21:40:30 | 00,290,816 | ---- | C] () -- C:\WINDOWS\System32\vtutr.dll
[2008/03/15 21:35:26 | 00,044,544 | ---- | C] () -- C:\WINDOWS\System32\vtuutqo.dll
[2008/01/06 21:15:45 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/01/06 21:14:59 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/12/02 20:23:11 | 00,004,592 | ---- | C] () -- C:\WINDOWS\System32\MXWIN32.DLL
[2007/08/29 19:21:57 | 00,001,760 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/28 21:01:07 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/08/28 20:59:44 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/08/28 20:57:29 | 00,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2006/11/16 08:51:00 | 00,000,058 | ---- | C] () -- C:\WINDOWS\Tonka_Raceway.INI
[2006/01/27 18:38:16 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2006/01/27 18:38:16 | 00,262,416 | ---- | C] () -- C:\WINDOWS\System32\Asfv2.dll
[2005/02/15 19:47:29 | 00,000,045 | ---- | C] () -- C:\WINDOWS\FHKKGJP.ini
[2005/02/15 19:46:22 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\installer_KAZAAPAL.exe
[2005/02/15 19:45:40 | 00,894,849 | ---- | C] () -- C:\WINDOWS\System32\HyperLinker.exe
[2004/10/20 22:25:02 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\mcldecrypt.dll
[2004/10/15 17:38:14 | 00,000,010 | ---- | C] () -- C:\WINDOWS\smdat32m.sys
[2004/10/15 17:38:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\smdat32a.sys
[2004/08/14 09:09:21 | 00,113,664 | ---- | C] () -- C:\WINDOWS\AS3E32.DLL
[2004/08/14 09:09:21 | 00,000,553 | ---- | C] () -- C:\WINDOWS\INFO32.INI
[2004/08/14 09:09:21 | 00,000,464 | ---- | C] () -- C:\WINDOWS\SUPMINI.INI
[2004/08/14 09:09:20 | 00,003,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\AS6EIO.SYS
[2004/08/14 09:06:21 | 00,934,400 | ---- | C] () -- C:\WINDOWS\LEAD45.DLL
[2004/08/14 09:06:20 | 00,205,824 | ---- | C] () -- C:\WINDOWS\PPLIBMGR.DLL
[2004/08/14 09:05:57 | 01,915,392 | ---- | C] () -- C:\WINDOWS\MGXRDR32.DLL
[2004/02/06 16:33:19 | 00,000,069 | ---- | C] () -- C:\WINDOWS\Morphexe.INI
[2004/02/05 17:24:20 | 00,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI
[2004/02/05 16:53:16 | 00,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2004/02/05 16:51:42 | 00,005,187 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2004/01/15 11:46:19 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\dm.ini
[2003/12/04 13:57:02 | 00,355,840 | ---- | C] () -- C:\WINDOWS\winctl32.dll
[2003/11/16 10:08:58 | 00,001,708 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/11/11 20:02:01 | 00,000,056 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/10/06 14:16:00 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/15 11:30:10 | 00,000,383 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2003/05/26 14:21:20 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\KazaaSocks.dll
[2003/05/03 08:54:36 | 00,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2003/03/30 13:16:33 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2003/03/30 13:15:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2003/01/18 16:29:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MADCCS.INI
[2003/01/18 16:29:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MADCCF.INI
[2003/01/18 16:29:07 | 00,000,061 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2003/01/09 13:18:23 | 00,000,757 | ---- | C] () -- C:\WINDOWS\FA128.INI
[2002/12/29 18:24:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2002/12/29 00:56:35 | 00,145,408 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/12/27 08:38:41 | 00,001,945 | ---- | C] () -- C:\WINDOWS\disney.ini
[2002/12/24 10:28:54 | 00,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/05 16:12:26 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\X3Dview.dll
[2002/01/28 10:29:54 | 00,029,184 | ---- | C] () -- C:\WINDOWS\System32\kwab.dll
[2000/09/08 16:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/08/16 06:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
< End of report >
OTL Extras logfile created on: 12/14/2009 8:39:01 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
254.98 Mb Total Physical Memory | 65.43 Mb Available Physical Memory | 25.66% Memory free
664.27 Mb Paging File | 131.58 Mb Available in Paging File | 19.81% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 14.71 Gb Free Space | 19.75% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELLOFFICE
Current User Name: Mike
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=\"#E56717\"]========== Extra Registry (SafeList) ==========[/color]
[color=\"#E56717\"]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.)
[color=\"#E56717\"]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
jsfile [open] -- "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[color=\"#E56717\"]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[color=\"#E56717\"]========== Authorized Applications List ==========[/color]
[color=\"#E56717\"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01001202-823E-46CD-A70E-BEE818F97169}" = Microsoft Encarta Encyclopedia Standard 2002
"{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}" = aspi
"{0B8FF60F-C012-4459-AADF-A3AD4E3757DE}" = Dell Picture Studio - Dell Image Expert
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}" = Microsoft Streets and Trips 2002
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{40280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{42C402C3-F95B-4BA2-BC90-99816AAF8159}" = Space Colony
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{510582B9-2633-11D4-99DC-0000F49094C7}" = Memory Stick driver
"{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}" =
"{58EBC737-9828-4204-8512-E0E71BD7E792}" = Lyra System File Update Utility
"{59C4F14F-7590-45FC-BE9F-A67AB3590709}" = iTunes
"{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}" = Logitech ImageStudio
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = MyDVD
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{66A6DEFF-A8FA-11D5-9268-006097A63005}" = USB MS
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C32C567-DC0F-4C80-B06C-7873850A2E06}" = The Sims Unleashed
"{7F3D9322-E392-411F-81EB-3F844B56248B}" = Lyra Personal Audio Player (RD1021/1071/1075)
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{94CD45D0-58D3-11D5-B35E-00E02934C09B}" = MapSend Topo US
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.3
"{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BB46245B-CECA-406F-8790-3ABA0D01012F}" = Roxio VideoWave Movie Creator
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Simsâ„¢ 3
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C3A439E4-7303-491F-A678-CEA36A87D517}" = Microsoft Works Suite Add-in for Microsoft Word
"{C769A271-7E1C-48F9-B331-474600DD4C06}" = Microsoft Picture It! Photo 2002
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}" = Microsoft Money 2002 System Pack
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack
"{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}" =
"{DE601BAB-2499-4B25-B858-11360F71658B}" = SFR
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7298FD5-1386-11D5-8D6C-0050DAD32D95}" = Microsoft Money 2002
"{EE5B8E34-973C-4FBE-AC83-99F064009FC7}" = SpyHunter
"{EF6F70D0-C242-4047-946B-98EA8208481A}" = ArcSoft TotalMedia Backup & Record
"{F5E4C38C-73BC-4D44-8BFC-969C2B4DABCA}" = OpenMG Secure Module 4.3.00
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"040a_5005" = USB MassStorage CardReader
"3DGroove" = OTOY
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"Ares" = ARES
"Autodesk Express Viewer" = Autodesk Express Viewer
"avast!" = avast! Antivirus
"Canon MP830 User Registration" = Canon MP830 User Registration
"CleanUp!" = CleanUp!
"DVDXCopy Platinum 4.0.3" = DVDXCopy Platinum 4.0.3
"DVDXCopyXpress" = DVDXCopy Xpress 2.5.2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ebateswebsavings0.xml" = Web Savings from Ebates
"Fighter Ace II 1.00" = Microsoft Fighter Ace II
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"GearDrivers" = GearDrivers
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"hp deskjet 950c series" = hp deskjet 950c series (Remove only)
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{59C4F14F-7590-45FC-BE9F-A67AB3590709}" = iTunes
"InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"InstallShield_{F5E4C38C-73BC-4D44-8BFC-969C2B4DABCA}" = OpenMG Secure Module 4.3.00
"InterActual Player" = InterActual Player
"JRE 1.3.1_01" = Java 2 Runtime Environment Standard Edition v1.3.1_01
"Kid Pix Deluxe 3" = Kid Pix Deluxe 3
"LEGO Creator" = LEGO Creator
"Lemonade Tycoon 2" = Lemonade Tycoon 2
"LimeWire" = LimeWire 4.14.12
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"MadelineRainyDayActivities" = Madeline Rainy Day Activities
"MGXDesigner60" = Micrografx Designer 6.0
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MP Navigator 2.2" = Canon MP Navigator 2.2
"NVIDIA Display Driver" = NVIDIA Display Driver
"OpenMG HotFix4.3-05-09-14-01" = OpenMG Limited Patch 4.3-05-10-05-01
"Pencil-Pal Kindergarten" = Pencil-Pal Kindergarten
"Picasa2" = Picasa 2
"PROSet" = Intel® PRO Ethernet Adapter and Software
"Q327979" = Windows XP Hotfix (SP2) Q327979
"Q328310" = Windows XP Hotfix (SP2) Q328310
"Q329048" = Windows XP Hotfix (SP2) [See Q329048 for more information]
"Q329115" = Windows XP Hotfix (SP2) [See Q329115 for more information]
"Q329170" = Windows XP Hotfix (SP2) Q329170
"Q329390" = Windows XP Hotfix (SP2) [See Q329390 for more information]
"Q329441" = Windows XP Hotfix (SP2) Q329441
"Q329834" = Windows XP Hotfix (SP2) [See Q329834 for more information]
"Q331953" = Windows XP Hotfix (SP2) Q331953
"Q810565" = Windows XP Hotfix (SP2) Q810565
"Q810577" = Windows XP Hotfix (SP2) Q810577
"Q810833" = Windows XP Hotfix (SP2) Q810833
"Q811493" = Windows XP Hotfix (SP2) Q811493
"Q814033" = Windows XP Hotfix (SP2) Q814033
"Q815021" = Windows XP Hotfix (SP2) Q815021
"Q817606" = Windows XP Hotfix (SP2) Q817606
"Q819696" = Windows XP Hotfix (SP2) Q819696
"Q828026" = Windows Media Player Hotfix [See wm828026 for more information]
"Reader Rabbit Toddler" = Reader Rabbit Toddler
"Shockwave" = Shockwave
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SimTown95v1" = SimTown
"Skype_is1" = Skype 3.1
"SnipeRight" = SnipeRight
"SpywareBlaster_is1" = SpywareBlaster v3.3
"Starry Night Bundle Edition" = Starry Night Bundle Edition
"The Story of Creation" = The Story of Creation
"Theme Park World" = SimTheme Park
"Tonka Raceway" = Tonka Raceway
"ToolBand.SkypeIEToolbarToolbar" = Skype add-on for IE
"Train Simulator 1.0" = Microsoft Train Simulator
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Who Wants To Be A Millionaire Kids Edition" = Who Wants To Be A Millionaire Kids Edition
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinZip" = WinZip
"Works2002Setup" = Microsoft Works 2002 Setup Launcher
"Yahoo! Companion" = Yahoo! Companion
"Yahoo! Customizations" = Yahoo! extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Mail AutoComplete" = Yahoo! Address AutoComplete
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar
[color=\"#E56717\"]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 11/26/2008 10:48:42 AM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application XPress.exe, version 1.0.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/26/2008 7:19:22 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application ashDisp.exe, version 4.7.1098.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/20/2009 11:55:49 AM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2800.1106, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 1/24/2009 9:30:27 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application Creatr50.exe, version 5.3.5.10, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/22/2009 5:25:34 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2800.1106, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/5/2009 6:15:30 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2800.1106, hang module
Flash9c.ocx, version 9.0.45.0, hang address 0x000564cb.
Error - 3/28/2009 12:22:08 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2800.1106, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/3/2009 3:46:20 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2800.1106, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/27/2009 2:42:37 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2800.1106, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/14/2009 6:51:36 PM | Computer Name = DELLOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2800.1106, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 12/14/2009 7:08:11 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 12/14/2009 7:08:11 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 12/14/2009 7:09:06 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 12/14/2009 7:09:09 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 12/14/2009 7:09:35 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 12/14/2009 7:09:35 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 12/14/2009 7:10:07 PM | Computer Name = DELLOFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 12/14/2009 7:10:07 PM | Computer Name = DELLOFFICE | Source = Service Contro
-
I see a lot of outdated software installed on your computer
We'll work on getting your computer up to date, but
Can you let me know the following please
How long ago did you install Avast AntiVirus?
Did you register it and when was the last time you ran the Program update?
We also have some cleaning to do, but let's start with that info
-
[quote name=\'guestolo\' post=\'466863\' date=\'Dec 14 2009, 09:38 PM\']I see a lot of outdated software installed on your computer
We'll work on getting your computer up to date, but
Can you let me know the following please
How long ago did you install Avast AntiVirus?
Did you register it and when was the last time you ran the Program update?
We also have some cleaning to do, but let's start with that info[/quote]
I have had it on my computer for quite a while and it was registered but I haven't updated for months. I will update it now and run a scan.
-
Please update it, if your registration has expired, let me know, we'll get ya up to date
But I need you to post back later and let me know how things went
Because we have more work to do
-
[quote name=\'guestolo\' post=\'466882\' date=\'Dec 15 2009, 09:55 PM\']Please update it, if your registration has expired, let me know, we'll get ya up to date
But I need you to post back later and let me know how things went
Because we have more work to do[/quote]
updated Advast and scanned system twice....found quite a few viruses and malware...sent them to chest....had an error on one that said it couldn't send to chest....i'll run the scan one more time
-
[quote name=\'guestolo\' post=\'466882\' date=\'Dec 15 2009, 09:55 PM\']Please update it, if your registration has expired, let me know, we'll get ya up to date
But I need you to post back later and let me know how things went
Because we have more work to do[/quote]
Ran updated Advast three times...seems all clear now. Where do we go from here?
-
Download [color=\"#FF0000\"]ATF-Cleaner[/color] (http://\"http://www.atribune.org/ccount/click.php?id=1\") by Atribune.
Save it to your desktop
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
Click Exit on the Main menu to close the program.
Download Malwarebytes' Anti-Malware from Here (http://\"http://www.besttechie.net/tools/mbam-setup.exe\") or Here (http://\"http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html\")
Save the installer to desktop
Double Click mbam-setup.exe to install the application.- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
-
Sorry I've been away for awhile. Would like to pick up where we left off. I installed SP2 since it wasn't on my computer and after that I couldn't share the printer that's attached to this computer. Also couldn't see or be seen by other computers on network. Internet works fine. Anyway here's a anti-malware report as requested and a new hijack report. Thanks
Malwarebytes' Anti-Malware 1.44
Database version: 3662
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
1/30/2010 11:20:23 AM
mbam-log-2010-01-30 (11-20-23).txt
Scan type: Quick Scan
Objects scanned: 172867
Time elapsed: 34 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Start Menu\Programs\WhenU (Adware.WhenU) -> Quarantined and deleted successfully.
Files Infected:
C:\x.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\z.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:46 AM, on 1/30/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Mike\LOCALS~1\Temp\Google Toolbar\gtbD.tmp.exe
C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_12_0.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB (http://\"http://pcpitstop.com/pcpitstop/PCPitStop.CAB\")
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab (http://\"http://www.ipix.com/viewers/ipixx.cab\")
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (http://\"http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab\")
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo2.walgreens.com/WalgreensActivia.cab (http://\"http://photo2.walgreens.com/WalgreensActivia.cab\")
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe (http://\"http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe\")
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab\")
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,7...pdatePortal.cab (http://\"http://www.amiuptodate.com/vsc/bin/1,0,0,7/McUpdatePortal.cab\")
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab (http://\"http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab\")
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab (http://\"http://chat.yahoo.com/cab/yacsui.cab\")
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab (http://\"http://chat.yahoo.com/cab/yuplapp.cab\")
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab (http://\"http://toolbar.google.com/data/GoogleActivate.cab\")
O16 - DPF: {97AFC0D9-660E-4ACE-B025-46FD64AE335A} (EmailImport.EmailImportControl) - http://www.friendster.com/import/emailimport.cab (http://\"http://www.friendster.com/import/emailimport.cab\")
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll\")
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} (Autodesk Express Viewer Control) - http://www.autodesk.com/global/expressview...ViewerSetup.cab (http://\"http://www.autodesk.com/global/expressviewer/installer/ExpressViewerSetup.cab\")
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab\")
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab\")
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab (http://\"http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab\")
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 12445 bytes
[quote name=\'guestolo\' post=\'466900\' date=\'Dec 16 2009, 07:19 PM\']Download [color=\"#FF0000\"]ATF-Cleaner[/color] (http://\"http://www.atribune.org/ccount/click.php?id=1\") by Atribune.
Save it to your desktop
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
Click Exit on the Main menu to close the program.
Download Malwarebytes' Anti-Malware from Here (http://\"http://www.besttechie.net/tools/mbam-setup.exe\") or Here (http://\"http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html\")
Save the installer to desktop
Double Click mbam-setup.exe to install the application.- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.[/quote]
-
Can you delete your copy of OTL.exe if you still have it
Then, I need you to redownload it
Download [color=\"#FF0000\"]OTL.exe[/color] (http://\"http://oldtimer.geekstogo.com/OTL.exe\")[/url] by OldTimer to your Desktop.
- Close all windows and double click on OTL.exe to run it
- Under the Custom Scan box paste this in, the entries in Blue below:
[color=\"#0000FF\"]netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles[/color]
- Click Run Scan and let the program run uninterrupted.
Post the log that opens
NOTE: If you have trouble, or an error message trying to post the log
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"
-
OTL logfile created on: 1/31/2010 2:14:11 PM - Run 2
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Mike\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.00 Mb Total Physical Memory | 14.00 Mb Available Physical Memory | 6.00% Memory free
729.00 Mb Paging File | 174.00 Mb Available in Paging File | 24.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 13.50 Gb Free Space | 18.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.92 Gb Total Space | 0.00 Gb Free Space | 0.08% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELLOFFICE
Current User Name: Mike
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]
PRC - [2010/01/31 14:12:28 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\Downloads\OTL.exe
PRC - [2010/01/21 02:24:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/12/12 23:55:08 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/02/05 16:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/02/19 11:01:46 | 000,278,528 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
PRC - [2007/06/12 23:47:38 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/01/15 13:23:48 | 000,344,064 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2006/10/11 11:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2006/09/20 07:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2006/09/19 15:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/08/28 17:10:01 | 000,684,032 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
PRC - [2006/05/31 14:08:04 | 000,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2005/09/27 06:59:10 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2005/06/03 02:52:54 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
PRC - [2005/05/10 16:04:52 | 000,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
PRC - [2004/08/04 02:56:57 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/08/04 02:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/10/06 14:16:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2003/03/31 15:34:14 | 000,282,684 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2003/02/04 08:22:30 | 000,181,312 | ---- | M] () -- C:\WINDOWS\system32\ScsiAccess.EXE
PRC - [2003/01/27 15:40:42 | 000,049,152 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\GEARSEC.EXE
PRC - [2001/08/16 23:41:58 | 000,028,738 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]
MOD - [2010/01/31 14:12:28 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\Downloads\OTL.exe
MOD - [2006/10/04 21:07:12 | 000,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
MOD - [2004/08/04 00:57:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010/01/30 11:32:36 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/12/12 23:55:08 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/05/12 15:53:29 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2006/02/23 14:45:06 | 000,323,584 | ---- | M] (Apple Computer, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/09/27 05:19:26 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2005/08/30 15:00:50 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/08/30 14:55:18 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/08/30 14:49:34 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2003/10/06 14:16:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2003/07/28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/03/31 15:34:14 | 000,282,684 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/02/04 08:22:30 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ScsiAccess.EXE -- (ScsiAccess)
SRV - [2003/01/27 15:40:42 | 000,049,152 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\GEARSEC.EXE -- (GEARSecurity)
[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]
DRV - [2009/02/05 16:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 16:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 16:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 16:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 16:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2006/11/02 16:57:04 | 000,036,624 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/08/28 17:10:02 | 000,241,280 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2006/08/28 17:10:02 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2006/08/28 17:10:02 | 000,144,250 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2006/08/28 17:10:02 | 000,030,662 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2006/08/28 17:10:02 | 000,025,930 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/02 00:21:04 | 000,014,408 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2004/08/04 01:03:35 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/04 00:59:50 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/04 00:41:55 | 000,011,868 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2004/08/04 00:41:54 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys -- (HSF_DP)
DRV - [2004/08/04 00:41:48 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsfcxts2.sys -- (winachsf)
DRV - [2004/08/04 00:41:46 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys -- (HSFHWBS2)
DRV - [2004/07/17 13:36:36 | 000,027,440 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2003/11/11 20:29:44 | 000,031,680 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin)
DRV - [2003/10/06 14:16:00 | 001,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/03/31 15:34:14 | 000,134,421 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2003/03/31 15:34:14 | 000,061,568 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2003/03/31 15:34:14 | 000,061,114 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2003/03/31 15:34:14 | 000,036,730 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/03/31 15:34:14 | 000,008,058 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2003/02/21 12:57:56 | 000,037,941 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2002/10/11 10:29:00 | 000,207,936 | R--- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtlsVid.sys -- (EMATCORE)
DRV - [2002/10/11 10:29:00 | 000,025,600 | R--- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtlsAud.sys -- (AtlsAud)
DRV - [2002/09/27 18:56:50 | 000,009,856 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/09/03 11:53:10 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/09/03 11:50:32 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002/09/03 11:50:32 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002/06/10 14:20:50 | 000,039,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840)
DRV - [2002/04/30 12:53:08 | 000,139,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [2002/01/24 10:23:40 | 000,013,545 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\STLTRK2K.sys -- (Stltrk2k)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 13:56:16 | 000,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 08:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 08:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 08:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 08:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 08:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001/08/17 08:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 08:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 08:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 08:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 08:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 08:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/08/17 07:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel® 82801 Audio Driver Install Service (WDM)
DRV - [1999/09/10 07:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (ASPI32)
DRV - [1998/02/26 14:10:28 | 000,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\a4sii300.sys -- (A4SII300)
DRV - [1997/12/09 00:07:16 | 000,003,616 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\as6eio.SYS -- (as6eio)
[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]
[color=\"#E56717\"]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/cs/ymsgr/*http://www.yahoo.com/ext/search/search.html\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com (http://\"http://www.google.com\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/ (http://\"http://my.yahoo.com/\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie (http://\"http://www.google.com/ie\")
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010/01/15 21:02:57 | 000,373,451 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12872 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IeCaptureBho Object) - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (Google)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_12_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe (Roxio)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe (ArcSoft, Inc.)
O4 - Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Yahoo! Dictionary - C:\Program Files\Yahoo!\Common [2007/07/11 08:57:58 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! Search - C:\Program Files\Yahoo!\Common [2007/07/11 08:57:58 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: 60 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab (http://\"http://download.microsoft.com/download/8/B/E/8BE028EC-F134-4AA0-84AB-64F76D6B9842/wmsp9dmo.cab\") (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/pcpitstop/PCPitStop.CAB (http://\"http://pcpitstop.com/pcpitstop/PCPitStop.CAB\") (PCPitstop Utility)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (http://\"http://www.ipix.com/viewers/ipixx.cab\") (iPIX ActiveX Control)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (http://\"http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab\") (Yahoo! Audio Conferencing)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB (http://\"http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB\") (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (http://\"http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab\") (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgreens.com/WalgreensActivia.cab (http://\"http://photo2.walgreens.com/WalgreensActivia.cab\") (Snapfish Activia)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe (http://\"http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe\") (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab\") (Reg Error: Key error.)
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} http://www.amiuptodate.com/vsc/bin/1,0,0,7...pdatePortal.cab (http://\"http://www.amiuptodate.com/vsc/bin/1,0,0,7/McUpdatePortal.cab\") (McUpdatePortalFactory Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab (http://\"http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab\") (Groove Control)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (http://\"http://chat.yahoo.com/cab/yacsui.cab\") (Yahoo! Audio UI1)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (http://\"http://chat.yahoo.com/cab/yuplapp.cab\") (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab\") (Java Plug-in 1.5.0_04)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} http://toolbar.google.com/data/GoogleActivate.cab (http://\"http://toolbar.google.com/data/GoogleActivate.cab\") (Reg Error: Key error.)
O16 - DPF: {97AFC0D9-660E-4ACE-B025-46FD64AE335A} http://www.friendster.com/import/emailimport.cab (http://\"http://www.friendster.com/import/emailimport.cab\") (EmailImport.EmailImportControl)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll\") (YahooYMailTo Class)
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} http://www.autodesk.com/global/expressview...ViewerSetup.cab (http://\"http://www.autodesk.com/global/expressviewer/installer/ExpressViewerSetup.cab\") (Autodesk Express Viewer Control)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab\") (YAddBook Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab\") (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab\") (Java Plug-in 1.5.0_04)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (http://\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\") (Shockwave Flash Object)
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab (http://\"http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab\") (EPSImageControl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/24 09:36:47 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c4e6ddd2-0c53-11df-928e-0007e9c3896b}\Shell - "" = AutoRun
O33 - MountPoints2\{c4e6ddd2-0c53-11df-928e-0007e9c3896b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4e6ddd2-0c53-11df-928e-0007e9c3896b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002/12/24 09:36:17 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53765057741324288)
[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/01/30 11:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/01/30 11:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/30 10:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2010/01/30 10:36:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/30 10:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/30 10:36:36 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/30 10:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/30 10:32:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\Downloads
[2010/01/30 10:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\Temp
[2010/01/30 10:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\Deployment
[2010/01/29 21:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\U3
[2010/01/24 03:12:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/01/24 03:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/01/24 03:12:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/01/24 03:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/01/24 03:09:33 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/01/24 03:09:33 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/01/24 03:09:33 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/01/24 03:09:33 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/01/24 03:09:33 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/01/24 03:09:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/01/24 03:09:31 | 000,000,000 | ---D | C] -- C:\7b106ce92b35fbbec1d07d95
[2010/01/24 03:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/01/23 03:01:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/01/22 03:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/01/21 17:35:26 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/01/21 17:34:19 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/21 17:31:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/01/21 17:24:42 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/01/21 17:23:50 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/01/21 17:21:18 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/01/21 17:21:15 | 002,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/01/21 17:21:11 | 002,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/01/21 17:21:09 | 002,057,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/01/21 17:20:55 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/01/20 21:34:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/01/14 19:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/14 19:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/01/12 19:18:02 | 278,927,592 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mike\Desktop\WindowsXP-KB835935-SP2-ENU.exe
[2010/01/12 18:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010/01/12 18:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Uniblue
[2008/11/24 14:51:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/03/15 21:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2004/10/22 20:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2002/12/24 09:39:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2002/12/24 09:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]
[2010/01/31 14:20:17 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-113007714-682003330-1004UA.job
[2010/01/31 14:19:04 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/01/31 13:38:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/31 11:38:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/31 10:20:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-113007714-682003330-1004Core.job
[2010/01/30 11:35:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/30 11:34:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/30 11:34:36 | 267,436,032 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/30 11:34:06 | 009,437,184 | ---- | M] () -- C:\Documents and Settings\Mike\ntuser.dat
[2010/01/30 11:33:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Mike\ntuser.ini
[2010/01/30 10:36:45 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/30 10:24:44 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Google Chrome.lnk
[2010/01/28 14:55:13 | 000,121,224 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/28 14:46:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/25 03:09:41 | 000,488,680 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/25 03:09:41 | 000,432,664 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/25 03:09:41 | 000,067,428 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/25 03:01:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/24 03:29:48 | 000,398,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/20 22:02:30 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/01/20 20:28:06 | 000,000,211 | RHS- | M] () -- C:\boot. ini
[2010/01/15 22:00:05 | 000,000,000 | ---- | M] () -- C:\FileOut.Cns
[2010/01/15 22:00:05 | 000,000,000 | ---- | M] () -- C:\FileIn.Cns
[2010/01/15 21:02:57 | 000,373,451 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/15 20:55:50 | 000,000,135 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/01/14 19:32:25 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk
[2010/01/13 22:36:00 | 000,225,792 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Bridget Riley- Op. Art.doc
[2010/01/12 22:45:06 | 000,002,881 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\sharedacess.reg
[2010/01/12 19:19:32 | 278,927,592 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mike\Desktop\WindowsXP-KB835935-SP2-ENU.exe
[2010/01/12 18:56:08 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Eusing Free Registry Cleaner.lnk
[2010/01/09 20:11:54 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100115-210256.backup
[2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]
[2010/01/30 11:33:10 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/30 11:33:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/30 10:36:45 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/30 10:24:44 | 000,002,277 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Google Chrome.lnk
[2010/01/30 10:15:53 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-113007714-682003330-1004UA.job
[2010/01/30 10:15:52 | 000,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-113007714-682003330-1004Core.job
[2010/01/14 19:32:25 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk
[2010/01/13 22:35:59 | 000,225,792 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Bridget Riley- Op. Art.doc
[2010/01/12 22:45:06 | 000,002,881 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\sharedacess.reg
[2010/01/12 18:56:08 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Eusing Free Registry Cleaner.lnk
[2010/01/01 21:44:44 | 009,437,184 | ---- | C] () -- C:\Documents and Settings\Mike\ntuser.dat
[2009/02/24 20:15:49 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameE.txt
[2008/09/06 16:35:41 | 000,000,253 | ---- | C] () -- C:\WINDOWS\Creator.INI
[2008/01/06 21:15:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/01/06 21:14:59 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/12/02 20:23:11 | 000,004,592 | ---- | C] () -- C:\WINDOWS\System32\MXWIN32.DLL
[2007/08/29 19:21:57 | 000,001,760 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/28 21:01:07 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/08/28 20:59:44 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/08/28 20:57:29 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2006/11/16 08:51:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\Tonka_Raceway.INI
[2006/01/27 18:38:16 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2006/01/27 18:38:16 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\Asfv2.dll
[2005/02/15 19:47:29 | 000,000,045 | ---- | C] () -- C:\WINDOWS\FHKKGJP.ini
[2004/10/22 08:54:11 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/14 09:09:21 | 000,113,664 | ---- | C] () -- C:\WINDOWS\AS3E32.DLL
[2004/08/14 09:09:21 | 000,000,553 | ---- | C] () -- C:\WINDOWS\INFO32.INI
[2004/08/14 09:09:21 | 000,000,464 | ---- | C] () -- C:\WINDOWS\SUPMINI.INI
[2004/08/14 09:09:20 | 000,003,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\AS6EIO.SYS
[2004/08/14 09:06:21 | 000,934,400 | ---- | C] () -- C:\WINDOWS\LEAD45.DLL
[2004/08/14 09:06:20 | 000,205,824 | ---- | C] () -- C:\WINDOWS\PPLIBMGR.DLL
[2004/08/14 09:05:57 | 001,915,392 | ---- | C] () -- C:\WINDOWS\MGXRDR32.DLL
[2004/02/06 16:33:19 | 000,000,069 | ---- | C] () -- C:\WINDOWS\Morphexe.INI
[2004/02/05 17:24:20 | 000,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI
[2004/02/05 16:53:16 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2004/02/05 16:51:42 | 000,005,187 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2003/12/04 13:57:02 | 000,355,840 | ---- | C] () -- C:\WINDOWS\winctl32.dll
[2003/11/16 10:08:58 | 000,001,708 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/11/11 20:02:01 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/10/06 14:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/15 11:30:10 | 000,000,383 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2003/05/26 14:21:20 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\KazaaSocks.dll
[2003/05/03 08:54:36 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2003/03/30 13:16:33 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2003/03/30 13:15:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2003/01/18 16:29:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCS.INI
[2003/01/18 16:29:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCF.INI
[2003/01/18 16:29:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2003/01/09 13:18:23 | 000,000,757 | ---- | C] () -- C:\WINDOWS\FA128.INI
[2002/12/29 18:24:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2002/12/29 00:56:35 | 000,145,408 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/12/27 08:38:41 | 000,001,945 | ---- | C] () -- C:\WINDOWS\disney.ini
[2002/12/24 10:28:54 | 000,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/05 16:12:26 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\X3Dview.dll
[2002/01/28 10:29:54 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\kwab.dll
[2000/09/08 16:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/08/16 06:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[color=\"#E56717\"]========== Custom Scans ==========[/color]
[color=\"#A23BEC\"]< %SYSTEMDRIVE%\*.exe >[/color]
[2005/10/31 10:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[color=\"#A23BEC\"]< MD5 for: AGP440.SYS >[/color]
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
[2001/08/17 13:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2001/08/17 08:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\AGP440.SYS
[color=\"#A23BEC\"]< MD5 for: ATAPI.SYS >[/color]
[2002/09/03 12:04:09 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002/09/03 11:27:33 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=\"#A23BEC\"]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
[2002/09/03 11:32:41 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[color=\"#A23BEC\"]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2002/09/03 11:48:22 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\sp2qfe\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\sp2qfe\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll
[color=\"#A23BEC\"]< MD5 for: SCECLI.DLL >[/color]
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2002/09/03 11:58:25 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[color=\"#A23BEC\"]< %systemroot%\*. /mp /s >[/color]
[color=\"#A23BEC\"]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=\"#A23BEC\"]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
< End of report >
-
Can we do the following
disable SpybotSD TeaTimer, it may interfere, you can reenable it later
To disable SpybotSD TeaTimer:
Open Spybot and click on Mode and check Advanced Mode
Check yes to next window.
Click on Tools in bottom left hand corner.
Click on Resident icon.
Uncheck Teatimer box.
Click Allow Change box if prompted
Close Spybot
Reboot the computer
Back in Windows
Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
[color=\"blue\"]Updating Java:[/color]- Download the latest version of Java Runtime Environment (JRE) (http://\"http://java.sun.com/javase/downloads/index.jsp\").
- Scroll down to where it says "JDK 6 Update 18 (JDK or JRE)".
- Click the "Download JRE" button to the right
- In the Window that opens, Beside Platform: select Windows,>>Check the "agree" box and click Continue.
- Click on the link to download Windows Offline Installation and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
In your case remove the following:
- J2SE Runtime Environment 5.0 Update 1
- J2SE Runtime Environment 5.0 Update 4
- Java 2 Runtime Environment Standard Edition v1.3.1_01[/b]
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u18-windows-i586.exe that you downloaded to install the newest version.
Did you pay for copy of SpyHunter you have installed?
How long have you had Adaware SE Personal installed?
Keep me informed how things are running
EDIT>I just want to get up to date on installed programs
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents
-
No, I didn't pay for the Spyhunter program. The adaware has been on my computer for quite awhile but the registration expired and wasn't renewed until recently. Here is the uninstalled list:
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0
Adobe Shockwave Player
Adobe SVG Viewer 3.0
ArcSoft TotalMedia Backup & Record
ARES
aspi
Autodesk Express Viewer
avast! Antivirus
Canon MP Navigator 2.2
Canon MP830
Canon MP830 User Registration
Canon Utilities Easy-PhotoPrint
CCHelp
CCScore
CleanUp!
Dell Picture Studio - Dell Image Expert
Dell ResourceCD
DVDXCopy Platinum 4.0.3
DVDXCopy Xpress 2.5.2
Easy CD Creator 5 Basic
ESSAdpt
ESSANUP
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSTUTOR
ESSvpaht
ESSvpot
Eusing Free Registry Cleaner
GearDrivers
Google Desktop
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
hp deskjet 950c series (Remove only)
Intel® PRO Ethernet Adapter and Software
InterActual Player
iPod for Windows 2006-03-23
iTunes
Jasc Paint Shop Pro 8
Java(tm) 6 Update 18
Kid Pix Deluxe 3
KSU
LEGO Creator
Lernout & Hauspie TruVoice American English TTS Engine
LimeWire 4.14.12
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Logitech Desktop Messenger
Logitech ImageStudio
Lyra Personal Audio Player (RD1021/1071/1075)
Lyra System File Update Utility
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Flash MX
Madeline Rainy Day Activities
Malwarebytes' Anti-Malware
MapSend Topo US
Memory Stick driver
Micrografx Designer 6.0
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2002
Microsoft Fighter Ace II
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft Office Professional Edition 2003
Microsoft Office XP Professional with FrontPage
Microsoft Picture It! Photo 2002
Microsoft Streets and Trips 2002
Microsoft Train Simulator
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 2002 Setup Launcher
Microsoft Works 6.0
Microsoft Works Suite Add-in for Microsoft Word
Microsoft WSE 3.0 Runtime
Monopoly Tycoon
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Musicmatch® Jukebox
MyDVD
Notifier
NVIDIA Display Driver
OpenMG Limited Patch 4.3-05-10-05-01
OpenMG Secure Module 4.3.00
OTOY
OTtBP
Paint Shop Pro 7
Pencil-Pal Kindergarten
Picasa 2
PowerDVD
Presto! PageManager 7.15.14
QuickTime
Reader Rabbit Toddler
Roxio VideoWave Movie Creator
ScanSoft OmniPage SE 4.0
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 8 (KB911565)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SFR2
Shockwave
SimTheme Park
SimTown
SlingPlayer
SonicStage 3.3
Sony Picture Utility
Sony USB Driver
Space Colony
Spybot - Search & Destroy
SpywareBlaster v3.3
Starry Night Bundle Edition
The Sims 2
The Sims Unleashed
The Simsâ„¢ 3
The Story of Creation
Tonka Raceway
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
USB MassStorage CardReader
USB MS
Web Savings from Ebates
Who Wants To Be A Millionaire Kids Edition
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinZip
Yahoo! Address AutoComplete
Yahoo! Companion
Yahoo! extras
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
[quote name=\'guestolo\' post=\'467732\' date=\'Jan 31 2010, 03:52 PM\']Can we do the following
disable SpybotSD TeaTimer, it may interfere, you can reenable it later
To disable SpybotSD TeaTimer:
Open Spybot and click on Mode and check Advanced Mode
Check yes to next window.
Click on Tools in bottom left hand corner.
Click on Resident icon.
Uncheck Teatimer box.
Click Allow Change box if prompted
Close Spybot
Reboot the computer
Back in Windows
Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
[color=\"blue\"]Updating Java:[/color]- Download the latest version of Java Runtime Environment (JRE) (http://\"http://java.sun.com/javase/downloads/index.jsp\").
- Scroll down to where it says "JDK 6 Update 18 (JDK or JRE)".
- Click the "Download JRE" button to the right
- In the Window that opens, Beside Platform: select Windows,>>Check the "agree" box and click Continue.
- Click on the link to download Windows Offline Installation and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
In your case remove the following:
- J2SE Runtime Environment 5.0 Update 1
- J2SE Runtime Environment 5.0 Update 4
- Java 2 Runtime Environment Standard Edition v1.3.1_01[/b]
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u18-windows-i586.exe that you downloaded to install the newest version.
Did you pay for copy of SpyHunter you have installed?
How long have you had Adaware SE Personal installed?
Keep me informed how things are running
EDIT>I just want to get up to date on installed programs
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents[/quote]
-
You have remnants of Symantec's AV on your computer
Download and save to desktop
Norton Removal tool from the following link
http://service1.symantec.com/SUPPORT/norto...&view=docid (http://\"http://service1.symantec.com/SUPPORT/norton2008.nsf/docid/2007082908475279?Open&docid=2005033108162039&nsf=tsgeninfo.nsf&view=docid\")
Scroll to STEP 3 and follow instructions
Reboot the computer after running the tool
Back in Windows
your version of Adobe Flash is outdated and insecure
Go to the following link
http://kb2.adobe.com/cps/141/tn_14157.html (http://\"http://kb2.adobe.com/cps/141/tn_14157.html\")
Download and save to desktop the Windows: uninstall_flash_player.exe
Close down any browser window that is open and run the uninstaller
After you have successfully uninstalled Flash, you can delete the uninstaller
Your copy of Adobe Reader is outdated and insecure
Access your Add/REmove programs again and remove
Adobe Reader 7.0
Remain in Add/Remove programs and uninstall/remove the following
Web Savings from Ebates and SpyHunter if found
reboot the computer
Back in Windows
Use IE and go to the following link
http://www.adobe.com/products/flashplayer/ (http://\"http://www.adobe.com/products/flashplayer/\")
Agree to install the downloader>>UNTICK any option for any Toolbar or Security Scan, etc..
You just need the Flash Player
After you have successfully installed the updated Flash player
You now need the updated Adobe Reader
Go to the following link
http://get.adobe.com/reader/ (http://\"http://get.adobe.com/reader/\")
Untick any option for additonal toolbar or other software, you just need Adobe Reader
Save the installer to desktop then run it
After you have successfully installed the new Adobe Reader
with AR open click on HELP>>Check for Updates
Just to ensure that Adobe Reader is right up to date
The adaware has been on my computer for quite awhile but the registration expired and wasn't renewed until recently
Is it up to date or isn't it, if not, let's remove it
It may be outdated
Keep me informed how things are running