« previous next »
Pages: 1 2 [3]

Author Topic: Missing rundll32.exe and other annoyances  (Read 7350 times)

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #40 on: June 26, 2011, 11:25:21 PM »
[quote name='guestolo' timestamp='1309110455' post='479847']
Right click on [color="#0000ff"]THIS LINK[/color] and save the file to your desktop. Next, right-click on the downloaded file (DelDomains.inf) and select "Install." The package will remove all Internet Explorer restricted sites, enhanced security configuration zones and trusted sites.
Note: you will not see any onscreen action.
You can deleted deldomains.inf afterwards

[color="#0000ff"]DONE

[/color]Your copy of SpywareBlaster is outdated
Can you open it please, under the main menu
"Disable All Protections"
Afterwards, close it and uninstall it from Add/Remove programs
We'll update it in a bit

[color="#0000ff"]UNINSTALLED
[/color]
Since you removed Ad-Aware, if the next entries are in Add/Remove, you can uninstall them also
HexDump plug-in for Ad-Aware SE
Tweak-SE plug-in for Ad-Aware SE
LSP Explorer plug-in for Ad-Aware SE

[color="#0000ff"]DONE[/color]

Double  click on OTL.exe and Run it
  • Under the [color="#0000ff"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
  • Then click the [color="#ff0000"]Run Fix[/color] button at the top
  • Let the program run unhindered, reboot the PC when it is done
On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder


All processes killed
========== OTL ==========
C:\ComboFix folder moved successfully.
C:\Documents and Settings\All Users\Application Data\qw0j6rj2eh126b41tbg4561cs4qy0b8ai286q3u8rph5 moved successfully.
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\qw0j6rj2eh126b41tbg4561cs4qy0b8ai286q3u8rph5 moved successfully.
========== REGISTRY ==========
========== FILES ==========
C:\Documents and Settings\Compaq_Administrator\Desktop\aswMBR.exe moved successfully.
File\Folder c:\documents and settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk not found.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Compaq_Administrator\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Compaq_Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Compaq_Administrator
->Flash cache emptied: 6989 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Compaq_Administrator
->Temp folder emptied: 84098567 bytes
->Temporary Internet Files folder emptied: 11161278 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 7471621 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 239028 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 41650971 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 101975 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 94777097 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4293787544 bytes
 
Total Files Cleaned = 4,323.00 mb
 
 
OTL by OldTimer - Version 3.2.23.0 log created on 06272011_000006

Files\Folders moved on Reboot...
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\HZ2C7Z2F\index[1].htm moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_664.dat not found!

Registry entries deleted on Reboot...

[color="#0000ff"]CONTINUING INSTRUCTIONS...[/color]

Logged

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #41 on: June 27, 2011, 12:27:39 AM »
[quote name='guestolo' timestamp='1309110455' post='479847']
Right click on [color="#0000ff"]THIS LINK[/color] and save the file to your desktop. Next, right-click on the downloaded file (DelDomains.inf) and select "Install." The package will remove all Internet Explorer restricted sites, enhanced security configuration zones and trusted sites.
Note: you will not see any onscreen action.
You can deleted deldomains.inf afterwards


I would like you to run Malwarebytes again, follow my instructions closely
Last time I asked you to run a Quick Scan, you ran the Full scan instead, you can save much time'
only running the Quick for now
Run Malwarebytes Anti-Malware, when it opens
  • Under the Update tab, "Check For Updates"
  • If an update is found, it will download and install the latest version.
  • Afterwards, click on the Scanner tab, select "Perform Quick Scan", then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
        * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

[color="#0000ff"]There was nothing to remove:

[color="#000000"]Malwarebytes' Anti-Malware 1.51.0.1200
[/color][color="#000000"]www.malwarebytes.org[/color][/color]

[color="#000000"]Database version: 6957[/color]

[color="#000000"]Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702[/color]

[color="#000000"]6/27/2011 12:49:51 AM
mbam-log-2011-06-27 (00-49-51).txt[/color]

[color="#000000"]Scan type: Quick scan
Objects scanned: 180867
Time elapsed: 9 minute(s), 53 second(s)[/color]

[color="#000000"]Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0[/color]

[color="#000000"]Memory Processes Infected:
(No malicious items detected)[/color]

[color="#000000"]Memory Modules Infected:
(No malicious items detected)[/color]

[color="#000000"]Registry Keys Infected:
(No malicious items detected)[/color]

[color="#000000"]Registry Values Infected:
(No malicious items detected)[/color]

[color="#000000"]Registry Data Items Infected:
(No malicious items detected)[/color]

[color="#000000"]Folders Infected:
(No malicious items detected)[/color]

[color="#000000"]Files Infected:
(No malicious items detected)


[/color][color="#0000ff"]Continuing with SystemLook
[/color]

Logged

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #42 on: June 27, 2011, 01:18:45 AM »
[quote name='guestolo' timestamp='1309110455' post='479847']
Right click on [color="#0000ff"]THIS LINK[/color] and save the file to your desktop. Next, right-click on the downloaded file (DelDomains.inf) and select "Install." The package will remove all Internet Explorer restricted sites, enhanced security configuration zones and trusted sites.

One more log please:
Please download [color="red"]SystemLook[/color] from one of the links below and save it to your Desktop.
[color="blue"]Download Mirror #1[/color]
[color="blue"]Download Mirror #2[/color][/b]
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: [Select]
    :filefind
    .ntsrsacp
    ntsrsacp
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


SystemLook 04.09.10 by jpshortstuff
Log created at 01:31 on 27/06/2011 by Compaq_Administrator
Administrator - Elevation successful

========== filefind ==========

Searching for ".ntsrsacp "
No files found.

Searching for "ntsrsacp"
No files found.

-= EOF =-

In addition: You said the following earlier:
Quote

neither Adobe Reader nor Adobe Flash would install; I got the yellow bar saying Adobe wants to install "Adobe DLM" from Adobe Systems and at the same time, got a pop-up from IE saying IE has encountered a problem and needs to close.

[color="#0000ff"]I did get Flash installed; held off on Adobe Reader since I rarely use it, but can install it now I think.
[/color]
It would be nice if we could resolve that issue
Can you go back to post #26
Try the installations again, if it won't work with IE, can you try downloading/installing using Opera or Netscape please
[/quote]




Logged

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #43 on: June 27, 2011, 02:01:34 AM »
[quote name='guestolo' timestamp='1309110455' post='479847']

In addition: You said the following earlier

Quote
neither Adobe Reader nor Adobe Flash would install; I got the yellow bar saying Adobe wants to install "Adobe DLM" from Adobe Systems and at the same time, got a pop-up from IE saying IE has encountered a problem and needs to close.

It would be nice if we could resolve that issue
Can you go back to post #26
Try the installations again, if it won't work with IE, can you try downloading/installing using Opera or Netscape please
[/quote]


[color="#0000ff"]ALL INSTALLED[/color]

Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Missing rundll32.exe and other annoyances
« Reply #44 on: June 27, 2011, 09:28:58 PM »
Open OTL.exe, run a quick scan, post the log that opens
Things look good, but please keep me informed how things are now running
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #45 on: June 28, 2011, 04:42:08 AM »
[quote name='guestolo' timestamp='1309228138' post='479878']
Open OTL.exe, run a quick scan, post the log that opens
Things look good, but please keep me informed how things are now running
[/quote]


[color="#0000ff"]No problems opening programs or missing files, but computer is running slowly, moreso than before all this happened around 14 May. I still think it's AVG, since there was a big difference once you had me uninstall, then it seemed to run more slowly than before once I reinstalled, but since it's paid for I hate to uninstall it. And it does its job well.

[color="#000000"]OTL logfile created on: 6/28/2011 5:28:54 AM - Run 5
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
958.48 Mb Total Physical Memory | 188.97 Mb Available Physical Memory | 19.72% Memory free
2.26 Gb Paging File | 1.54 Gb Available in Paging File | 68.26% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178.30 Gb Total Space | 64.93 Gb Free Space | 36.42% Space Free | Partition Type: NTFS
Drive D: | 8.00 Gb Total Space | 1.01 Gb Free Space | 12.64% Space Free | Partition Type: FAT32
 
Computer Name: YOUR-55E5F9E3D2 | User Name: Compaq_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AGI\core\3.1\AGCoreService.exe (AG Interactive)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\arservice.exe (Microsoft)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\TabHook.dll (Wacom Technology, Corp.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_e877e12.dll ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws) -- C:\Program Files\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AGCoreService) -- C:\Program Files\AGI\core\3.1\AGCoreService.exe (AG Interactive)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Stuffit Archive Name Service) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (ARSVC) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (InCDsrvR) InCD Helper (read only) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (TabletService) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (MREMPR5) -- C:\Program Files\Common Files\Motive\MREMPR5.sys (Motive, Inc.)
DRV - (MRENDIS5) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (CO_Mon) -- C:\WINDOWS\system32\drivers\CO_Mon.sys ()
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)
DRV - (fasttx2k) -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (PenClass) -- C:\WINDOWS\System32\Drivers\PenClass.sys (Wacom Technology Corporation)
DRV - (ATMhelpr) -- C:\WINDOWS\System32\drivers\ATMHELPR.SYS (Adobe Systems Incorporated)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [/color][color="#000000"]http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8[/color]
[color="#000000"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [/color][color="#000000"]http://www.geocities.com/m.spatafore/index.html[/color]
[color="#000000"]IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Webshots\3.1.5.7613\Firefox [2009/07/09 15:25:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 22:36:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 10:01:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2011/02/20 18:56:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2011/06/27 02:55:47 | 000,000,000 | ---D | M]
 
[2009/03/06 08:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2009/03/06 08:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\[email protected]
 
O1 HOSTS File: ([2011/06/10 21:04:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (FlpLauncher Class) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipAlbum 5 Suite\FpLaunch.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Webshots Toolbar) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:\Program Files\Webshots\3.1.5.7613\WSToolbar4IE.dll (Webshots.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Webshots Toolbar) - {C17590D2-ECB4-4B15-8820-F58798DCC118} - C:\Program Files\Webshots\3.1.5.7613\WSToolbar4IE.dll (Webshots.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PCDrProfiler]  File not found
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\bak\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Webshots Photo Search - C:\Program Files\Webshots\3.1.5.7613\WSToolbar4IE.dll (Webshots.com)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [/color][color="#000000"]http://office.microsoft.com/templates/ieawsdc.cab[/color][color="#000000"] (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [/color][color="#000000"]http://www.apple.com/qtactivex/qtplugin.cab[/color][color="#000000"] (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [/color][color="#000000"]http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab[/color][color="#000000"] (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} [/color][color="#000000"]http://www.ipix.com/download/ipixx.cab[/color][color="#000000"] (iPIX ActiveX Control)
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} [/color][color="#000000"]https://h20278.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB[/color][color="#000000"] (Hewlett-Packard Online Support Services)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [/color][color="#000000"]http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab[/color][color="#000000"] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [/color][color="#000000"]http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab[/color][color="#000000"] (Symantec AntiVirus scanner)
O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} [/color][color="#000000"]http://community.webshots.com/html/atx/wsaxcontrol.cab[/color][color="#000000"] (Webshots Multiple Media Uploader - Container)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} [/color][color="#000000"]http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab[/color][color="#000000"] (SentinelProxy Class)
O16 - DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} [/color][color="#000000"]http://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab[/color][color="#000000"] (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} [/color][color="#000000"]http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab[/color][color="#000000"] (DLM Control)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} [/color][color="#000000"]http://www.linkedin.com/cab/LinkedInContactFinderControl.cab[/color][color="#000000"] (LinkedIn ContactFinderControl)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [/color][color="#000000"]http://eaglewings-eyrie.spaces.live.com//PhotoUpload/MsnPUpld.cab[/color][color="#000000"] (MSN Photo Upload Tool)
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} [/color][color="#000000"]http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab[/color][color="#000000"] (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} [/color][color="#000000"]http://upload.facebook.com/controls/FacebookPhotoUploader3.cab[/color][color="#000000"] (Facebook Photo Uploader 4 Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [/color][color="#000000"]http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab[/color][color="#000000"] (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [/color][color="#000000"]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146553036628[/color][color="#000000"] (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} [/color][color="#000000"]https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab[/color][color="#000000"] (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [/color][color="#000000"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab[/color][color="#000000"] (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [/color][color="#000000"]http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab[/color][color="#000000"] (Reg Error: Key error.)
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} [/color][color="#000000"]http://community.webshots.com/html/WSPhotoUploader.CAB[/color][color="#000000"] (Webshots Photo Uploader)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} [/color][color="#000000"]https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx[/color][color="#000000"] (Get_ActiveX Control)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} [/color][color="#000000"]http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab[/color][color="#000000"] (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} [/color][color="#000000"]http://ax.emsisoft.com/asquared.cab[/color][color="#000000"] (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [/color][color="#000000"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab[/color][color="#000000"] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [/color][color="#000000"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab[/color][color="#000000"] (Java Plug-in 1.6.0_26)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} [/color][color="#000000"]http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab[/color][color="#000000"] (Facebook Photo Uploader 4)
O16 - DPF: Microsoft XML Parser for Java [/color][color="#000000"]file://C:\WINDOWS\Java\classes\xmldso.cab[/color][/color][color="#000000"] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/28 13:41:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/28 05:25:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2011/06/27 02:52:32 | 027,634,824 | ---- | C] (                                   ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\AdbeRdr940_en_US.exe
[2011/06/27 02:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/27 00:32:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/06/24 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/06/24 13:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/06/24 13:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/24 13:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/16 02:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/06/16 02:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/06/16 02:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/06/16 02:48:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/06/15 03:46:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/14 07:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ulead.dat
[2011/06/11 21:17:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/10 20:39:17 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/10 20:27:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/09 22:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop\COMPUTER FIX STUFF JUNE 2011
[2011/06/08 08:22:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2 C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/28 05:21:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/28 05:20:47 | 000,000,317 | ---- | M] () -- C:\WINDOWS\System32\wacom.dat
[2011/06/28 05:20:19 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/28 05:19:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/28 05:19:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/28 05:19:30 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/28 05:03:27 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/28 05:02:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/28 04:52:26 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3256EB39-0743-422A-887B-7F74D01AD364}.job
[2011/06/28 04:41:47 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\prvlcl.dat
[2011/06/27 21:44:37 | 120,201,870 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/06/27 17:29:16 | 000,000,082 | ---- | M] () -- C:\WINDOWS\MPLAYER.INI
[2011/06/27 13:43:30 | 000,213,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/06/27 13:43:16 | 000,655,467 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/06/27 02:55:49 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/27 02:52:36 | 027,634,824 | ---- | M] (                                   ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\AdbeRdr940_en_US.exe
[2011/06/27 01:30:29 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SystemLook.exe
[2011/06/27 00:32:22 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SpywareBlaster.lnk
[2011/06/24 13:23:58 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/24 13:21:58 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/06/24 10:01:05 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/06/16 23:31:48 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2011/06/15 07:42:50 | 000,443,582 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/15 07:42:50 | 000,072,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/14 11:16:38 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk
[2011/06/14 07:10:09 | 000,000,078 | -H-- | M] () -- C:\WINDOWS\Xwdupv.ns
[2011/06/14 07:10:08 | 000,005,124 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI
[2011/06/13 02:37:20 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat
[2011/06/11 00:39:22 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Webshots.lnk
[2011/06/10 21:04:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/10 20:39:23 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/06/08 08:22:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2011/06/08 00:36:21 | 000,022,016 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2 C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/06/27 21:44:37 | 120,201,870 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/06/27 13:43:29 | 000,213,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/06/27 13:43:16 | 000,655,467 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/06/27 02:55:48 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/06/27 02:55:48 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/27 01:30:28 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SystemLook.exe
[2011/06/27 00:32:22 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SpywareBlaster.lnk
[2011/06/24 13:23:58 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/24 13:21:58 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/06/16 02:50:54 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/06/14 11:16:38 | 000,001,860 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk
[2011/06/13 02:37:20 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat
[2011/01/13 15:53:51 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\prvlcl.dat
[2009/12/15 14:41:19 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/12/15 14:41:19 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/12/15 14:41:19 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/12/15 14:41:18 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/12/15 12:22:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\AVSDVDPlayer.m3u
[2009/08/13 20:35:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[2009/08/10 18:21:53 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2009/08/10 18:21:53 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2009/08/10 18:21:53 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2009/04/20 22:39:18 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PERFV700SERIES.ini
[2009/04/11 17:25:09 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PRF_MI_B.INI
[2009/04/11 17:21:28 | 000,000,313 | ---- | C] () -- C:\WINDOWS\PRF_MI.INI
[2008/12/10 17:10:24 | 000,035,328 | ---- | C] () -- C:\WINDOWS\INETWH32.DLL
[2008/12/10 17:10:24 | 000,004,528 | ---- | C] () -- C:\WINDOWS\SETBROWS.EXE
[2008/12/10 17:10:23 | 000,009,136 | ---- | C] () -- C:\WINDOWS\INETWH16.DLL
[2008/08/01 16:56:31 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/08/01 16:56:28 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/08/01 16:56:28 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/08/01 16:56:28 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/08/01 16:56:28 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/08/01 16:56:28 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/08/01 16:56:28 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/08/01 16:56:28 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/08/01 16:56:28 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/08/01 16:56:28 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/08/01 16:56:28 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/08/01 16:56:28 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/08/01 16:56:28 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/08/01 16:56:28 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/08/01 16:56:28 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/08/01 16:56:28 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/08/01 16:55:20 | 000,000,077 | ---- | C] () -- C:\WINDOWS\EPSC120.ini
[2008/07/13 03:06:33 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ScratchRemoval.dll
[2008/04/18 18:51:02 | 000,096,577 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008/03/16 00:20:30 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\PnIC.dll
[2008/03/16 00:20:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\gm_dll1.dll
[2007/11/11 20:34:36 | 000,022,016 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/11 03:03:23 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/09/25 13:57:06 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/24 00:49:55 | 000,000,839 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2007/08/10 23:45:13 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/07/10 03:30:58 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\GetInst32.dll
[2007/06/21 13:01:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2007/05/28 02:59:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2007/05/19 23:41:52 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/02/04 13:14:24 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2007/01/23 17:12:16 | 000,005,515 | ---- | C] () -- C:\WINDOWS\fmachine.ini
[2006/11/20 02:15:26 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/09/23 04:39:57 | 000,000,020 | ---- | C] () -- C:\WINDOWS\HPPREC~1.INI
[2006/09/23 04:28:17 | 000,274,948 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/08/03 16:42:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006/05/18 18:32:58 | 000,068,939 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2006/05/18 18:32:58 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2006/05/17 22:06:09 | 000,000,317 | ---- | C] () -- C:\WINDOWS\System32\wacom.dat
[2006/05/17 22:06:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\TabUnst.dll
[2006/05/17 22:06:06 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\wintab.dll
[2006/05/17 22:05:02 | 000,013,408 | ---- | C] () -- C:\WINDOWS\System32\tabinst.dll
[2006/05/17 22:05:02 | 000,004,032 | ---- | C] () -- C:\WINDOWS\System32\tabins16.dll
[2006/05/02 00:04:45 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys
[2006/04/24 02:51:03 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/04/24 02:32:45 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2006/04/24 02:31:41 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/24 02:30:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/03/31 00:57:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2006/03/30 17:11:39 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[2006/03/11 23:35:17 | 000,248,832 | ---- | C] () -- C:\WINDOWS\System32\ECircles.dll
[2006/03/11 23:35:17 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\SoyWeb.dll
[2006/03/02 15:31:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/02/27 09:25:38 | 000,000,177 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/02/27 07:06:59 | 000,021,348 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\W77X4
[2006/02/26 05:05:40 | 000,000,068 | ---- | C] () -- C:\WINDOWS\PRESTOPM.INI
[2006/02/26 02:12:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2006/02/26 02:11:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2006/02/26 02:09:15 | 000,000,118 | ---- | C] () -- C:\WINDOWS\A11U.INI
[2006/02/24 22:37:16 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/02/24 22:26:45 | 000,151,552 | ---- | C] () -- C:\WINDOWS\UNUSBDRV.EXE
[2006/02/23 22:00:39 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\venlx32n.dll
[2006/02/23 16:32:08 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2006/02/23 16:28:46 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2006/02/23 16:28:45 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2006/02/23 05:13:13 | 000,005,124 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/02/23 05:04:09 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2006/02/23 05:04:09 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2006/02/23 05:04:09 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2006/02/23 05:04:09 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2006/02/23 05:04:04 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/02/23 05:04:04 | 000,048,640 | ---- | C] () -- C:\WINDOWS\catalogSubInstaller.exe
[2006/02/23 01:32:53 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/02/21 22:01:05 | 000,000,143 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2005/11/11 17:57:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/11 17:36:25 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/11/11 17:32:20 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
[2005/11/11 17:31:25 | 000,012,989 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/11/11 17:31:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/11/11 17:28:57 | 000,000,031 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/11/11 17:26:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/11 17:22:55 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/11/11 17:22:55 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/11/11 17:22:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/11/11 17:22:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/11/11 17:22:55 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/11/11 17:22:55 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/11/11 17:17:29 | 000,000,157 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/11/11 17:16:33 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2005/11/11 17:16:33 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2005/11/11 17:11:36 | 000,072,082 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2005/11/11 17:10:40 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/11/11 17:06:21 | 000,104,361 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/11/11 16:55:07 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/11/11 16:48:53 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/11/11 16:48:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/11/11 16:48:35 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/11/11 06:43:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2005/11/11 06:43:24 | 000,887,296 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/06 01:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 03:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2005/07/02 09:36:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/07/02 09:34:10 | 003,154,856 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/07/02 09:28:10 | 000,443,582 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/07/02 09:28:10 | 000,072,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/01/28 13:41:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/01/28 13:36:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/27 01:51:38 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/08 13:38:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\shortcut.exe
[2002/07/26 15:09:58 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2002/07/22 17:57:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2001/08/23 19:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 19:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
========== LOP Check ==========
 
[2009/07/09 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2011/06/16 02:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/06/22 09:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/01/07 01:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/07/17 20:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/01/07 01:44:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007/02/18 17:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2008/05/04 22:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/12/16 05:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fKpCf06308
[2011/06/16 03:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/02/26 02:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Newsoft
[2008/01/11 17:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
[2008/05/16 02:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redfield
[2006/03/25 18:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2008/01/28 01:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMSI
[2011/06/27 00:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/08/18 14:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2011/02/20 19:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/08/07 14:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/09 15:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AGI
[2009/09/01 17:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Amazon
[2008/04/18 12:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Anthropics
[2011/01/07 01:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AVG10
[2010/12/08 02:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AVG9
[2010/11/24 01:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent
[2005/11/11 17:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Digital Interactive Systems Corporation
[2006/02/23 03:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\EBookSys
[2009/04/21 04:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\EPSON
[2008/08/21 19:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Flickr
[2007/09/14 15:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\fltk.org
[2009/12/15 14:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\GetRightToGo
[2009/01/05 11:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Inkscape
[2008/10/31 01:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\InterVideo
[2010/09/27 14:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Lasersoft Imaging
[2009/04/21 00:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leader Technologies
[2006/02/23 23:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leadertech
[2011/06/06 03:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\LimeWire
[2011/02/06 16:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MP3Rocket
[2007/12/16 18:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MSNInstaller
[2006/08/25 16:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Musicmatch
[2006/02/26 02:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\NewSoft
[2009/09/03 02:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Opera
[2008/10/19 22:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Skinux
[2007/03/23 23:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Smith Micro
[2009/07/09 15:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Temp
[2006/03/31 12:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Template
[2007/09/05 10:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\uk.co.planetside
[2007/07/03 19:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Uniblue
[2006/02/25 07:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Webshots
[2008/04/18 18:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\WinBatch
[2011/06/28 04:52:26 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3256EB39-0743-422A-887B-7F74D01AD364}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\fft.rar:SummaryInformation
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D6E5D55[/color]

[color="#000000"]< End of report >
[/color]

Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Missing rundll32.exe and other annoyances
« Reply #46 on: June 29, 2011, 10:58:19 PM »
Try uninstalling AVG, reboot the computer
Again, run the uninstaller for AVG
Reboot the computer, how is the computer then running?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #47 on: June 30, 2011, 03:57:28 PM »
[quote name='guestolo' timestamp='1309406299' post='479894']
Try uninstalling AVG, reboot the computer
Again, run the uninstaller for AVG
Reboot the computer, how is the computer then running?
[/quote]


AVG uninstalled, but computer hung at the end, had to shut down via power strip. Turned it back on, AVG uninstaller popped up etc., program uninstalled. Computer funning SO much faster, even social websites, webshots, etc - links work more quickly, mail isn't stuck in molasses waiting to open, Photoshop opened quickly, worked well - at least for the short time used to test it. So it seems to be AVG hogging resources and slowing things down.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Missing rundll32.exe and other annoyances
« Reply #48 on: June 30, 2011, 04:24:51 PM »
If you missed this step
Can you ensure that you also run the uninstaller for AVG from here
http://www.avg.com/us-en/utilities
Reboot after removal

Back in Windows
Ensure that Windows Firewall is enabled
Go into Windows Control panel, open the Firewall and ensure it's on

For testing, or you may want to keep this
Can you download and install the Free version of Avast antiVirus from here
http://www.avast.com/free-antivirus-download
Just choose the Free version, it's quite good
After you click Download, choose No thanks, I want free protection
Save the installer to desktop, run it and follow the prompts
After is finished installing and updating
Can you reboot the computer

Run a Quick Scan with OTL.exe again and post the new log, make sure we don't see any leftovers of AVG
Let me know how the computer is running with Avast installed please
« Last Edit: June 30, 2011, 04:25:38 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #49 on: June 30, 2011, 10:27:15 PM »
[quote name='guestolo' timestamp='1309469091' post='479904']
If you missed this step
Can you ensure that you also run the uninstaller for AVG from here
http://www.avg.com/us-en/utilities
Reboot after removal

Back in Windows
Ensure that Windows Firewall is enabled
Go into Windows Control panel, open the Firewall and ensure it's on

For testing, or you may want to keep this
Can you download and install the Free version of Avast antiVirus from here
http://www.avast.com...ivirus-download
Just choose the Free version, it's quite good
After you click Download, choose No thanks, I want free protection
Save the installer to desktop, run it and follow the prompts
After is finished installing and updating
Can you reboot the computer

Run a Quick Scan with OTL.exe again and post the new log, make sure we don't see any leftovers of AVG
Let me know how the computer is running with Avast installed please
[/quote]


Did use the tool to remove AVG, but did it again anyway. Had already enabled Windows Firewall, thanks; checked through Control Panel to be certain, it's enabled. With Avast, there's still a lag, but computer is nowhere near as slow as with AVG. Here's the OTL quick scan log:

OTL logfile created on: 6/30/2011 11:11:30 PM - Run 6
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
958.48 Mb Total Physical Memory | 502.96 Mb Available Physical Memory | 52.47% Memory free
2.26 Gb Paging File | 1.91 Gb Available in Paging File | 84.42% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178.30 Gb Total Space | 64.64 Gb Free Space | 36.25% Space Free | Partition Type: NTFS
Drive D: | 8.00 Gb Total Space | 1.01 Gb Free Space | 12.64% Space Free | Partition Type: FAT32
 
Computer Name: YOUR-55E5F9E3D2 | User Name: Compaq_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AGI\core\3.1\AGCoreService.exe (AG Interactive)
PRC - C:\Program Files\Webshots\3.1.5.7613\Webshots.scr (Webshots.com)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\arservice.exe (Microsoft)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\TabHook.dll (Wacom Technology, Corp.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll ()
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AGCoreService) -- C:\Program Files\AGI\core\3.1\AGCoreService.exe (AG Interactive)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Stuffit Archive Name Service) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (ARSVC) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (InCDsrvR) InCD Helper (read only) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (TabletService) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (MREMPR5) -- C:\Program Files\Common Files\Motive\MREMPR5.sys (Motive, Inc.)
DRV - (MRENDIS5) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (CO_Mon) -- C:\WINDOWS\system32\drivers\CO_Mon.sys ()
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)
DRV - (fasttx2k) -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (PenClass) -- C:\WINDOWS\System32\Drivers\PenClass.sys (Wacom Technology Corporation)
DRV - (ATMhelpr) -- C:\WINDOWS\System32\drivers\ATMHELPR.SYS (Adobe Systems Incorporated)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.geocities.com/m.spatafore/index.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Webshots\3.1.5.7613\Firefox [2009/07/09 15:25:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 22:36:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 10:01:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2011/02/20 18:56:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2011/06/27 02:55:47 | 000,000,000 | ---D | M]
 
[2009/03/06 08:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2009/03/06 08:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\[email protected]
 
O1 HOSTS File: ([2011/06/10 21:04:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (FlpLauncher Class) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipAlbum 5 Suite\FpLaunch.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Webshots Toolbar) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:\Program Files\Webshots\3.1.5.7613\WSToolbar4IE.dll (Webshots.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Webshots Toolbar) - {C17590D2-ECB4-4B15-8820-F58798DCC118} - C:\Program Files\Webshots\3.1.5.7613\WSToolbar4IE.dll (Webshots.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PCDrProfiler]  File not found
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\bak\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Webshots Photo Search - C:\Program Files\Webshots\3.1.5.7613\WSToolbar4IE.dll (Webshots.com)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} https://h20278.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} http://community.webshots.com/html/atx/wsaxcontrol.cab (Webshots Multiple Media Uploader - Container)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} http://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab (DLM Control)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://eaglewings-eyrie.spaces.live.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146553036628 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} http://community.webshots.com/html/WSPhotoUploader.CAB (Webshots Photo Uploader)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx (Get_ActiveX Control)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab (Facebook Photo Uploader 4)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/28 13:41:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/30 22:24:32 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/06/30 22:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/06/30 22:24:31 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/06/30 22:24:29 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/06/30 22:24:29 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/06/30 22:24:28 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/30 22:24:28 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/06/30 22:24:28 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/06/30 22:24:27 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/06/30 22:24:14 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/06/30 22:24:14 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/06/30 22:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/30 22:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/28 05:25:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2011/06/27 02:52:32 | 027,634,824 | ---- | C] (                                   ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\AdbeRdr940_en_US.exe
[2011/06/27 02:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/27 00:32:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/06/24 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/06/24 13:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/06/24 13:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/24 13:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/15 03:46:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/14 07:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ulead.dat
[2011/06/11 21:17:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/10 20:39:17 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/10 20:27:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/09 22:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop\COMPUTER FIX STUFF JUNE 2011
[2011/06/08 08:22:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2 C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/30 23:08:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/30 23:07:49 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/30 23:07:45 | 000,000,317 | ---- | M] () -- C:\WINDOWS\System32\wacom.dat
[2011/06/30 23:07:28 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/30 23:07:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/30 23:07:01 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/30 23:03:15 | 000,000,082 | ---- | M] () -- C:\WINDOWS\MPLAYER.INI
[2011/06/30 23:02:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/30 22:49:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/30 22:24:32 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/06/30 22:24:28 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/30 22:04:14 | 058,064,040 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\setup_av_free.exe
[2011/06/30 12:02:32 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3256EB39-0743-422A-887B-7F74D01AD364}.job
[2011/06/30 09:41:31 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\prvlcl.dat
[2011/06/29 09:02:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/27 02:55:49 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/27 02:52:36 | 027,634,824 | ---- | M] (                                   ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\AdbeRdr940_en_US.exe
[2011/06/27 01:30:29 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SystemLook.exe
[2011/06/27 00:32:22 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SpywareBlaster.lnk
[2011/06/24 13:21:58 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/06/16 23:31:48 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2011/06/15 07:42:50 | 000,443,582 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/15 07:42:50 | 000,072,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/14 11:16:38 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk
[2011/06/14 07:10:09 | 000,000,078 | -H-- | M] () -- C:\WINDOWS\Xwdupv.ns
[2011/06/14 07:10:08 | 000,005,124 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI
[2011/06/13 02:37:20 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat
[2011/06/11 00:39:22 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Webshots.lnk
[2011/06/10 21:04:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/10 20:39:23 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/06/08 08:22:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2011/06/08 00:36:21 | 000,022,016 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Administrator\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/06/30 22:24:32 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/06/30 22:04:04 | 058,064,040 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\setup_av_free.exe
[2011/06/27 02:55:48 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/06/27 02:55:48 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/27 01:30:28 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SystemLook.exe
[2011/06/27 00:32:22 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SpywareBlaster.lnk
[2011/06/24 13:23:58 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/24 13:21:58 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/06/14 11:16:38 | 000,001,860 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk
[2011/06/13 02:37:20 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat
[2011/01/13 15:53:51 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\prvlcl.dat
[2009/12/15 14:41:19 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/12/15 14:41:19 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/12/15 14:41:19 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/12/15 14:41:18 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/12/15 12:22:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\AVSDVDPlayer.m3u
[2009/08/13 20:35:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[2009/08/10 18:21:53 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2009/08/10 18:21:53 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2009/08/10 18:21:53 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2009/04/20 22:39:18 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PERFV700SERIES.ini
[2009/04/11 17:25:09 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PRF_MI_B.INI
[2009/04/11 17:21:28 | 000,000,313 | ---- | C] () -- C:\WINDOWS\PRF_MI.INI
[2008/12/10 17:10:24 | 000,035,328 | ---- | C] () -- C:\WINDOWS\INETWH32.DLL
[2008/12/10 17:10:24 | 000,004,528 | ---- | C] () -- C:\WINDOWS\SETBROWS.EXE
[2008/12/10 17:10:23 | 000,009,136 | ---- | C] () -- C:\WINDOWS\INETWH16.DLL
[2008/08/01 16:56:31 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/08/01 16:56:28 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/08/01 16:56:28 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/08/01 16:56:28 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/08/01 16:56:28 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/08/01 16:56:28 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/08/01 16:56:28 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/08/01 16:56:28 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/08/01 16:56:28 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/08/01 16:56:28 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/08/01 16:56:28 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/08/01 16:56:28 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/08/01 16:56:28 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/08/01 16:56:28 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/08/01 16:56:28 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/08/01 16:56:28 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/08/01 16:55:20 | 000,000,077 | ---- | C] () -- C:\WINDOWS\EPSC120.ini
[2008/07/13 03:06:33 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ScratchRemoval.dll
[2008/04/18 18:51:02 | 000,096,577 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008/03/16 00:20:30 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\PnIC.dll
[2008/03/16 00:20:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\gm_dll1.dll
[2007/11/11 20:34:36 | 000,022,016 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/11 03:03:23 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/09/25 13:57:06 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/24 00:49:55 | 000,000,839 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2007/08/10 23:45:13 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/07/10 03:30:58 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\GetInst32.dll
[2007/06/21 13:01:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2007/05/28 02:59:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2007/05/19 23:41:52 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/02/04 13:14:24 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2007/01/23 17:12:16 | 000,005,515 | ---- | C] () -- C:\WINDOWS\fmachine.ini
[2006/11/20 02:15:26 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/09/23 04:39:57 | 000,000,020 | ---- | C] () -- C:\WINDOWS\HPPREC~1.INI
[2006/09/23 04:28:17 | 000,274,948 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/08/03 16:42:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006/06/12 15:43:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006/05/18 18:32:58 | 000,068,939 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2006/05/18 18:32:58 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2006/05/17 22:06:09 | 000,000,317 | ---- | C] () -- C:\WINDOWS\System32\wacom.dat
[2006/05/17 22:06:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\TabUnst.dll
[2006/05/17 22:06:06 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\wintab.dll
[2006/05/17 22:05:02 | 000,013,408 | ---- | C] () -- C:\WINDOWS\System32\tabinst.dll
[2006/05/17 22:05:02 | 000,004,032 | ---- | C] () -- C:\WINDOWS\System32\tabins16.dll
[2006/05/02 00:04:45 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys
[2006/04/24 02:51:03 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/04/24 02:32:45 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2006/04/24 02:31:41 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/24 02:30:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/03/31 00:57:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2006/03/30 17:11:39 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[2006/03/11 23:35:17 | 000,248,832 | ---- | C] () -- C:\WINDOWS\System32\ECircles.dll
[2006/03/11 23:35:17 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\SoyWeb.dll
[2006/03/02 15:31:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/02/27 09:25:38 | 000,000,177 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/02/27 07:06:59 | 000,021,348 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\W77X4
[2006/02/26 05:05:40 | 000,000,068 | ---- | C] () -- C:\WINDOWS\PRESTOPM.INI
[2006/02/26 02:12:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2006/02/26 02:11:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2006/02/26 02:09:15 | 000,000,118 | ---- | C] () -- C:\WINDOWS\A11U.INI
[2006/02/24 22:37:16 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/02/24 22:26:45 | 000,151,552 | ---- | C] () -- C:\WINDOWS\UNUSBDRV.EXE
[2006/02/23 22:00:39 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\venlx32n.dll
[2006/02/23 16:32:08 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2006/02/23 16:28:46 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2006/02/23 16:28:45 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2006/02/23 05:13:13 | 000,005,124 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/02/23 05:04:09 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2006/02/23 05:04:09 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2006/02/23 05:04:09 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2006/02/23 05:04:09 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2006/02/23 05:04:04 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/02/23 05:04:04 | 000,048,640 | ---- | C] () -- C:\WINDOWS\catalogSubInstaller.exe
[2006/02/23 01:32:53 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/02/21 22:01:05 | 000,000,143 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2005/11/11 17:57:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/11 17:36:25 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/11/11 17:32:20 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
[2005/11/11 17:31:25 | 000,012,989 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/11/11 17:31:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/11/11 17:28:57 | 000,000,031 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/11/11 17:26:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/11 17:22:55 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/11/11 17:22:55 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/11/11 17:22:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/11/11 17:22:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/11/11 17:22:55 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/11/11 17:22:55 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/11/11 17:17:29 | 000,000,157 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/11/11 17:16:33 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2005/11/11 17:16:33 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2005/11/11 17:11:36 | 000,072,082 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2005/11/11 17:10:40 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/11/11 17:06:21 | 000,104,361 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/11/11 16:55:07 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/11/11 16:48:53 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/11/11 16:48:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/11/11 16:48:35 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/11/11 06:43:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2005/11/11 06:43:24 | 000,887,296 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/06 01:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 03:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2005/07/02 09:36:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/07/02 09:34:10 | 003,154,856 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/07/02 09:28:10 | 000,443,582 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/07/02 09:28:10 | 000,072,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/01/28 13:41:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/01/28 13:36:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/27 01:51:38 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/08 13:38:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\shortcut.exe
[2002/07/26 15:09:58 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2002/07/22 17:57:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2001/08/23 19:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 19:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
========== LOP Check ==========
 
[2009/07/09 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2011/06/30 22:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/07 01:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/07/17 20:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/01/07 01:44:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007/02/18 17:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2008/05/04 22:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/12/16 05:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fKpCf06308
[2011/06/16 03:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/02/26 02:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Newsoft
[2008/01/11 17:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
[2008/05/16 02:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redfield
[2006/03/25 18:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2008/01/28 01:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMSI
[2011/06/27 00:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/08/18 14:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2011/02/20 19:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/08/07 14:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/09 15:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AGI
[2009/09/01 17:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Amazon
[2008/04/18 12:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Anthropics
[2010/12/08 02:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AVG9
[2010/11/24 01:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent
[2005/11/11 17:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Digital Interactive Systems Corporation
[2006/02/23 03:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\EBookSys
[2009/04/21 04:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\EPSON
[2008/08/21 19:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Flickr
[2007/09/14 15:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\fltk.org
[2009/12/15 14:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\GetRightToGo
[2009/01/05 11:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Inkscape
[2008/10/31 01:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\InterVideo
[2010/09/27 14:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Lasersoft Imaging
[2009/04/21 00:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leader Technologies
[2006/02/23 23:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leadertech
[2011/06/06 03:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\LimeWire
[2011/02/06 16:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MP3Rocket
[2007/12/16 18:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MSNInstaller
[2006/08/25 16:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Musicmatch
[2006/02/26 02:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\NewSoft
[2009/09/03 02:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Opera
[2008/10/19 22:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Skinux
[2007/03/23 23:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Smith Micro
[2009/07/09 15:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Temp
[2006/03/31 12:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Template
[2007/09/05 10:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\uk.co.planetside
[2007/07/03 19:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Uniblue
[2006/02/25 07:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Webshots
[2008/04/18 18:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\WinBatch
[2011/06/30 12:02:32 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3256EB39-0743-422A-887B-7F74D01AD364}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\fft.rar:SummaryInformation
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D6E5D55

< End of report >


Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Missing rundll32.exe and other annoyances
« Reply #50 on: June 30, 2011, 11:23:18 PM »
You look as if you have enough RAM, so that shouldn't be a problem
There could be a conflict with Avast and Windows Defender
Why not try the following
Double  click on OTL.exe and Run it
  • Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
    Quote
    :OTL
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found

  • Then click the [color="#FF0000"]Run Fix[/color] button at the top
  • Let the program run unhindered

Try accessing your Add and Remove programs and uninstall Windows Defender
Reboot the computer afterwards
Back in Windows

Let's ensure that your harddisk is free of errors
# Double-click My Computer, and then right-click on your C: drive
# Click Properties, and then click Tools.
# Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
Select both options

Click Yes to schedule the disk check, and then restart your computer to start the disk check.
This can take awhile
After it's done, your computer will start normally, keep me informed how things are doing please

In addition, can you let me know if you have an HP printer installed to this computer?
Look in Printer and Faxes in Control Panel
Any Printers found that are no longer used?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #51 on: July 01, 2011, 04:31:29 AM »
[quote name='guestolo' timestamp='1309494198' post='479907']
You look as if you have enough RAM, so that shouldn't be a problem
There could be a conflict with Avast and Windows Defender
Why not try the following
Double  click on OTL.exe and Run it
  • Under the [color="#0000ff"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
  • Then click the [color="#ff0000"]Run Fix[/color] button at the top
  • Let the program run unhindered
Try accessing your Add and Remove programs and uninstall Windows Defender
Reboot the computer afterwards
Back in Windows

Let's ensure that your harddisk is free of errors
# Double-click My Computer, and then right-click on your C: drive
# Click Properties, and then click Tools.
# Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
Select both options

Click Yes to schedule the disk check, and then restart your computer to start the disk check.
This can take awhile
After it's done, your computer will start normally, keep me informed how things are doing please

In addition, can you let me know if you have an HP printer installed to this computer?
Look in Printer and Faxes in Control Panel
Any Printers found that are no longer used?
[/quote]

All utilities run. There is no HP printer installed, but Compaq and HP merged before I purchased this machine (2005-2006), so I used to get pop-ups from HP; I don't remember if I disabled the pop-ups but must have since I haven't gotten them in quite some time.

I have duplicates of an Epson Stylus C120 (Copy 1), and also as Epson Stylus C120 Series 0. It's a printer I don't use often, so not sure which is the version used although I think it's the (Copy 1). I don't use the Generic Post Script Printer or the Progeny PDF printer. The Fax and Microsoft XPS Document writer I think came preinstalled, never used.

The computer seems to be running smoothly.
Logged

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #52 on: July 01, 2011, 10:12:16 PM »
The one thing I haven't tried is connecting my external hard drive to test it.
Logged

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #53 on: July 03, 2011, 10:59:27 PM »
No problems with external hard drive being recognized, or transferring files.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Missing rundll32.exe and other annoyances
« Reply #54 on: July 06, 2011, 11:17:12 PM »
Sorry for the delay, the wife and I were on a small holiday, just got back to town
Can you Open OTL.exe and choose the CLEANUP option

Let it run, and reboot when prompted
Let me know one last time how things are running please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #55 on: July 07, 2011, 11:44:13 AM »
[quote name='guestolo' timestamp='1310012232' post='479939']
Sorry for the delay, the wife and I were on a small holiday, just got back to town
Can you Open OTL.exe and choose the CLEANUP option

Let it run, and reboot when prompted
Let me know one last time how things are running please
[/quote]


No problem; hope you had a nice mini-vacation.

Computer seems to be running fine now, except for programs shutting down unexpectedly, although I think that's probably the app, not the computer.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Missing rundll32.exe and other annoyances
« Reply #56 on: July 07, 2011, 02:20:36 PM »
Quote
except for programs shutting down unexpectedly, although I think that's probably the app, not the computer.

What do you mean by that?
Which programs, all of them? Any error messages involved?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jannetie

  • Newbie
  • *
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Missing rundll32.exe and other annoyances
« Reply #57 on: July 08, 2011, 01:00:23 PM »
[quote name='guestolo' timestamp='1310066436' post='479946']
What do you mean by that?
Which programs, all of them? Any error messages involved?
[/quote]


Photoshop and Word shut down sometimes, Word freezes up occasionally (it hasn't happened since your fixes). With Photoshop (and earlier with Word) I'll get a pop-up saying an error has occurred and PS must close - it started happening 4 or 5 months ago and I thought I brought it on by having too many large images open at once, since it was just after I got a new camera that takes higher res photos. Since then, it happens occasionally so I save work often so as not to lose too much. An odd thing happens with Word in that when I open a new (blank) document, it opens up with the last one I had open before the computer went screwy. Not a prob, I just clear the text and go from there. I've tried changing the settings (new doc, blank template etc), but it always reverts back to that same document on opening.

I use PS CS3 Extended and MS Word 2000; Office 2000 is no longer supported by MS I think; I haven't tried using Publisher for any length of time, but it opens and I've worked in it briefly just as a test. But PS shut down quite unexpectedly a few days ago, not long after I rebooted the computer, so I'm guessing resources weren't too low. I rebooted, opened up PS again it and stayed open with no problems during the time I was using it, and is still open right now and hasn't been a problem since early this AM when I used it last. I haven't worked in it since then.

I'm hesitant about uninstalling/re-installing PS in case I can't get it to work. A friend loaded it onto my computer for me several years ago. I'd like to find an unused version with key at a reduced price, but haven't seen anything for sale (as Adobe sometimes offers older versions of programs for highly reduced prices) except on ebay, and I don't trust ebay to sell a good version with a legitimate key or registration number for any software. More recent versions of PS don't work well (way too slow) on my machine; I've tried CS4 from Adobe in trial mode. CS5 needs more power than I have available, so I never tried the month-long free trial for that one. And now they're up one more generation to PS CS5a or something like that. PS sells for more than I make in SS in a month, and in this economy people wanting photos restored has pretty much dried up - I get a half dozen good jobs a year if I'm lucky. But, I still use PS for my own artwork, so don't want to lose it.
Logged
Pages: 1 2 [3]
« previous next »