Jump to content

dooglo

Advanced Member
  • Content Count

    375
  • Joined

  • Last visited

Everything posted by dooglo

  1. Hey thanks a bunch for helping. It seems a little better, but Like I said, I think it's time to upgrade. We'll see how long this thing keeps ticking while I price up some other components. Thanks, D.
  2. Here's the other. OTL logfile created on: 4/12/2010 4:27:06 PM - Run 5 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 69.83 Gb Free Space | 54.56% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 182.98 Gb Free Space | 61.38% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOUG-DMDCNG6 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC) PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (PCPitstop Scheduling) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC) SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (vmm) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation) DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.) DRV - (VBoxDrv) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys (Sun Microsystems, Inc.) DRV - (VBoxNetFlt) -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys (Sun Microsystems, Inc.) DRV - (VBoxUSBMon) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys (Sun Microsystems, Inc.) DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.) DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.22\RivaTuner32.sys () DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (regi) -- C:\WINDOWS\system32\drivers\regi.sys (InterVideo) DRV - (VPCNetS2) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?rd=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 F5 18 E0 27 A9 CA 01 [binary data] IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/18 22:01:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/06/17 23:39:17 | 000,000,000 | ---D | M] [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2010/01/31 23:05:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/02/20 20:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions [2010/02/01 10:44:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.22\RivaTuner.exe () O4 - HKLM..\Run: [standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) O4 - HKLM..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Corel TW Corp.) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/16 15:48:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/04/12 16:10:48 | 000,000,000 | ---D | C] -- C:\_OTL [2010/04/10 13:17:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010/04/10 13:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avira [2010/04/10 13:12:16 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/04/10 13:12:16 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/04/10 13:12:16 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/04/10 13:12:16 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/04/10 13:12:16 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/04/10 13:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/04/10 13:12:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/04/10 12:54:55 | 000,854,064 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Administrator\Desktop\Norton_Removal_Tool.exe [2010/04/09 13:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/04/09 13:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/04/09 13:39:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/04/09 13:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/04/09 13:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010/04/07 18:53:35 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/04/07 18:52:39 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\StartUpLite.exe [2010/04/05 14:12:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010/04/05 14:12:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010/04/05 14:12:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010/04/05 14:12:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010/04/03 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/03/24 23:06:02 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/17 21:53:42 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010/03/17 21:53:42 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2009/12/17 13:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2009/08/26 15:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2009/07/22 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009/07/01 06:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/06/27 20:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/06/18 06:19:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2009/06/16 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/06/16 15:47:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft ========== Files - Modified Within 30 Days ========== [2010/04/12 16:22:21 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/04/12 16:22:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/04/12 16:21:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/04/12 16:21:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/04/12 16:20:04 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/04/12 16:20:04 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/04/12 16:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/04/12 16:09:35 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34DE10EE-507B-41A4-975C-439C7EA18C91}.job [2010/04/12 15:17:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/04/11 17:02:01 | 000,215,152 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010/04/11 16:05:21 | 000,137,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010/04/11 15:56:40 | 000,000,409 | ---- | M] () -- C:\WINDOWS\Trpmaker.INI [2010/04/11 15:56:23 | 000,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd [2010/04/10 13:12:21 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/04/10 12:55:00 | 000,854,064 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Administrator\Desktop\Norton_Removal_Tool.exe [2010/04/09 15:51:18 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Administrator\default.pls [2010/04/09 15:47:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/04/09 13:40:14 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010/04/09 13:36:52 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/04/09 13:22:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/04/07 18:53:40 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/04/07 18:52:40 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\StartUpLite.exe [2010/04/07 16:15:32 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2010/04/02 19:14:24 | 003,739,018 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/04/02 19:04:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 16:53:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/01 19:44:14 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/04/01 19:37:00 | 000,005,694 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2010/03/26 22:17:07 | 000,293,376 | ---- | M] () -- C:\lhsh7zn0.exe [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/19 09:42:48 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/03/19 09:42:48 | 000,443,132 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/03/19 09:42:48 | 000,072,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/03/17 21:53:42 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010/03/17 21:53:42 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2010/03/16 00:51:59 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe ========== Files Created - No Company Name ========== [2010/04/10 13:12:21 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/04/09 13:40:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010/04/09 13:36:52 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/04/02 19:04:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 13:10:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/01 19:44:14 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/03/26 22:17:03 | 000,293,376 | ---- | C] () -- C:\lhsh7zn0.exe [2010/02/26 06:47:01 | 001,380,352 | ---- | C] () -- C:\WINDOWS\System32\mpich2shmp.dll [2010/02/26 06:47:01 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\mpich2shm.dll [2010/02/26 06:47:01 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\mpich2mpi.dll [2010/02/26 06:47:00 | 001,196,032 | ---- | C] () -- C:\WINDOWS\System32\mpich2.dll [2009/11/08 21:29:41 | 000,986,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/11/07 23:01:03 | 000,209,040 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/11/07 23:01:03 | 000,204,944 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/11/07 23:01:03 | 000,192,656 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/11/07 23:01:03 | 000,024,720 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/11/07 19:14:56 | 000,005,694 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009/11/07 19:14:56 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\14F9E41E8C.sys [2009/10/03 16:15:16 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/21 23:56:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll [2009/08/04 21:24:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 21:24:17 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/07/23 13:58:09 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disney.ini [2009/07/23 13:57:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2009/06/26 18:52:20 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/26 05:26:44 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI [2009/06/26 05:26:22 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll [2009/06/26 05:26:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll [2009/06/26 05:26:21 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\Leaddib.drv [2009/06/26 05:26:21 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\Fprun300.dll [2009/06/19 05:36:53 | 000,031,897 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/06/19 05:36:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/06/18 22:41:34 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2009/06/18 20:50:11 | 000,137,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/06/18 20:50:11 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys [2009/06/18 12:31:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/17 23:00:54 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL [2009/06/17 22:59:24 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2002/03/16 18:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL [2002/02/27 18:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll [1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/01/12 02:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB0B938 @Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40CD440D @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38673444 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:140CF428 @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10151AE6 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404800E7 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8342E7B @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > D.
  3. Here's the output of the first scan asked for. All processes killed ========== OTL ========== Service mpich2_smpd stopped successfully! Service mpich2_smpd deleted successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 632961 bytes ->Temporary Internet Files folder emptied: 197267461 bytes ->Java cache emptied: 31543 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 9648 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 53217 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 675 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 138782560 bytes Total Files Cleaned = 321.00 mb OTL by OldTimer - Version 3.1.37.3 log created on 04122010_161048 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBD28.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBD7B.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE72A.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE744.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEBFE.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEC33.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEDD2.tmp not found! File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEDEC.tmp not found! Registry entries deleted on Reboot... starting other one now. D.
  4. Alrighty, did all that. Here's the new OTL log file. OTL logfile created on: 4/10/2010 3:55:29 PM - Run 4 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 72.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 69.71 Gb Free Space | 54.46% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 182.98 Gb Free Space | 61.38% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOUG-DMDCNG6 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/03/16 15:36:32 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/03/02 10:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009/09/09 14:06:36 | 000,105,616 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe PRC - [2009/06/17 19:12:35 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (SafeList) ========== MOD - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (mpich2_smpd) SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/03/16 15:36:32 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009/11/06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - [2010/04/10 14:26:51 | 000,137,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2010/03/01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010/02/16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/01/11 22:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009/11/22 09:10:06 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm) DRV - [2009/11/10 15:54:18 | 000,095,568 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009/11/10 15:54:12 | 000,116,560 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2009/11/10 15:53:54 | 000,104,016 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009/11/10 15:53:54 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009/11/07 23:26:39 | 000,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009/05/11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/04/03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2008/12/29 02:30:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.22\RivaTuner32.sys -- (RivaTuner32) DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007/07/09 19:56:00 | 004,449,280 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi) DRV - [2007/01/29 07:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2) DRV - [2006/11/27 02:33:54 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/11/27 02:33:50 | 000,058,368 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/06/28 03:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?rd=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 F5 18 E0 27 A9 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..network.proxy.no_proxies_on: "*.local" [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/02/20 20:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions [2010/02/01 10:44:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.22\RivaTuner.exe () O4 - HKLM..\Run: [standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) O4 - HKLM..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Corel TW Corp.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/16 15:48:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{434f4d08-23e6-11df-ad5c-0025110e8e25}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/04/10 13:17:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010/04/10 13:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avira [2010/04/10 13:12:16 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/04/10 13:12:16 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/04/10 13:12:16 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/04/10 13:12:16 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/04/10 13:12:16 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/04/10 13:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/04/10 13:12:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/04/10 12:54:55 | 000,854,064 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Administrator\Desktop\Norton_Removal_Tool.exe [2010/04/09 13:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/04/09 13:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/04/09 13:39:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/04/09 13:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/04/09 13:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010/04/07 18:53:35 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/04/07 18:52:39 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\StartUpLite.exe [2010/04/05 14:12:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010/04/05 14:12:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010/04/05 14:12:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010/04/05 14:12:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010/04/03 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/03/24 23:06:02 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/17 21:53:42 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010/03/17 21:53:42 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2009/12/17 13:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2009/08/26 15:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2009/07/22 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009/07/01 06:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/06/27 20:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/06/18 06:19:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2009/06/16 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/06/16 15:47:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft ========== Files - Modified Within 30 Days ========== [2010/04/10 15:19:18 | 000,215,152 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010/04/10 15:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/04/10 15:17:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/04/10 14:26:51 | 000,137,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010/04/10 14:12:42 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34DE10EE-507B-41A4-975C-439C7EA18C91}.job [2010/04/10 13:12:21 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/04/10 13:03:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/04/10 13:02:46 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/04/10 13:02:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/04/10 13:02:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/04/10 13:01:32 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/04/10 12:56:26 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/04/10 12:55:00 | 000,854,064 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Administrator\Desktop\Norton_Removal_Tool.exe [2010/04/09 21:48:45 | 000,000,409 | ---- | M] () -- C:\WINDOWS\Trpmaker.INI [2010/04/09 15:51:18 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Administrator\default.pls [2010/04/09 15:47:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/04/09 13:40:14 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010/04/09 13:36:52 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/04/09 13:22:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/04/07 18:53:40 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/04/07 18:52:40 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\StartUpLite.exe [2010/04/07 16:15:32 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2010/04/02 19:14:24 | 003,739,018 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/04/02 19:04:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 16:53:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/01 19:44:14 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/04/01 19:37:00 | 000,005,694 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2010/03/26 22:17:07 | 000,293,376 | ---- | M] () -- C:\lhsh7zn0.exe [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/19 09:42:48 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/03/19 09:42:48 | 000,443,132 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/03/19 09:42:48 | 000,072,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/03/17 21:53:42 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010/03/17 21:53:42 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2010/03/16 00:51:59 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe [2010/03/12 16:35:33 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk [2010/03/12 11:26:36 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE ========== Files Created - No Company Name ========== [2010/04/10 13:12:21 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/04/09 13:40:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010/04/09 13:36:52 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/04/02 19:04:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 13:10:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/01 19:44:14 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/03/26 22:17:03 | 000,293,376 | ---- | C] () -- C:\lhsh7zn0.exe [2010/02/26 06:47:01 | 001,380,352 | ---- | C] () -- C:\WINDOWS\System32\mpich2shmp.dll [2010/02/26 06:47:01 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\mpich2shm.dll [2010/02/26 06:47:01 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\mpich2mpi.dll [2010/02/26 06:47:00 | 001,196,032 | ---- | C] () -- C:\WINDOWS\System32\mpich2.dll [2009/11/08 21:29:41 | 000,986,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/11/07 23:01:03 | 000,209,040 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/11/07 23:01:03 | 000,204,944 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/11/07 23:01:03 | 000,192,656 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/11/07 23:01:03 | 000,024,720 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/11/07 19:14:56 | 000,005,694 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009/11/07 19:14:56 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\14F9E41E8C.sys [2009/10/03 16:15:16 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/21 23:56:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll [2009/08/04 21:24:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 21:24:17 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/07/23 13:58:09 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disney.ini [2009/07/23 13:57:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2009/06/26 18:52:20 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/26 05:26:44 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI [2009/06/26 05:26:22 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll [2009/06/26 05:26:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll [2009/06/26 05:26:21 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\Leaddib.drv [2009/06/26 05:26:21 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\Fprun300.dll [2009/06/19 05:36:53 | 000,031,897 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/06/19 05:36:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/06/18 22:41:34 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2009/06/18 20:50:11 | 000,137,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/06/18 20:50:11 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys [2009/06/18 12:31:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/17 23:00:54 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL [2009/06/17 22:59:24 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2002/03/16 18:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL [2002/02/27 18:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll [1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/01/12 02:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB0B938 @Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40CD440D @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38673444 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:140CF428 @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10151AE6 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404800E7 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8342E7B @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > D.
  5. It would have to be FREE. such as????
  6. Here it is. OTL logfile created on: 4/8/2010 6:13:33 PM - Run 3 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 69.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 70.15 Gb Free Space | 54.81% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 183.01 Gb Free Space | 61.40% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOUG-DMDCNG6 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe PRC - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009/09/09 14:06:36 | 000,105,616 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe PRC - [2009/08/22 00:37:15 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe PRC - [2009/06/17 19:12:35 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (SafeList) ========== MOD - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (mpich2_smpd) SRV - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009/11/06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - [2009/08/22 00:37:15 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -- (Norton AntiVirus) SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - [2010/02/03 03:00:00 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100408.002\NAVEX15.SYS -- (NAVEX15) DRV - [2010/02/03 03:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100408.002\NAVENG.SYS -- (NAVENG) DRV - [2010/01/27 20:46:44 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\ccHPx86.sys -- (ccHP) DRV - [2010/01/11 22:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009/11/22 09:10:06 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm) DRV - [2009/11/10 15:54:18 | 000,095,568 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009/11/10 15:54:12 | 000,116,560 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2009/11/10 15:53:54 | 000,104,016 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009/11/10 15:53:54 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009/11/07 23:26:39 | 000,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2009/10/28 16:37:22 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100402.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2009/08/26 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/08/26 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/08/22 00:37:16 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SYMEFA.SYS -- (SymEFA) DRV - [2009/08/22 00:37:16 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SRTSP.SYS -- (SRTSP) DRV - [2009/08/22 00:37:16 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\BHDrvx86.sys -- (BHDrvx86) DRV - [2009/08/22 00:37:16 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMTDI.SYS -- (SYMTDI) DRV - [2009/08/22 00:37:16 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS -- (SYMFW) DRV - [2009/08/22 00:37:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2009/08/22 00:37:16 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS -- (SYMNDIS) DRV - [2009/08/22 00:37:16 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS -- (SYMIDS) DRV - [2009/08/19 06:08:17 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2009/08/18 12:59:24 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP) DRV - [2009/08/18 12:59:24 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM) DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009/04/03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2008/12/29 02:30:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.22\RivaTuner32.sys -- (RivaTuner32) DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007/07/09 19:56:00 | 004,449,280 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi) DRV - [2007/01/29 07:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2) DRV - [2006/11/27 02:33:54 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/11/27 02:33:50 | 000,058,368 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/06/28 03:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?rd=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 F5 18 E0 27 A9 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..network.proxy.no_proxies_on: "*.local" [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/02/20 20:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions [2010/02/01 10:44:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.22\RivaTuner.exe () O4 - HKLM..\Run: [standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) O4 - HKLM..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Corel TW Corp.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/16 15:48:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{434f4d08-23e6-11df-ad5c-0025110e8e25}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/04/07 18:53:35 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/04/07 18:52:39 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\StartUpLite.exe [2010/04/05 14:12:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010/04/05 14:12:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010/04/05 14:12:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010/04/05 14:12:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010/04/03 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/03/24 23:06:02 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/10 12:46:05 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2009/12/17 13:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2009/08/26 15:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2009/07/22 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009/07/01 06:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/06/27 20:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/06/18 06:19:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2009/06/16 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/06/16 15:47:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft ========== Files - Modified Within 30 Days ========== [2010/04/08 17:48:54 | 000,215,152 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010/04/08 17:32:11 | 000,137,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010/04/08 17:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/04/08 16:56:36 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/04/08 16:56:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/04/08 15:17:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/04/08 14:59:21 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Administrator\default.pls [2010/04/08 14:55:49 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/04/08 12:50:52 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34DE10EE-507B-41A4-975C-439C7EA18C91}.job [2010/04/07 18:58:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/04/07 18:58:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/04/07 18:57:29 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/04/07 18:53:40 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/04/07 18:52:40 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\StartUpLite.exe [2010/04/07 16:15:32 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2010/04/06 22:31:32 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/04/02 19:14:24 | 003,739,018 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/04/02 19:04:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 16:53:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/02 13:22:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/04/01 19:44:14 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/04/01 19:37:00 | 000,005,694 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2010/03/26 22:17:07 | 000,293,376 | ---- | M] () -- C:\lhsh7zn0.exe [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/19 09:42:48 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/03/19 09:42:48 | 000,443,132 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/03/19 09:42:48 | 000,072,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/03/16 00:51:59 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe [2010/03/12 16:35:33 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk [2010/03/12 11:26:36 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE [2010/03/10 14:42:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/03/09 23:41:12 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk ========== Files Created - No Company Name ========== [2010/04/02 19:04:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 13:10:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/01 19:44:14 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/03/26 22:17:03 | 000,293,376 | ---- | C] () -- C:\lhsh7zn0.exe [2010/02/26 06:47:01 | 001,380,352 | ---- | C] () -- C:\WINDOWS\System32\mpich2shmp.dll [2010/02/26 06:47:01 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\mpich2shm.dll [2010/02/26 06:47:01 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\mpich2mpi.dll [2010/02/26 06:47:00 | 001,196,032 | ---- | C] () -- C:\WINDOWS\System32\mpich2.dll [2009/11/08 21:29:41 | 000,986,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/11/07 23:01:03 | 000,209,040 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/11/07 23:01:03 | 000,204,944 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/11/07 23:01:03 | 000,192,656 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/11/07 23:01:03 | 000,024,720 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/11/07 19:14:56 | 000,005,694 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009/11/07 19:14:56 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\14F9E41E8C.sys [2009/10/03 16:15:16 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/21 23:56:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll [2009/08/04 21:24:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 21:24:17 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/07/23 13:58:09 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disney.ini [2009/07/23 13:57:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2009/06/26 18:52:20 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/26 05:26:44 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI [2009/06/26 05:26:22 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll [2009/06/26 05:26:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll [2009/06/26 05:26:21 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\Leaddib.drv [2009/06/26 05:26:21 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\Fprun300.dll [2009/06/19 05:36:53 | 000,031,897 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/06/19 05:36:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/06/18 22:41:34 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2009/06/18 20:50:11 | 000,137,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/06/18 20:50:11 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys [2009/06/18 12:31:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/17 23:00:54 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL [2009/06/17 22:59:24 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2002/03/16 18:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL [2002/02/27 18:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll [1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/01/12 02:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB0B938 @Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40CD440D @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38673444 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:140CF428 @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10151AE6 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404800E7 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8342E7B @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > D.
  7. Ok. I did all that. Booted up a little faster, not much though, maybe a second or 2. Does seem a little more responsive. D.
  8. That's good to know that they look good. Still pretty slow. I guess it's time to upgrade I guess. Thanks for your help. You can now move this thread if needed. D.
  9. Ok. That one actaually finished. First is the OTL log file and then the ESET log file. OTL OTL logfile created on: 4/3/2010 8:28:28 PM - Run 2 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 62.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 70.10 Gb Free Space | 54.77% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 183.13 Gb Free Space | 61.44% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOUG-DMDCNG6 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe PRC - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009/09/09 14:06:36 | 000,105,616 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe PRC - [2009/08/22 00:37:15 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe PRC - [2009/06/17 19:12:35 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (SafeList) ========== MOD - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (mpich2_smpd) SRV - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009/11/06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - [2009/08/22 00:37:15 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -- (Norton AntiVirus) SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - [2010/02/03 03:00:00 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100403.020\NAVEX15.SYS -- (NAVEX15) DRV - [2010/02/03 03:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100403.020\NAVENG.SYS -- (NAVENG) DRV - [2010/01/27 20:46:44 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\ccHPx86.sys -- (ccHP) DRV - [2010/01/11 22:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009/11/22 09:10:06 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm) DRV - [2009/11/10 15:54:18 | 000,095,568 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009/11/10 15:54:12 | 000,116,560 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2009/11/10 15:53:54 | 000,104,016 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009/11/10 15:53:54 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009/11/07 23:26:39 | 000,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2009/10/28 16:37:22 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100326.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2009/08/26 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/08/26 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/08/22 00:37:16 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SYMEFA.SYS -- (SymEFA) DRV - [2009/08/22 00:37:16 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SRTSP.SYS -- (SRTSP) DRV - [2009/08/22 00:37:16 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\BHDrvx86.sys -- (BHDrvx86) DRV - [2009/08/22 00:37:16 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMTDI.SYS -- (SYMTDI) DRV - [2009/08/22 00:37:16 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS -- (SYMFW) DRV - [2009/08/22 00:37:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2009/08/22 00:37:16 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS -- (SYMNDIS) DRV - [2009/08/22 00:37:16 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS -- (SYMIDS) DRV - [2009/08/19 06:08:17 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2009/08/18 12:59:24 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP) DRV - [2009/08/18 12:59:24 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM) DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009/04/03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2008/12/29 02:30:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.22\RivaTuner32.sys -- (RivaTuner32) DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007/07/09 19:56:00 | 004,449,280 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi) DRV - [2007/01/29 07:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2) DRV - [2006/11/27 02:33:54 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/11/27 02:33:50 | 000,058,368 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/06/28 03:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?rd=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 F5 18 E0 27 A9 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..network.proxy.no_proxies_on: "*.local" [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/02/20 20:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions [2010/02/01 10:44:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] File not found O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.22\RivaTuner.exe () O4 - HKLM..\Run: [standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) O4 - HKLM..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Corel TW Corp.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/16 15:48:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{434f4d08-23e6-11df-ad5c-0025110e8e25}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/04/03 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/03/24 23:06:02 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/10 12:46:05 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2009/12/17 13:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2009/08/26 15:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2009/07/22 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009/07/01 06:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/06/27 20:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/06/18 06:19:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2009/06/16 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/06/16 15:47:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/04/03 20:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/04/03 15:17:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/04/03 13:45:33 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/04/03 13:44:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/04/03 13:44:44 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/04/03 13:44:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/04/03 10:20:38 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34DE10EE-507B-41A4-975C-439C7EA18C91}.job [2010/04/02 19:14:51 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/04/02 19:14:24 | 003,739,018 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/04/02 19:04:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 19:04:27 | 000,464,491 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.zip [2010/04/02 18:05:32 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2010/04/02 17:37:15 | 000,215,152 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010/04/02 17:11:07 | 000,137,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010/04/02 17:05:50 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/04/02 16:53:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/02 13:22:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/04/01 19:44:14 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/04/01 19:37:00 | 000,005,694 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2010/04/01 19:36:53 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/03/26 22:17:07 | 000,293,376 | ---- | M] () -- C:\lhsh7zn0.exe [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/19 09:42:48 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/03/19 09:42:48 | 000,443,132 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/03/19 09:42:48 | 000,072,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/03/18 14:21:58 | 000,000,042 | ---- | M] () -- C:\Documents and Settings\Administrator\default.pls [2010/03/16 00:51:59 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe [2010/03/12 16:35:33 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk [2010/03/12 11:26:36 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE [2010/03/10 14:42:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/03/09 23:41:12 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/04/02 19:04:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\settings.dat [2010/04/02 19:04:25 | 000,464,491 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.zip [2010/04/02 13:10:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/04/01 19:44:14 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Corel PaintShop Photo 2010.lnk [2010/03/26 22:17:03 | 000,293,376 | ---- | C] () -- C:\lhsh7zn0.exe [2010/02/26 06:47:01 | 001,380,352 | ---- | C] () -- C:\WINDOWS\System32\mpich2shmp.dll [2010/02/26 06:47:01 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\mpich2shm.dll [2010/02/26 06:47:01 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\mpich2mpi.dll [2010/02/26 06:47:00 | 001,196,032 | ---- | C] () -- C:\WINDOWS\System32\mpich2.dll [2009/11/08 21:29:41 | 000,986,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/11/07 23:01:03 | 000,209,040 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/11/07 23:01:03 | 000,204,944 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/11/07 23:01:03 | 000,192,656 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/11/07 23:01:03 | 000,024,720 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/11/07 19:14:56 | 000,005,694 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009/11/07 19:14:56 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\14F9E41E8C.sys [2009/10/03 16:15:16 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/21 23:56:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll [2009/08/04 21:24:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 21:24:17 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/07/23 13:58:09 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disney.ini [2009/07/23 13:57:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2009/06/26 18:52:20 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/26 05:26:44 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI [2009/06/26 05:26:22 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll [2009/06/26 05:26:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll [2009/06/26 05:26:21 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\Leaddib.drv [2009/06/26 05:26:21 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\Fprun300.dll [2009/06/19 05:36:53 | 000,031,897 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/06/19 05:36:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/06/18 22:41:34 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2009/06/18 20:50:11 | 000,137,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/06/18 20:50:11 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys [2009/06/18 12:31:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/17 23:00:54 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL [2009/06/17 22:59:24 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2002/03/16 18:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL [2002/02/27 18:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll [1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/01/12 02:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB0B938 @Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40CD440D @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38673444 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:140CF428 @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10151AE6 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404800E7 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8342E7B @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > ESET ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=824c2583792f0a45964dc2040501229b # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-04-04 06:08:14 # local_time=2010-04-04 12:08:14 (-0700, Mountain Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=3587 16777173 100 94 1279873 18504372 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=211926 # found=1 # cleaned=0 # scan_time=12296 E:\My Documents\Computer\Nero-7.7.5.1_eng_update.exe Win32/Toolbar.AskSBar application 00000000000000000000000000000000 I Thanks, D.
  10. Hmmm. I've tried the new program and to no avail as well. It gets stuck on initializing. I let it go over night and it was in the same place as it was when started. Is something terribly wrong with this comp or what? What should I do now? D.
  11. Well. I did as you said in your last post. I even tried it with one drive and both drives checked, but it would scan for a while then my computer would reboot. ????? So, what would that mean?
  12. I know that he motherboard sucks. It's slow, that's because of only 2 gig ram. It used to run a little faster but I think something is bogging it down but I don't know what. I'd like to build a new system, I have most of it, but the wife wont let me till work picks up. lol. If you think it's ok for now, then fine, I can suffer for a while longer. Thanks for helping. D.
  13. Thanks Tom. Here's both reports. OTL logfile created on: 3/24/2010 11:07:37 PM - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 71.23 Gb Free Space | 55.66% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 183.19 Gb Free Space | 61.45% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOUG-DMDCNG6 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe PRC - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009/09/09 14:06:36 | 000,105,616 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe PRC - [2009/08/22 00:37:15 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe PRC - [2009/06/17 19:12:35 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (mpich2_smpd) SRV - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009/11/06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009/08/22 00:37:15 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -- (Norton AntiVirus) SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/06/16 17:13:44 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008/06/09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?rd=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 F5 18 E0 27 A9 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..network.proxy.no_proxies_on: "*.local" [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2010/02/27 15:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/02/20 20:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions [2010/02/01 10:44:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\y8dsg1lf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] File not found O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.22\RivaTuner.exe () O4 - HKLM..\Run: [Standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Corel TW Corp.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/16 15:48:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{434f4d08-23e6-11df-ad5c-0025110e8e25}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{896f8a4f-5a8a-11de-963c-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/06/16 09:31:56 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (16891891626803200) [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2010/03/24 23:06:02 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2009/12/17 13:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2009/08/26 15:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2009/07/22 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009/07/01 06:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/06/27 20:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/06/18 06:19:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2009/06/16 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/06/16 15:47:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2010/03/24 23:06:06 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/03/24 22:28:15 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/03/24 22:28:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/03/24 22:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/03/24 19:34:44 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/03/24 19:34:44 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/03/24 18:34:42 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34DE10EE-507B-41A4-975C-439C7EA18C91}.job [2010/03/24 15:17:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/03/24 14:55:07 | 001,578,854 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/03/24 14:23:18 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2010/03/24 08:46:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/03/24 08:45:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/03/23 17:49:41 | 000,215,152 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010/03/23 17:16:15 | 000,137,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010/03/19 13:22:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/03/19 09:42:48 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/03/19 09:42:48 | 000,443,132 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/03/19 09:42:48 | 000,072,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/03/18 14:21:58 | 000,000,042 | ---- | M] () -- C:\Documents and Settings\Administrator\default.pls [2010/03/18 14:16:22 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/03/12 16:35:33 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/02/26 06:47:01 | 001,380,352 | ---- | C] () -- C:\WINDOWS\System32\mpich2shmp.dll [2010/02/26 06:47:01 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\mpich2shm.dll [2010/02/26 06:47:01 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\mpich2mpi.dll [2010/02/26 06:47:00 | 001,196,032 | ---- | C] () -- C:\WINDOWS\System32\mpich2.dll [2009/11/08 21:29:41 | 000,986,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/11/07 23:01:03 | 000,209,040 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/11/07 23:01:03 | 000,204,944 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/11/07 23:01:03 | 000,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/11/07 23:01:03 | 000,192,656 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/11/07 23:01:03 | 000,024,720 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/11/07 19:14:56 | 000,005,694 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009/11/07 19:14:56 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\14F9E41E8C.sys [2009/10/03 16:15:16 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/21 23:56:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll [2009/08/04 21:24:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 21:24:17 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/07/23 13:58:09 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disney.ini [2009/07/23 13:57:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2009/06/26 18:52:20 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/26 05:26:44 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI [2009/06/26 05:26:22 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll [2009/06/26 05:26:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll [2009/06/26 05:26:21 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\Leaddib.drv [2009/06/26 05:26:21 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\Fprun300.dll [2009/06/19 05:36:53 | 000,031,897 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/06/19 05:36:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/06/18 22:41:34 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2009/06/18 20:50:11 | 000,137,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/06/18 20:50:11 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys [2009/06/18 12:31:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/17 23:00:54 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL [2009/06/17 22:59:24 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2002/03/16 18:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL [2002/02/27 18:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll [1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/01/12 02:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/03/16 19:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon [2009/07/25 07:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1 [2009/07/23 14:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Disney Interactive Studios [2010/02/19 09:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\eMachineShop [2010/02/26 06:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Folding@home-gpu [2010/03/09 23:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Folding@home-x86 [2009/07/25 12:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo [2009/07/23 14:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech [2009/12/18 12:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Petroglyph [2009/10/14 22:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PGP [2009/07/25 06:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Raptr [2009/11/14 21:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\runic games [2010/02/22 18:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SBTT [2009/06/17 22:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft [2010/02/27 15:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TomTom [2009/11/09 09:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ulead Systems [2009/10/14 20:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy [2010/01/08 18:30:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2009/06/19 13:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts [2009/11/07 23:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo [2009/06/26 11:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2010/03/24 08:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2009/08/04 21:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT [2009/11/07 23:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc [2009/06/17 22:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir [2009/06/17 22:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard [2010/03/24 14:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/02/27 15:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/11/07 23:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems [2009/12/01 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/01/18 10:19:53 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job [2010/03/24 18:34:42 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{34DE10EE-507B-41A4-975C-439C7EA18C91}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [color=#A23BEC]< MD5 for: NVATA.SYS >[/color] [2006/06/28 03:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\WINDOWS\system32\drivers\nvata.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB0B938 @Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40CD440D @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38673444 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:140CF428 @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10151AE6 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404800E7 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8342E7B @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > OTL Extras logfile created on: 3/24/2010 11:07:37 PM - Run 1OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 71.23 Gb Free Space | 55.66% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 183.19 Gb Free Space | 61.45% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOUG-DMDCNG6 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Installation\Setupx.exe" = D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.) "C:\Program Files\Electronic Arts\The Lord of the Rings - Conquest™\Conquest.exe" = C:\Program Files\Electronic Arts\The Lord of the Rings - Conquest™\Conquest.exe:*:Enabled:Game -- File not found "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- () "C:\Program Files\Rand McNally\TripMaker Deluxe\Trpmaker.exe" = C:\Program Files\Rand McNally\TripMaker Deluxe\Trpmaker.exe:*:Enabled:Trpmaker -- () "C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG) "C:\Documents and Settings\Administrator\Local Settings\Temp\Nero Web\SetupXu.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup -- File not found "C:\Program Files\Hasbro Interactive\Scrabble v2.0\Scrabble v2.0.exe" = C:\Program Files\Hasbro Interactive\Scrabble v2.0\Scrabble v2.0.exe:*:Disabled:Scrabble v2.0 -- () "C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation) "C:\Program Files\Raptr\Raptr.exe" = C:\Program Files\Raptr\Raptr.exe:*:Enabled:Raptr Client -- File not found "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts) "C:\Program Files\Folding@home\Folding@home-x86\Folding@home.exe" = C:\Program Files\Folding@home\Folding@home-x86\Folding@home.exe:*:Enabled:Folding@home -- () "C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.) "C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "E:\Program files\Games\Battle forge\Bootstrapper.exe" = E:\Program files\Games\Battle forge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher -- (EA Phenomic) "E:\Program files\Games\Battle forge\BattleForge.exe" = E:\Program files\Games\Battle forge\BattleForge.exe:*:Enabled:BattleForge™ -- (EA Phenomic) "C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA -- (EA Digital Illusions CE AB) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA -- (EA Digital Illusions CE AB) "C:\Program Files\Folding@Home Windows SMP Client V1.01\mpiexec.exe" = C:\Program Files\Folding@Home Windows SMP Client V1.01\mpiexec.exe:*:Enabled:mpiexec -- File not found "C:\Program Files\Folding@Home Windows SMP Client V1.01\smpd.exe" = C:\Program Files\Folding@Home Windows SMP Client V1.01\smpd.exe:*:Enabled:smpd -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{AB84BA61-3D10-4782-B52C-A37DB20532E5}" = Corel PaintShop Photo 2010 "{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2 "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch "{06154335-A146-4B82-A77A-0ED2466B6C36}" = DesignCAD Express V.12 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{20DFB114-5520-4BEE-B276-4A4204E1FBB4}" = PureHD "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 17 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2DD9C2F1-CC6E-449D-935B-4111396EF19F}" = MLE "{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{459E93B6-150E-45d5-8D4B-45C66FC035FE}" = getPlus(R) Download Manager for Corel "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4B948C70-904C-42E6-9C73-56054F5092AB}" = On-line Help Console "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{624885E1-2458-4F12-A975-EA368C3523FA}" = DeviceIO "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69B02159-7622-4DBB-B9EE-F933039830AD}" = QuickBooks Pro 2006 "{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}" = Folding@home-x86 "{6BCD1560-6292-4A70-A808-C0FE414A7DB4}" = Contents "{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com "{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5 "{870832ED-43F3-4425-931C-137C18902664}" = Sun VirtualBox "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007 "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content "{91120409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101 "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AAEB8781-5EBD-4332-B86D-428DE7EF6DA2}" = Setup "{AB84BA61-3D10-4782-B52C-A37DB20532E5}" = ICA "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar "{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager "{BA4DF4C3-196E-4128-969A-00996B5A46F8}" = Canon MP500 "{BADF6EBC-2C9F-40A5-9BCC-0FC014861BBD}" = DesignCAD Developer's Toolkit "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™ &
  14. Logfile of HijackThis v1.99.1 Scan saved at 5:02:47 PM, on 3/23/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe C:\Program Files\PCPitstop\PCPitstopScheduleService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Corel\Standby\Standby.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\iPod\bin\iPodService.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe C:\WINDOWS\system32\msfeedssync.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.22\RivaTuner.exe" /S O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c9f79a6ce59cc2) (gupdate1c9f79a6ce59cc2) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MPICH2 Process Manager, Argonne National Lab (mpich2_smpd) - Unknown owner - C:\Program Files\Folding@Home Windows SMP Client V1.01\smpd.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Norton AntiVirus - Unknown owner - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe" /s "Norton AntiVirus" /m "C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll" /prefetch:1 (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe Thanks, D.
  15. I figured it out. Thanks. D.
  16. dooglo

    Bruce

    I know that this post is a little old right now, but I need to say it just in appreciation and thanks. Welcome back Bruce. D.
  17. Thanks. I think I'll retry like you have. D.
  18. Question? I have SuSe 11.2 32 bit and Ubuntu 9.1 32 bit in a daul boot now. In SuSe I was able to use nautilus super-user to move the files around, how do I move a locked file in Ubuntu? The files are in my "Downloads" folder with locks on them. D.
  19. Thanks so much for putting this together. But, how do I install or get the "screenlets"? I'm running SuSe 11.2 32 bit Gnome. Thanks, D.
  20. WOW! Very nice Bruce. Thank you. Just finished downloading 2008, now to work on 2009. D.
  21. Good Job Tx. It doesn't look too shabby at all.
  22. Sorry to hear that. Well, when you do get around to it, post some pictures for us to see your handy work. Everyone likes pictures. Get well.
  23. Hey Tx, check this out I think this guy is very informative when it comes to case modding. He's got lots of info and links to great stuff. Also, I think doing a blowhole would be a good idea. Meaning, 1 hole(could be a fan) on the bottom, and then one on top too. D.
  24. dooglo

    K3B write error

    Cd is good. No pop up about permissions. Did a simulate burn and worked. So, now I've tried to burn it and it wil not. I think I'll try something else, like rip a CD then Burn it to a new CD. Thinking that my burner is bad. :crosses fingers: D.
×
×
  • Create New...