Jump to content

jpb4999

Members
  • Content Count

    12
  • Joined

  • Last visited

About jpb4999

  • Rank
    Member

Previous Fields

  • System Specifications:
    Dell Dimension 4700, XP
  1. I apologize. You are correct. I tested the monitor on another computer and had the same problem. Thanks.
  2. Thanks. I find that hard to believe. I believe this is definitely malware or virus related as it occured after I opened a known virus file in Facebook. My monitor is fine. Thanks.
  3. I just ran the ESET scan which took 4 hours. It found 1 infected file, which might have been a false positive, as it was in an Adware file adn I have Ad-Aware installed. At any rate, under C:\Program Files\ESET\EsetOnlineScanner\ there is not a file called log.txt. The only file is the uninstaller. Any suggestion? I don't want to spend another 4 hours running this...... Thanks!
  4. All processes killed ========== OTL ========== Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94f58a91-f653-11de-aacb-001111a9c4ba}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94f58a91-f653-11de-aacb-001111a9c4ba}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94f58a91-f653-11de-aacb-001111a9c4ba}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94f58a91-f653-11de-aacb-001111a9c4ba}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94f58a91-f653-11de-aacb-001111a9c4ba}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94f58a91-f653-11de-aacb-001111a9c4ba}\ not found. File E:\LaunchU3.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94f58a92-f653-11de-aacb-001111a9c4ba}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94f58a92-f653-11de-aacb-001111a9c4ba}\ not found. File F:\XCRACK\xKCARC\autorunme.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94f58a92-f653-11de-aacb-001111a9c4ba}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94f58a92-f653-11de-aacb-001111a9c4ba}\ not found. File F:\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94f58a92-f653-11de-aacb-001111a9c4ba}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94f58a92-f653-11de-aacb-001111a9c4ba}\ not found. File F:\XCRACK\xKCARC\autorunme.exe not found. C:\WINDOWS\bk23567.dat moved successfully. C:\WINDOWS\fdgg34353edfgdfdf moved successfully. C:\WINDOWS\lgo moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Administrator.JOECOMPUTER ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: All Users.WINDOWS User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: Default User.WINDOWS ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41044 bytes User: Joe ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Java cache emptied: 963801 bytes ->Flash cache emptied: 11515 bytes User: Joe2 ->Temp folder emptied: 587274881 bytes ->Temporary Internet Files folder emptied: 113636401 bytes ->Java cache emptied: 28303616 bytes ->FireFox cache emptied: 6797195 bytes ->Apple Safari cache emptied: 14375347 bytes ->Flash cache emptied: 1632662 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 702871 bytes User: LocalService.NT AUTHORITY ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 158343 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1223723 bytes User: NetworkService.NT AUTHORITY ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 992682 bytes User: Owner User: Owner.JOECOMPUTER ->Temp folder emptied: 25081507 bytes ->Temporary Internet Files folder emptied: 425876070 bytes ->Java cache emptied: 13756637 bytes ->FireFox cache emptied: 46825743 bytes ->Flash cache emptied: 2604274 bytes User: OWNER~1~JOE %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2615129 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6047488 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23864566 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 596334 bytes Total Files Cleaned = 1,243.00 mb OTL by OldTimer - Version 3.2.1.0 log created on 04092010_083703 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temp\Temporary Internet Files\Content.IE5\R4KR2B2H\rtsdrama;genre=adaptation;genre=primetimedramatv;genre=drama;genre=sports;;tempPass=false;dcopt=ist;entry=no;refer=www.fancast[1].com;tile=1;sz=960x50;ord=2139581455972458855 not found! File\Folder C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temp\Temporary Internet Files\Content.IE5\R4KR2B2H\rtsdrama;genre=adaptation;genre=primetimedramatv;genre=drama;genre=sports;;tempPass=false;dcopt=ist;entry=yes;refer=www.google[1].com;tile=1;sz=960x50;ord=5621680080661620918 not found! File\Folder C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temp\Temporary Internet Files\Content.IE5\ACE73XP0\252F%252Flatimesblogs.latimes.com%252Fshowtracker%252F2009%252F10%252Ffriday-night-lights-season-4-episode-1-so-whats-it-like-being-the-guy-who-used-to-be-tim-riggins[1].html not found! File\Folder C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temp\Temporary Internet Files\Content.IE5\60V7HGNH\tsdrama;genre=adaptation;genre=primetimedramatv;genre=drama;genre=sports;;tempPass=false;dcopt=ist;entry=no;refer=www.fancast[1].com;tile=2;sz=300x250;ord=2139581455972458855 not found! File\Folder C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temp\Temporary Internet Files\Content.IE5\60V7HGNH\tsdrama;genre=adaptation;genre=primetimedramatv;genre=drama;genre=sports;;tempPass=false;dcopt=ist;entry=yes;refer=www.google[1].com;tile=2;sz=300x250;ord=5621680080661620918 not found! C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\H6GFV716\index[1].htm moved successfully. C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\C3DR6PX2\ddc[1].htm moved successfully. C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\C3DR6PX2\PortalServe[1].htm moved successfully. C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\5EZ1TII0\yahoo_com[2].htm moved successfully. C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\45Z66MXT\iframe[3].htm moved successfully. Registry entries deleted on Reboot... Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 3972 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4/9/2010 9:22:38 AM mbam-log-2010-04-09 (09-22-38).txt Scan type: Quick scan Objects scanned: 159115 Time elapsed: 5 minute(s), 45 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 4 Folders Infected: 2 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: C:\Program Files\WinBudget (Adware.Admedia) -> Quarantined and deleted successfully. C:\Program Files\WinBudget\bin (Adware.Admedia) -> Quarantined and deleted successfully. Files Infected: (No malicious items detected) ESET Log to folllow!
  5. GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-04-07 00:16:52 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\OWNER~1.JOE\LOCALS~1\Temp\ugdcyaog.sys ---- System - GMER 1.0.15 ---- SSDT 89D0AEF8 ZwConnectPort SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF766787E] SSDT IPVNMon.sys (IPVNMon/Visual Networks) ZwDeviceIoControlFile [0xF795E803] SSDT 8A488370 ZwOpenProcess SSDT 8A47FA58 ZwOpenThread SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7667BFE] ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Ip Lbd.sys (Boot Driver/Lavasoft AB) AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB) AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB) AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ---- Files - GMER 1.0.15 ---- File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\INDEX.BTR 1261568 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\INDEX.MAP 648 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\MAPPING.VER 4 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\MAPPING1.MAP 3536 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\MAPPING2.MAP 3536 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\OBJECTS.DATA 5857280 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP245\snapshot\Repository\FS\OBJECTS.MAP 2896 bytes File C:\System Volume Information\_restore{E67CB511-682B-4947-9EE9-9BB8C76EE60F}\RP246\A0037547.lnk 0 bytes ---- EOF - GMER 1.0.15 ----
  6. OTL logfile created on: 4/6/2010 6:53:31 PM - Run 1 OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Owner.JOECOMPUTER\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.68 Gb Total Space | 19.07 Gb Free Space | 26.60% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 232.88 Gb Total Space | 110.54 Gb Free Space | 47.47% Space Free | Partition Type: NTFS Computer Name: JOECOMPUTER Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Owner.JOECOMPUTER\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe () PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) PRC - C:\Program Files\CyberPatrol LLC\CyberPatrol\cpserver.exe (CyberPatrol LLC.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation) PRC - C:\Program Files\Norton AntiVirus\IWP\NPFMNTOR.EXE (Symantec Corporation) PRC - C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Owner.JOECOMPUTER\Desktop\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (ioloSystemService) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe () SRV - (ioloFileInfoList) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe () SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation) SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation) SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) SRV - (Mach5 Mailer Scheduler) -- C:\Program Files\Mach5 Mailer 4\Mach5.SchedullerService.exe () SRV - (CyberPatrol UpdateService) -- C:\Program Files\CyberPatrol LLC\CyberPatrol\UpdateService.exe (CyberPatrol LLC) SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (ccPwdSvc) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (SBService) -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBSERV.EXE (Symantec Corporation) SRV - (NPFMntor) -- C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe (Symantec Corporation) SRV - (navapsvc) -- C:\Program Files\Norton AntiVirus\navapsvc.exe (Symantec Corporation) SRV - (SAVScan) -- C:\Program Files\Norton AntiVirus\SAVScan.exe (Symantec Corporation) SRV - (IDriverT) -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (SBRE) -- C:\WINDOWS\SYSTEM32\DRIVERS\SBREDrv.sys (Sunbelt Software) DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100331.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100331.005\NAVENG.SYS (Symantec Corporation) DRV - (SYMIDSCO) -- C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20100402.001\SymIDSCo.sys (Symantec Corporation) DRV - (symlcbrd) -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys (Symantec Corporation) DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (61883) -- C:\WINDOWS\SYSTEM32\DRIVERS\61883.sys (Microsoft Corporation) DRV - (Avc) -- C:\WINDOWS\SYSTEM32\DRIVERS\avc.sys (Microsoft Corporation) DRV - (MSDV) -- C:\WINDOWS\SYSTEM32\DRIVERS\msdv.sys (Microsoft Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation) DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation) DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation) DRV - (SYMDNS) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation) DRV - (P17) -- C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys (Creative Technology Ltd.) DRV - (SAVRTPEL) -- C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (Symantec Corporation) DRV - (SAVRT) -- C:\Program Files\Norton AntiVirus\SAVRT.SYS (Symantec Corporation) DRV - (ossrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys (Creative Technology Ltd.) DRV - (ctsfm2k) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys (Creative Technology Ltd) DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (pfc) -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys (Padus, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://rd.yahoo.com/customize/sbcydsl/defa.../search/ie.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://rd.yahoo.com/customize/sbcydsl/defa...//www.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/22 16:25:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/22 16:25:19 | 000,000,000 | ---D | M] [2010/01/05 14:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Mozilla\Extensions [2010/03/26 09:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Mozilla\Firefox\Profiles\225mavyo.default\extensions [2010/01/05 15:35:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Mozilla\Firefox\Profiles\225mavyo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/01/09 00:50:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Mozilla\Firefox\Profiles\225mavyo.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010/03/26 09:06:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2006/07/25 15:40:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2004/11/12 22:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll [2006/10/10 15:57:38 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2008/02/02 16:45:20 | 000,090,112 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll O1 HOSTS File: ([2010/04/03 13:23:36 | 000,385,900 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 13312 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [CyberPatrolNew] C:\Program Files\CyberPatrol LLC\CyberPatrol\CPHQ.exe (CyberPatrol LLC.) O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll () O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [symantec NetDriver Monitor] C:\Program Files\SymNetDrv\SNDMon.exe (Symantec Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\System32\cplsp.dll (CyberPatrol LLC.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {A8B02DCA-7648-46D6-95A8-B84EC80CA49D} https://builder.inmotionhosting.com/applet/...ploaderProj.cab (JamShellLinkX Control) O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab (DDRevision Class) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-29-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{94f58a91-f653-11de-aacb-001111a9c4ba}\Shell - "" = AutoRun O33 - MountPoints2\{94f58a91-f653-11de-aacb-001111a9c4ba}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{94f58a91-f653-11de-aacb-001111a9c4ba}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{94f58a92-f653-11de-aacb-001111a9c4ba}\Shell\AutoRun\command - "" = F:\XCRACK\xKCARC\autorunme.exe -- File not found O33 - MountPoints2\{94f58a92-f653-11de-aacb-001111a9c4ba}\Shell\Explore\Command - "" = F:\ O33 - MountPoints2\{94f58a92-f653-11de-aacb-001111a9c4ba}\Shell\open\command - "" = F:\XCRACK\xKCARC\autorunme.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\SYSTEM32\IAS [2009/09/19 12:18:28 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\SYSTEM32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2010/04/06 18:51:07 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.JOECOMPUTER\Desktop\OTL.exe [2010/04/05 12:42:23 | 000,000,000 | ---D | C] -- C:\HIJACKTHIS [2010/04/03 12:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010/04/03 12:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy [2010/04/03 09:39:57 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\spybotsd162.exe [2010/04/02 11:13:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/03/15 11:32:03 | 000,230,808 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\cpnprt2.cid [2010/03/15 00:06:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Convergence Plans(Team Discussion) [2010/03/15 00:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\docProps [2010/03/15 00:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ppt [2010/03/15 00:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\_rels [2010/03/09 09:47:04 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2009/06/08 17:41:54 | 000,020,480 | ---- | C] (Mercury Development) -- C:\Program Files\Common Files\Mach5.Mailer.Install.dll [2009/06/08 17:41:48 | 000,016,384 | ---- | C] (Mercury Development) -- C:\Program Files\Common Files\Mach5.Install.dll [2007/11/16 07:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2007/06/09 17:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo [2007/06/07 18:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo! [2006/12/17 09:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2006/12/16 19:23:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2006/08/18 22:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio [2005/02/08 23:37:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2004/12/18 12:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec [2004/12/15 19:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall [2004/12/11 12:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2002/04/10 20:41:06 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/04/06 18:51:12 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.JOECOMPUTER\Desktop\OTL.exe [2010/04/06 18:48:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010/04/06 18:48:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010/04/06 18:48:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010/04/06 18:48:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2010/04/06 18:44:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/04/06 18:44:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/04/06 10:49:22 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\NTUSER.DAT [2010/04/06 10:49:21 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\ntuser.ini [2010/04/05 18:37:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk [2010/04/04 17:48:00 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/04/03 13:23:36 | 000,385,900 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts [2010/04/03 09:39:57 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd162.exe [2010/04/02 23:37:34 | 000,000,102 | ---- | M] () -- C:\WINDOWS\VSWizard.ini [2010/03/31 21:55:24 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Skype.lnk [2010/03/29 21:37:29 | 000,013,275 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\War is a Cockroach.docx [2010/03/26 20:53:37 | 000,000,546 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Owner.job [2010/03/24 17:22:09 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk [2010/03/23 19:18:16 | 000,014,328 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Japanese Essay.docx [2010/03/22 15:39:44 | 000,000,001 | ---- | M] () -- C:\WINDOWS\lgo [2010/03/22 15:29:29 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\Desktop\System Mechanic.lnk [2010/03/22 13:16:13 | 000,080,663 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Intege Japan.docx [2010/03/22 08:54:11 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010/03/22 08:54:09 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2010/03/22 08:53:35 | 000,000,001 | -H-- | M] () -- C:\WINDOWS\bk23567.dat [2010/03/22 08:53:35 | 000,000,001 | ---- | M] () -- C:\WINDOWS\fdgg34353edfgdfdf [2010/03/17 22:14:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/03/16 19:42:42 | 000,093,096 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll [2010/03/16 19:42:32 | 002,315,688 | ---- | M] () -- C:\WINDOWS\System32\Incinerator.dll [2010/03/15 11:32:03 | 000,230,808 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\cpnprt2.cid [2010/03/15 11:32:03 | 000,230,808 | ---- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid [2010/03/15 00:03:36 | 000,006,213 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\[Content_Types].xml [2010/03/15 00:02:58 | 000,095,467 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Convergence Plans(Team Discussion).zip [2010/03/14 08:01:04 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/03/14 08:01:03 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/03/14 08:01:02 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/03/11 14:12:19 | 000,301,910 | ---- | M] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\IMG00011-20100312-1011.jpg [2010/03/10 10:57:18 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk [2010/03/09 19:18:44 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/04/05 18:37:06 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk [2010/03/29 19:10:04 | 000,013,275 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\War is a Cockroach.docx [2010/03/23 16:45:56 | 000,014,328 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Japanese Essay.docx [2010/03/22 13:16:13 | 000,080,663 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Intege Japan.docx [2010/03/22 08:53:35 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\bk23567.dat [2010/03/22 08:53:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\lgo [2010/03/22 08:53:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\fdgg34353edfgdfdf [2010/03/15 00:02:53 | 000,095,467 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Convergence Plans(Team Discussion).zip [2010/03/11 14:08:04 | 000,301,910 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\IMG00011-20100312-1011.jpg [2010/02/11 16:01:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\wklnhst.dat [2010/02/01 18:43:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\QBInstanceFinder.log [2010/01/14 09:32:32 | 000,005,300 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\63215362142514253251425321425142535142532514253251425325144125351425325142532514232514253.7z [2010/01/14 00:21:18 | 000,004,435 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\.recently-used.xbel [2009/11/26 10:22:14 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009/11/19 16:00:29 | 000,000,214 | ---- | C] () -- C:\WINDOWS\{ADC13459-59DE-4932-AD18-0C2D84179CD1}_WiseFW.ini [2009/10/16 09:20:10 | 000,011,338 | ---- | C] () -- C:\WINDOWS\ts.dll [2009/10/16 09:20:10 | 000,004,238 | ---- | C] () -- C:\WINDOWS\nt16.dll [2009/10/13 17:43:44 | 000,002,012 | ---- | C] () -- C:\Program Files\Common Files\Mach5.Mailer.Install.InstallState [2009/10/13 10:29:58 | 002,315,688 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll [2009/10/13 10:22:10 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2009/10/13 10:18:53 | 000,000,180 | ---- | C] () -- C:\WINDOWS\{28ABBD00-B23F-427A-AA55-B708F44A8F79}_WiseFW.ini [2009/10/05 17:15:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\AdobeWeb.log [2009/10/01 08:32:28 | 000,000,172 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/09/30 12:02:19 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Vocals [2009/09/30 12:02:19 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\User Loops [2009/09/30 12:02:19 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdu.DAT [2009/09/22 20:14:48 | 000,048,640 | ---- | C] () -- C:\WINDOWS\tsnt.dll [2009/09/22 20:14:48 | 000,030,240 | ---- | C] () -- C:\WINDOWS\unwise.dll [2009/09/22 20:13:40 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/21 00:04:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll [2009/09/20 22:30:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI [2009/09/19 19:38:10 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2009/09/19 19:38:10 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2009/09/19 19:33:59 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini [2009/09/19 19:22:29 | 000,014,223 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\hpzinstall.log [2009/09/19 18:42:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2009/09/19 17:50:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll [2009/09/19 17:45:15 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\ntuser.ini [2009/09/19 17:45:14 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\ntuser.dat.LOG [2009/09/19 17:45:13 | 008,650,752 | -H-- | C] () -- C:\Documents and Settings\Owner.JOECOMPUTER\NTUSER.DAT [2008/06/30 23:44:47 | 000,005,120 | -HS- | C] () -- C:\Program Files\Thumbs.db [2008/06/30 23:10:07 | 000,064,570 | ---- | C] () -- C:\Program Files\Barbi2.jpg [2006/06/29 19:33:31 | 000,063,730 | ---- | C] () -- C:\Program Files\viewsonicinstruct_xp.pdf [2005/12/21 17:57:36 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll [2005/12/21 17:57:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll [2005/12/21 17:54:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll [2005/05/03 06:38:42 | 000,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll [2003/10/02 05:48:18 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll ========== LOP Check ========== [2009/10/16 10:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CyberPatrol [2009/09/30 12:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Dialogs [2009/09/30 12:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EnterNHelp [2009/10/13 09:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Human Computing [2010/04/03 09:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\iolo [2009/10/13 17:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mach5 Mailer [2009/09/30 12:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nikon [2009/09/30 12:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ultima_T15 [2009/12/03 10:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Zylom [2009/09/25 19:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/01/27 18:40:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2010/03/28 18:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\BitTorrent [2009/10/16 15:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\GlobalSCAPE [2010/01/13 23:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\gtk-2.0 [2009/09/25 15:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Human Computing [2009/10/13 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\InterTrust [2009/10/13 10:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\iolo [2009/09/19 19:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Leadertech [2009/09/30 12:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Nikon [2010/02/11 16:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JOECOMPUTER\Application Data\Template [2010/04/06 18:48:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job [2010/04/06 18:48:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job [2010/04/06 18:48:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job [2010/04/06 18:48:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > [2008/09/27 04:05:42 | 240,807,904 | ---- | M] () -- C:\ComicBase Atlas.exe [2009/01/05 21:27:54 | 002,718,936 | ---- | M] (Microsoft Corporation) -- C:\Jet40SP5_9xNT.exe [2009/01/06 00:24:47 | 003,800,825 | ---- | M] () -- C:\mailer-nten.exe [2005/08/26 14:59:18 | 000,746,496 | ---- | M] () -- C:\Resize.exe [2008/12/24 14:36:32 | 008,215,688 | ---- | M] (SmartSoft Ltd) -- C:\SFTPMSI.exe [2007/11/20 14:35:58 | 000,107,632 | ---- | M] () -- C:\sj630en.exe [2010/04/03 09:39:57 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd162.exe [2008/12/25 01:27:38 | 001,465,242 | ---- | M] () -- C:\TubeThumperWin.exe [2008/08/26 22:15:15 | 000,267,056 | ---- | M] (BitTorrent, Inc.) -- C:\utorrent.exe [2009/05/02 02:52:55 | 013,194,592 | ---- | M] () -- C:\winzip120.exe [2009/07/17 11:19:48 | 009,577,800 | ---- | M] () -- C:\winzip121.exe < MD5 for: AGP440.SYS > [2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys [2004/08/12 09:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:AGP440.sys [2009/09/23 21:31:15 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:AGP440.sys [2009/09/23 21:31:15 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\I386\AGP440.SYS < MD5 for: ATAPI.SYS > [2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004/08/12 09:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys [2009/09/23 21:31:15 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys [2009/09/23 21:31:15 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\I386\atapi.sys [2004/08/12 08:55:51 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\eventlog.dll [2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\I386\EVENTLOG.DLL [2004/08/12 08:57:17 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: IASTOR.SYS > [2004/08/12 09:11:50 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\WINDOWS\dell\iastor\iastor.sys < MD5 for: NETLOGON.DLL > [2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\netlogon.dll [2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\I386\NETLOGON.DLL [2004/08/12 09:02:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\I386\SCECLI.DLL [2004/08/12 09:04:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SYSTEM32\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/09/29 21:20:58 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\ATIDEMGX.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2009/09/19 12:23:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\default.sav [2009/09/19 12:23:01 | 000,634,880 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\software.sav [2009/09/19 12:23:01 | 000,909,312 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\system.sav ========== Files - Unicode (All) ========== [2009/09/20 23:47:10 | 000,048,640 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\?????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\みなちゃん.doc [2009/09/20 23:47:10 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\???????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\私のしゅうまつ.doc [2009/09/20 23:47:10 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\???????????????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ピアノリサイタルの日が近ずいて来ました.doc [2009/09/20 23:47:10 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\??????????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\パレアモジェームス八月十六日.doc [2009/09/20 23:47:10 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\???????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\お月謝についてのお願い.doc [2009/09/20 23:47:10 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\?????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\生徒募集のお知らせ.doc [2009/09/20 23:47:10 | 000,021,504 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\?????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\長い夏休みも終わり.doc [2009/09/20 23:47:10 | 000,020,992 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\????????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ピアノリサイタルのご案内.doc [2009/09/20 23:47:10 | 000,020,992 | ---- | C] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\??????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ご両親様各位.doc [2009/09/01 10:30:38 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\???????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\お月謝についてのお願い.doc [2009/05/27 11:33:30 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\???????????????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ピアノリサイタルの日が近ずいて来ました.doc [2009/05/04 07:31:31 | 000,020,992 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\????????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ピアノリサイタルのご案内.doc [2009/04/12 21:47:16 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\???????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\私のしゅうまつ.doc [2009/04/10 19:23:57 | 000,048,640 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\?????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\みなちゃん.doc [2008/08/25 13:16:44 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\?????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\生徒募集のお知らせ.doc [2008/08/16 17:57:31 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\??????????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\パレアモジェームス八月十六日.doc [2007/08/27 11:03:10 | 000,020,992 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\??????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ご両親様各位.doc [2006/08/21 15:14:10 | 000,021,504 | ---- | M] ()(C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\?????????.doc) -- C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\長い夏休みも終わり.doc ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\until2.gif:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Under.gif:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Seating.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Project.dmsd:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\pcs3075_a.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\NeroVision:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\NanaLive.dmsd:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Nana67.dmsd:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\n1533584367_122316_3491.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\My Scans:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ken2007index.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Joe Palermo - Joe's Greatest Hits 2.jwl:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\guys.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Glasses2.JPG:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\GATotal.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\gaset4.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\gaset3.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\gaset2.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\GAset.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\GA5.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\GA2.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\GA1.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\Dmitri.bmp:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ContactSheet-2 YPf.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\ContactSheet-1 YPf.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.JOECOMPUTER\My Documents\853a_1.jpg:Roxio EMC Stream < End of report >
  7. OTL Extras logfile created on: 4/6/2010 6:53:31 PM - Run 1 OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Owner.JOECOMPUTER\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.68 Gb Total Space | 19.07 Gb Free Space | 26.60% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 232.88 Gb Total Space | 110.54 Gb Free Space | 47.47% Space Free | Partition Type: NTFS Computer Name: JOECOMPUTER Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) "C:\Program Files\Human Computing\ComicBase 14\ComicBase 14.exe" = C:\Program Files\Human Computing\ComicBase 14\ComicBase 14.exe:*:Enabled:ComicBase 14.exe -- (Human Computing. 95 S. Market Street #500, San Jose, CA 95113) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{06053AB3-B607-B752-3252-4A2EA9E9761E}" = CCC Help Dutch "{06230E02-2B7E-11D2-92D0-0040051BD005}" = OLYMPUS CAMEDIA Master 2.5 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0B4A8658-43F1-50CA-AF30-C67E3AE2C9ED}" = CCC Help Greek "{0CC61470-D776-2353-D5CB-C7BC20204863}" = CCC Help Finnish "{0DE6646A-AFD0-44AC-A493-5A8A7ABB858F}" = CyberPatrol (Remove Only) "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up "{12655AB3-9285-A2F0-5BBC-C5C45E4D718C}" = CCC Help Czech "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{14374622-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Pro 2005 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy "{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding "{228F6876-A313-40A3-91C0-C3CBE6997D09}" = Symantec "{24700C01-3A72-29D4-001B-6EE6BF71EB5E}" = CCC Help Korean "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26262388-95BF-58B0-CD46-A8F957BB67BF}" = Catalyst Control Center Graphics Full Existing "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17 "{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}" = Internet Worm Protection "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{329376FB-FB6C-C587-F483-07E3418456F5}" = ccc-utility "{33A38A8B-9E1E-BCBB-EA87-CE797EC75080}" = CCC Help Chinese Traditional "{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}" = Norton AntiVirus Help "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{369EEB32-64D1-F22A-1B2C-A3E81582E767}" = CCC Help Japanese "{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{3FCD8F30-057D-C96F-AEF4-B0D77DE9730C}" = CCC Help Portuguese "{46605BDE-7F82-DB0F-7906-3279A7E639BE}" = Catalyst Control Center Localization All "{480A8E00-D808-7D79-977B-CEBBB3BEB409}" = CCC Help French "{48C7FD10-D6AD-8EE0-2E8E-0480C4EEB1BD}" = Catalyst Control Center HydraVision Full "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{4C643986-DE3C-4737-8472-CCEC36CCC267}" = Studio Content CD "{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics "{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8 "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic "{5CA7ABC3-5F89-3A1D-A113-046EA4C7FCEB}" = ccc-core-static "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6F77AD48-BA04-F868-2D04-FC1BFF5E00BA}" = Catalyst Control Center Graphics Light "{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC "{788907C5-C83B-9785-A1F0-67050017324E}" = CCC Help Spanish "{7F5F1767-88C6-CBFC-5DD3-D853343FD5AE}" = CCC Help German "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{84DE3702-3262-BE38-27E8-5ED423D803C6}" = CCC Help Chinese Standard "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery "{95053B5A-42E0-830E-85BD-733FAFC28BA7}" = ccc-core-preinstall "{9B40D533-4F38-893D-EE5A-17226104BBC2}" = Skins "{A08CB73B-5DEA-185D-5D98-2230004D75ED}" = CCC Help Danish "{A22D91C3-E7BD-CBEE-7CDC-DE4C42FA27B7}" = CCC Help Hungarian "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom "{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3 "{AD0DD974-ADC2-8C10-DFA6-C1203A6E5106}" = CCC Help Polish "{ADC13459-59DE-4932-AD18-0C2D84179CD1}" = ComicBase 14.1.1 Update "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B014F739-B305-5319-D996-6612BD60ED74}" = CCC Help Swedish "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext "{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C570CAF4-D734-5412-C842-9AB150803074}" = Catalyst Control Center Core Implementation "{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2005 "{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D01F5B2C-2776-6C46-441C-E819C08DF4FF}" = CCC Help Turkish "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}" = Norton AntiVirus SYMLT MSI "{D2FCA53F-F568-D08A-458F-F7C9769A30ED}" = CCC Help Norwegian "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D327AFC9-7BAA-473A-8319-6EB7A0D40138}" = Symantec Script Blocking Installer "{D89B70AB-CF91-36A4-8658-FACA3AF6A654}" = Catalyst Control Center Graphics Previews Common "{DADE7970-4E6A-11D4-8BA5-0050BAAA20E2}" = Jeopardy! 2nd Edition "{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon "{DE057B84-3977-4107-AA5C-BD0600CDC8DF}" = MINITAB 14 Student "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{DF1274DC-02D4-B2D7-6197-5D24E1EF84B1}" = CCC Help Thai "{E000D42E-5842-20A6-EEB1-6DED8C2746C5}" = CCC Help Italian "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari "{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton AntiVirus Parent MSI "{E6B1F8A7-2EF2-47DC-B7D4-BA7E0C885D56}" = CuteFTP 6 Home "{E7679B31-21F5-4AAE-1620-0DFACF702325}" = Catalyst Control Center Graphics Full New "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes "{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min "{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{F83491F9-7CDF-46A7-9994-9E002CE5CE75}" = CCC Help Russian "{FAB79D8F-6AAE-4B41-A7AF-14153245347D}" = Mach5 Mailer "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "{FDE409B1-1FF3-DC39-083E-C0F4ED496D5E}" = CCC Help English "7-Zip" = 7-Zip 4.57 "Ad-Aware" = Ad-Aware "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "Belltech Greeting Card Designer 5.4.0_is1" = Belltech Greeting Card Designer 5.4.0 "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "HijackThis" = HijackThis 2.0.2 "Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Participation Program 9.0 "ie8" = Windows Internet Explorer 8 "InstallShield_{DE057B84-3977-4107-AA5C-BD0600CDC8DF}" = MINITAB 14 Student "InstallShield_{E6B1F8A7-2EF2-47DC-B7D4-BA7E0C885D56}" = CuteFTP 6 Home "JAIELangPack" = Japanese Language Support "KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic) "LiveReg" = LiveReg (Symantec Corporation) "LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "PROPLUSR" = Microsoft Office Professional Plus 2007 "PROSet" = Intel® PRO Network Adapters and Drivers "RealArcade" = RealArcade "RealPlayer 6.0" = RealPlayer Basic "SBC Yahoo! DSL" = SBC Yahoo! DSL "SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2005 (Symantec Corporation) "Unknown Device Identifier_is1" = Unknown Device Identifier 7.00 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.7 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "yahtzeedownloadedition" = Yahtzee Download Edition ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2/18/2010 1:58:41 AM | Computer Name = JOECOMPUTER | Source = MsiInstaller | ID = 11706 Description = Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'. Error - 3/8/2010 10:45:12 PM | Computer Name = JOECOMPUTER | Source = Microsoft Office 12 | ID = 1000 Description = Faulting application powerpnt.exe, version 12.0.4518.1014, stamp 45428035, faulting module ppcore.dll, version 12.0.4518.1014, stamp 454281a3, debug? 0, fault address 0x001af7b0. Error - 3/10/2010 12:05:03 AM | Computer Name = JOECOMPUTER | Source = Application Error | ID = 1000 Description = Faulting application itunes.exe, version 9.0.3.15, faulting module quicktime.qts, version 7.65.17.80, fault address 0x00104494. Error - 3/11/2010 3:07:30 PM | Computer Name = JOECOMPUTER | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x3a2f2f70. Error - 3/18/2010 4:36:57 PM | Computer Name = JOECOMPUTER | Source = Microsoft Office 12 | ID = 1000 Description = Faulting application powerpnt.exe, version 12.0.4518.1014, stamp 45428035, faulting module ppcore.dll, version 12.0.4518.1014, stamp 454281a3, debug? 0, fault address 0x001af7b0. Error - 4/3/2010 12:51:31 PM | Computer Name = JOECOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/3/2010 12:51:34 PM | Computer Name = JOECOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/5/2010 10:24:03 AM | Computer Name = JOECOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/5/2010 10:38:07 AM | Computer Name = JOECOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/5/2010 10:38:17 AM | Computer Name = JOECOMPUTER | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. [ OSession Events ] Error - 9/29/2009 8:39:37 AM | Computer Name = JOECOMPUTER | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 86 seconds with 60 seconds of active time. This session ended with a crash. Error - 9/29/2009 8:40:29 AM | Computer Name = JOECOMPUTER | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 44 seconds with 0 seconds of active time. This session ended with a crash. Error - 9/29/2009 8:47:39 AM | Computer Name = JOECOMPUTER | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 422 seconds with 180 seconds of active time. This session ended with a crash. [ System Events ] Error - 4/5/2010 10:33:57 AM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect. Error - 4/5/2010 10:33:57 AM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7000 Description = The LiveUpdate service failed to start due to the following error: %%1053 Error - 4/5/2010 7:41:19 PM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 4/5/2010 11:27:56 PM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 4/6/2010 11:23:38 AM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Symantec Core LC service to connect. Error - 4/6/2010 11:23:38 AM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7000 Description = The Symantec Core LC service failed to start due to the following error: %%1053 Error - 4/6/2010 11:25:19 AM | Computer Name = JOECOMPUTER | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 4/6/2010 11:25:19 AM | Computer Name = JOECOMPUTER | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 4/6/2010 11:26:40 AM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 4/6/2010 7:46:14 PM | Computer Name = JOECOMPUTER | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. < End of report >
  8. Something is causing my screen to turn white, usually after being left alone for a period of time. Hijackthis log is as follows. I have scanned with AdAware. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:26:40 AM, on 4/3/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\CyberPatrol LLC\CyberPatrol\cpserver.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defa.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://rd.yahoo.com/customize/sbcydsl/defa...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defa.../search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://rd.yahoo.com/customize/sbcydsl/defa...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [CyberPatrolNew] "C:\Program Files\CyberPatrol LLC\CyberPatrol\CPHQ.exe" /m O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {A8B02DCA-7648-46D6-95A8-B84EC80CA49D} (JamShellLinkX Control) - https://builder.inmotionhosting.com/applet/...ploaderProj.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-29-0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: CyberPatrol UpdateService - CyberPatrol LLC - C:\Program Files\CyberPatrol LLC\CyberPatrol\UpdateService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 9996 bytes
×
×
  • Create New...