Jump to content

NascarFan19

Anti-Spyware Brigade
  • Content Count

    910
  • Joined

  • Last visited

About NascarFan19

  • Rank
    Advanced Member
  • Birthday 03/02/1948

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    Winston Salem, NC

Previous Fields

  • TechExpress Link:
    http://www.pcpitstop.com/techexpress.asp?id=9ETGPWZ1ZWJSX98C
  • Teams:
    SETI@Home Team
  1. Needless to say I love a song with a beat that drives it. Probably one of the most famous/infamous telephone numbers in the world. http://www.youtube.com/watch?v=urZGL8FHtE8
  2. The video is kinda "out there", but the music rocks.
  3. I think Foghat should be mentioned when talking about classic rock. Those guys rocked this song. Hope you enjoy. http://www.youtube.com/watch?v=UscivHCSVgw&feature=related
  4. I will remove all the programs we loaded. I will also print and use the suggestions you listed. I thank you very much for your time and learned skills. You are an asset to the Pit!
  5. Hi Jeffce, Once we have done all we can to this system, and I suspect that we are almost there, are any of the programs I have downloaded of any use on an everday basis? I suspect not, but wanted to ask you. Thanks ComboFix 12-01-10.02 - Owner 01/10/2012 21:16:39.4.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.141 [GMT -5:00] Running from: c:documents and settingsOwnerDesktopComboFix.exe Command switches used :: c:documents and settingsOwnerDesktopCFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . . ((((((((((((((((((((((((( Files Created from 2011-12-11 to 2012-01-11 ))))))))))))))))))))))))))))))) . . 2012-01-10 23:16 . 2012-01-10 23:16 -------- d-----w- c:windowsLastGood 2012-01-10 20:17 . 2012-01-10 20:19 -------- d-----w- c:program filesOracle 2012-01-10 20:16 . 2012-01-10 20:16 -------- d-----w- c:documents and settingsOwnerApplication DataOracle 2012-01-10 20:13 . 2011-11-09 00:56 637848 ----a-w- c:windowssystem32npdeployJava1.dll 2012-01-10 20:13 . 2011-11-09 00:56 567184 ----a-w- c:windowssystem32deployJava1.dll 2012-01-10 05:56 . 2012-01-10 05:56 -------- d-----w- c:documents and settingsOwnerApplication DataDriverCure 2012-01-10 05:56 . 2012-01-10 05:56 -------- d-----w- c:documents and settingsOwnerApplication DataSpeedyPC Software 2012-01-10 05:55 . 2012-01-10 05:55 -------- d-----w- c:program filesCommon FilesSpeedyPC Software 2012-01-10 05:55 . 2012-01-10 05:55 -------- d-----w- c:documents and settingsAll UsersApplication DataSpeedyPC Software 2012-01-10 05:55 . 2012-01-10 05:55 -------- d-----w- c:program filesSpeedyPC Software 2012-01-09 19:06 . 2012-01-09 19:06 -------- d-----w- c:program filesFoxit Software 2012-01-09 06:31 . 2012-01-09 06:31 -------- d-----w- C:_OTL 2012-01-08 02:15 . 2012-01-08 02:15 -------- d-----w- c:program filesESET 2012-01-07 04:55 . 2012-01-07 04:55 -------- d-----w- C:$AVG 2012-01-06 01:30 . 2012-01-06 01:30 -------- d-----w- c:documents and settingsOwnerApplication DataAVG2012 2012-01-06 01:25 . 2012-01-10 15:16 -------- d-----w- c:windowssystem32driversAVG 2012-01-06 01:25 . 2012-01-06 01:38 -------- d-----w- c:documents and settingsAll UsersApplication DataAVG2012 2012-01-06 01:07 . 2012-01-06 01:07 -------- d--h--w- c:documents and settingsAll UsersApplication DataCommon Files 2012-01-06 01:02 . 2012-01-10 23:48 -------- d-----w- c:documents and settingsAll UsersApplication DataMFAData 2012-01-04 02:39 . 2012-01-05 07:38 -------- d-----w- C:HiJack This 2012-01-04 02:37 . 2012-01-04 02:37 388096 ----a-r- c:documents and settingsOwnerApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe 2012-01-04 02:37 . 2012-01-04 02:37 -------- d-----w- c:program filesTrend Micro 2012-01-02 04:54 . 2012-01-02 05:08 -------- d-----w- C:Pictures 2012-01-01 17:22 . 2012-01-01 17:22 0 ----a-w- c:documents and settingsOwnerReset_IE_Windows.reg 2011-12-31 20:49 . 2011-12-31 20:49 -------- d-----w- c:documents and settingsAll UsersApplication DataBlueSprig 2011-12-28 13:13 . 2011-12-31 19:55 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-12-25 00:48 . 2011-12-31 01:48 -------- d-----w- c:documents and settingsAdministrator 2011-12-22 02:07 . 1998-09-02 08:28 38160 ----a-w- c:windowssystem32LMRTREND.dll 2011-12-22 02:07 . 1998-08-20 11:02 140800 ----a-w- c:windowssystem32tm20dec.ax 2011-12-22 02:07 . 1998-08-27 04:51 182032 ----a-w- c:windowssystem32dxtmsft3.dll 2011-12-22 02:06 . 1998-09-02 08:28 63488 ----a-w- c:windowssystem32unam4ie.exe 2011-12-22 02:06 . 1998-08-17 09:21 5672 ----a-w- c:windowssystem32quartz.vxd 2011-12-22 02:06 . 1998-08-17 09:21 10240 ----a-w- c:windowssystem32vidx16.dll 2011-12-22 02:06 . 1998-08-17 09:21 11776 ----a-w- c:windowssystem32mciqtz.drv 2011-12-22 02:06 . 1998-09-02 08:02 194320 ----a-w- c:windowssystem32qcut.dll 2011-12-22 02:06 . 2011-12-22 02:06 4608 ----a-w- c:windowssystem32w95inf32.dll 2011-12-22 02:06 . 2011-12-22 02:06 2272 ----a-w- c:windowssystem32w95inf16.dll 2011-12-22 02:05 . 1996-07-01 05:00 77312 ----a-w- c:windowssystem32TWAIN_32.DLL 2011-12-22 01:44 . 2008-04-14 01:12 20992 ----a-w- c:windowssystem32dshowext.ax 2011-12-19 01:22 . 2011-12-19 01:22 22 --sha-w- c:documents and settingsOwnerApplication DataSys2662.Config.Repository.bin 2011-12-19 01:21 . 2011-12-19 01:22 -------- d-----w- c:program filesjv16 PowerTools 2011 2011-12-19 01:11 . 2012-01-03 20:31 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2011-12-19 01:11 . 2011-12-10 20:24 20464 ----a-w- c:windowssystem32driversmbam.sys 2011-12-17 15:31 . 2011-12-17 15:31 -------- d-----w- c:program filesCommon FilesHewlett-Packard 2011-12-17 15:27 . 2004-09-29 17:08 61440 ----a-w- c:windowssystem32HPZinw12.exe 2011-12-17 15:27 . 2004-09-29 17:15 204800 ----a-w- c:windowssystem32HPZipr12.dll 2011-12-17 15:27 . 2004-09-29 17:14 69632 ----a-w- c:windowssystem32HPZipm12.exe 2011-12-17 15:27 . 2004-09-29 17:09 57344 ----a-w- c:windowssystem32HPZisn12.dll 2011-12-17 15:27 . 2004-09-29 17:09 94208 ----a-w- c:windowssystem32HPZipt12.dll 2011-12-17 15:27 . 2004-09-29 17:12 278584 ----a-w- c:windowssystem32HPZidr12.dll 2011-12-17 15:24 . 2005-03-18 18:32 180315 ----a-w- c:windowssystem32hpzsnt12.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 13:25 . 2007-12-30 03:26 1859584 ----a-w- c:windowssystem32win32k.sys 2011-11-09 00:56 . 2008-02-01 03:57 141312 ----a-w- c:windowssystem32javacpl.cpl 2011-11-04 19:20 . 2007-12-30 04:07 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-11-04 19:20 . 2007-12-30 04:07 1469440 ------w- c:windowssystem32inetcpl.cpl 2011-11-04 19:20 . 2007-12-30 03:26 916992 ----a-w- c:windowssystem32wininet.dll 2011-11-04 11:23 . 2007-12-30 10:26 385024 ----a-w- c:windowssystem32html.iec 2011-11-01 16:07 . 2007-12-30 03:24 1288704 ----a-w- c:windowssystem32ole32.dll 2011-10-28 05:31 . 2007-12-30 04:03 33280 ----a-w- c:windowssystem32csrsrv.dll 2011-10-25 13:37 . 2002-08-29 08:04 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe 2011-10-25 12:52 . 2002-08-29 08:04 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe 2011-10-18 11:13 . 2007-12-30 04:07 186880 -c--a-w- c:windowssystem32encdec.dll 2011-10-17 18:48 . 2011-10-17 18:48 21035 ----a-w- c:windowssystem32driversAegisP.sys 2011-03-21 01:17 . 2011-03-21 01:16 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe 2011-03-19 04:25 . 2011-03-19 04:24 3033192 -c--a-w- c:program filesccsetup304.exe 2011-01-27 03:18 . 2011-01-27 03:18 629968 ----a-w- c:program filesPartyPokerNetSetup.exe 2010-04-30 06:49 . 2010-04-30 06:49 7184528 -c--a-w- c:program filesasc-setup.exe 2010-04-30 06:42 . 2010-04-30 06:42 16409960 ----a-w- c:program filesspybotsd162.exe 2010-04-30 06:24 . 2010-04-30 06:24 3103640 ----a-w- c:program filesspywareblastersetup43.exe 2010-03-14 16:29 . 2010-03-14 16:28 336 ----a-w- c:program filestemp995.bat 2008-07-11 22:39 . 2008-07-12 02:30 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-07_01.39.40 ))))))))))))))))))))))))))))))))))))))))) . + 2005-09-23 03:48 . 2005-09-23 03:48 626688 c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acdmsvcr80.dll + 2005-09-23 03:48 . 2005-09-23 03:48 548864 c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acdmsvcp80.dll + 2005-09-23 03:48 . 2005-09-23 03:48 479232 c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acdmsvcm80.dll + 2003-01-24 12:54 . 2012-01-07 02:05 571112 c:windowssystem32perfh009.dat - 2003-01-24 12:54 . 2012-01-05 02:10 571112 c:windowssystem32perfh009.dat - 2003-01-24 12:54 . 2012-01-05 02:10 109606 c:windowssystem32perfc009.dat + 2003-01-24 12:54 . 2012-01-07 02:05 109606 c:windowssystem32perfc009.dat + 2012-01-10 20:13 . 2011-11-09 00:56 223112 c:windowssystem32javaws.exe + 2012-01-10 20:13 . 2012-01-10 20:11 173960 c:windowssystem32javaw.exe + 2012-01-10 20:13 . 2012-01-10 20:11 173960 c:windowssystem32java.exe + 2012-01-10 23:15 . 2012-01-10 23:15 301056 c:windowsInstaller1bf9498.msi + 2012-01-10 20:20 . 2012-01-10 20:20 101376 c:windowsInstaller10a266e.msi + 2012-01-10 20:18 . 2012-01-10 20:18 375808 c:windowsInstaller10a266a.msi + 2012-01-10 20:14 . 2012-01-10 20:14 176128 c:windowsInstaller10a2666.msi + 2012-01-10 20:11 . 2012-01-10 20:11 938496 c:windowsInstaller10a2660.msi + 2012-01-10 20:04 . 2012-01-10 20:04 519168 c:windowsInstaller10a2659.msi . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "Weather"="c:program filesAWSWeatherBugWeather.exe" [2004-11-08 1597440] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "ZoneAlarm"="c:program filesCheckPointZoneAlarmzatray.exe" [2011-11-10 73360] "AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2011-12-03 2415456] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2011-09-30 252296] . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoWinKeys"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoFavoritesMenu"= 1 (0x1) . [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon] 2009-12-28 20:06 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices] "aawservice"=2 (0x2) . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-] "MSMSGS"="c:program filesMessengermsmsgs.exe" /background . [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile] "EnableFirewall"= 0 (0x0) . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%system32sessmgr.exe"= "%windir%Network Diagnosticxpnetdiag.exe"= . R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [7/11/2011 1:14 AM 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [9/13/2011 6:30 AM 32592] R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [10/7/2011 6:23 AM 230608] R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [7/11/2011 1:14 AM 295248] R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [5/28/2008 9:33 AM 12872] R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [5/28/2008 9:33 AM 67656] R2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [8/2/2011 6:09 AM 192776] R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [11/3/2011 9:44 AM 27016] R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [7/11/2011 1:14 AM 134608] R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [7/11/2011 1:14 AM 24272] R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [10/4/2011 6:21 AM 16720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [3/18/2010 12:16 PM 130384] S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driversCoachCap.sys --> c:windowssystem32driversCoachCap.sys [?] S3 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248] S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys --> c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys [?] S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [5/28/2008 9:33 AM 12872] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504] S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filesCheckPointZAForceFieldISWSVC.exe [11/3/2011 9:44 AM 497280] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - JAVAQUICKSTARTERSERVICE . Contents of the 'Scheduled Tasks' folder . 2012-01-10 c:windowsTasksSpeedyPC Pro.job - c:program filesSpeedyPC SoftwareSpeedyPCSpeedyPC.exe [2011-10-09 01:19] . 2012-01-10 c:windowsTasksSpeedyPC Registration3.job - c:program filesCommon FilesSpeedyPC SoftwareUUS3UUS3.dll [2011-10-06 16:18] . 2012-01-10 c:windowsTasksSpeedyPC Update Version3.job - c:program filesCommon FilesSpeedyPC SoftwareUUS3SpeedyPC_Update3.exe [2011-10-06 16:18] . 2012-01-11 c:windowsTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job - c:windowssystem32msfeedssync.exe [2009-03-08 09:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/login.php uDefault_Search_URL = mSearch Bar = uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 DPF: DirectAnimation Java Classes - file://c:windowsJavaclassesdajava.cab DPF: Microsoft XML Parser for Java - file://c:windowsJavaclassesxmldso.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-01-10 21:34 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(876) c:program filesSUPERAntiSpywareSASWINLO.DLL c:windowssystem32WININET.dll . - - - - - - - > 'explorer.exe'(3408) c:windowssystem32WININET.dll c:windowssystem32ieframe.dll c:windowssystem32webcheck.dll . Completion time: 2012-01-10 21:46:20 ComboFix-quarantined-files.txt 2012-01-11 02:46 ComboFix2.txt 2012-01-08 17:14 ComboFix3.txt 2012-01-07 22:20 ComboFix4.txt 2012-01-07 01:46 . Pre-Run: 22,403,788,800 bytes free Post-Run: 22,719,541,248 bytes free . - - End Of File - - 9433602565FE54E240D164D22EECD3C0
  6. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.2.1 Run by Owner at 17:34:10 on 2012-01-10 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.75 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: ZoneAlarm Free Firewall *Enabled* . ============== Running Processes =============== . C:PROGRA~1AVGAVG2012avgrsx.exe C:Program FilesAVGAVG2012avgcsrvx.exe C:WINDOWSsystem32svchost.exe -k DcomLaunch svchost.exe C:WINDOWSSystem32svchost.exe -k netsvcs C:Program FilesCheckPointZoneAlarmvsmon.exe C:WINDOWSExplorer.EXE C:WINDOWSSystem32svchost.exe -k netsvcs C:WINDOWSsystem32spoolsv.exe C:Program FilesAVGAVG2012avgwdsvc.exe C:WINDOWSsystem32HPZipm12.exe C:WINDOWSSystem32snmp.exe C:Program FilesAVGAVG2012AVGIDSAgent.exe C:Program FilesAVGAVG2012avgnsx.exe C:Program FilesAVGAVG2012avgemcx.exe C:Program FilesCheckPointZoneAlarmzatray.exe C:Program FilesAVGAVG2012avgtray.exe C:Program FilesAWSWeatherBugWeather.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:WINDOWSSystem32svchost.exe -k imgsvc C:Program FilesJavajre7binjqs.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.facebook.com/login.php uDefault_Search_URL = mSearch Bar = uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg2012avgssie.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesoraclejavafx 2.0 runtimebinjp2ssv.dll TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:program filescheckpointzaforcefieldtrustcheckerbinTrustCheckerIEPlugin.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File uRun: [Weather] c:program filesawsweatherbugWeather.exe 1 mRun: [ZoneAlarm] c:program filescheckpointzonealarmzatray.exe mRun: [AVG_TRAY] "c:program filesavgavg2012avgtray.exe" mRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe" uPolicies-explorer: NoWinKeys = 1 (0x1) uPolicies-explorer: NoSMMyDocs = 1 (0x1) uPolicies-explorer: NoFavoritesMenu = 1 (0x1) IE: Google Sidewiki... - c:program filesgooglegoogle toolbarcomponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe DPF: DirectAnimation Java Classes - file://c:windowsjavaclassesdajava.cab DPF: Microsoft XML Parser for Java - file://c:windowsjavaclassesxmldso.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces{733D3642-D733-402B-95C3-B9CFE83B7BA9} : DhcpNameServer = 209.18.47.61 209.18.47.62 Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:program filesbelarcadvisorsystemBAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program filesavgavg2012avgpp.dll Notify: !SASWinLogon - c:program filessuperantispywareSASWINLO.DLL Notify: igfxcui - igfxsrvc.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:program filessuperantispywareSASSEH.DLL . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [2011-9-13 32592] R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [2011-10-7 230608] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32driversavgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [2011-7-11 295248] R1 SASDIFSV;SASDIFSV;c:program filessuperantispywareSASDIFSV.SYS [2008-5-28 12872] R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2008-5-28 67656] R1 Vsdatant;vsdatant;c:windowssystem32vsdatant.sys [2011-11-9 525840] R2 AVGIDSAgent;AVGIDSAgent;c:program filesavgavg2012AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;c:program filesavgavg2012avgwdsvc.exe [2011-8-2 192776] R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filescheckpointzaforcefieldISWKL.sys [2011-11-3 27016] R2 vsmon;TrueVector Internet Monitor;c:program filescheckpointzonealarmvsmon.exe -service --> c:program filescheckpointzonealarmvsmon.exe -service [?] R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [2011-7-11 134608] R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [2011-10-4 16720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driverscoachcap.sys --> c:windowssystem32driversCoachCap.sys [?] S3 cpuz132;cpuz132;??c:docume~1ownerlocals~1tempcpuz132cpuz132_x32.sys --> c:docume~1ownerlocals~1tempcpuz132cpuz132_x32.sys [?] S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1pc-doc~1diagno~1pcdrdrv.sys --> c:progra~1pc-doc~1diagno~1PCDRDRV.sys [?] S3 SASENUM;SASENUM;c:program filessuperantispywareSASENUM.SYS [2008-5-28 12872] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2010-3-18 753504] S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filescheckpointzaforcefieldISWSVC.exe [2011-11-3 497280] . =============== Created Last 30 ================ . 2012-01-10 20:17:37 -------- d-----w- c:program filesOracle 2012-01-10 20:13:38 637848 ----a-w- c:windowssystem32npdeployJava1.dll 2012-01-10 20:13:37 567184 ----a-w- c:windowssystem32deployJava1.dll 2012-01-10 05:56:28 -------- d-----w- c:documents and settingsownerapplication dataDriverCure 2012-01-10 05:56:24 -------- d-----w- c:documents and settingsownerapplication dataSpeedyPC Software 2012-01-10 05:55:23 -------- d-----w- c:program filescommon filesSpeedyPC Software 2012-01-10 05:55:13 -------- d-----w- c:program filesSpeedyPC Software 2012-01-10 05:55:13 -------- d-----w- c:documents and settingsall usersapplication dataSpeedyPC Software 2012-01-09 19:06:33 -------- d-----w- c:program filesFoxit Software 2012-01-09 06:31:10 -------- d-----w- C:_OTL 2012-01-08 02:15:14 -------- d-----w- c:program filesESET 2012-01-07 04:55:33 -------- d-----w- C:$AVG 2012-01-07 01:24:15 -------- d-sha-r- C:cmdcons 2012-01-06 16:43:14 98816 ----a-w- c:windowssed.exe 2012-01-06 16:43:14 518144 ----a-w- c:windowsSWREG.exe 2012-01-06 16:43:14 256000 ----a-w- c:windowsPEV.exe 2012-01-06 16:43:14 208896 ----a-w- c:windowsMBR.exe 2012-01-06 01:30:03 -------- d-----w- c:documents and settingsownerapplication dataAVG2012 2012-01-06 01:25:52 -------- d-----w- c:windowssystem32driversAVG 2012-01-06 01:25:52 -------- d-----w- c:documents and settingsall usersapplication dataAVG2012 2012-01-06 01:07:57 -------- d--h--w- c:documents and settingsall usersapplication dataCommon Files 2012-01-06 01:02:02 -------- d-----w- c:documents and settingsall usersapplication dataMFAData 2012-01-04 02:39:47 -------- d-----w- C:HiJack This 2012-01-04 02:37:50 388096 ----a-r- c:documents and settingsownerapplication datamicrosoftinstaller{45a66726-69bc-466b-a7a4-12fcba4883d7}HiJackThis.exe 2012-01-04 02:37:49 -------- d-----w- c:program filesTrend Micro 2012-01-02 04:54:16 -------- d-----w- C:Pictures 2012-01-01 17:22:50 0 ----a-w- c:documents and settingsownerReset_IE_Windows.reg 2011-12-31 20:49:48 -------- d-----w- c:documents and settingsall usersapplication dataBlueSprig 2011-12-28 13:13:58 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-12-22 02:07:26 38160 ----a-w- c:windowssystem32LMRTREND.dll 2011-12-22 02:07:24 140800 ----a-w- c:windowssystem32tm20dec.ax 2011-12-22 02:07:20 182032 ----a-w- c:windowssystem32dxtmsft3.dll 2011-12-22 02:06:38 63488 ----a-w- c:windowssystem32unam4ie.exe 2011-12-22 02:06:26 5672 ----a-w- c:windowssystem32quartz.vxd 2011-12-22 02:06:26 11776 ----a-w- c:windowssystem32mciqtz.drv 2011-12-22 02:06:26 10240 ----a-w- c:windowssystem32vidx16.dll 2011-12-22 02:06:22 194320 ----a-w- c:windowssystem32qcut.dll 2011-12-22 02:06:17 4608 ----a-w- c:windowssystem32w95inf32.dll 2011-12-22 02:06:16 2272 ----a-w- c:windowssystem32w95inf16.dll 2011-12-22 02:05:47 77312 ----a-w- c:windowssystem32TWAIN_32.DLL 2011-12-22 01:44:15 20992 ----a-w- c:windowssystem32dshowext.ax 2011-12-19 01:22:16 22 --sha-w- c:documents and settingsownerapplication dataSys2662.Config.Repository.bin 2011-12-19 01:21:18 -------- d-----w- c:program filesjv16 PowerTools 2011 2011-12-19 01:11:43 20464 ----a-w- c:windowssystem32driversmbam.sys 2011-12-19 01:11:43 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2011-12-17 15:31:39 -------- d-----w- c:program filescommon filesHewlett-Packard 2011-12-17 15:27:43 61440 ----a-w- c:windowssystem32HPZinw12.exe 2011-12-17 15:27:42 94208 ----a-w- c:windowssystem32HPZipt12.dll 2011-12-17 15:27:42 69632 ----a-w- c:windowssystem32HPZipm12.exe 2011-12-17 15:27:42 57344 ----a-w- c:windowssystem32HPZisn12.dll 2011-12-17 15:27:42 204800 ----a-w- c:windowssystem32HPZipr12.dll 2011-12-17 15:27:41 278584 ----a-w- c:windowssystem32HPZidr12.dll 2011-12-17 15:24:17 180315 ----a-w- c:windowssystem32hpzsnt12.dll . ==================== Find3M ==================== . 2011-11-23 13:25:32 1859584 ----a-w- c:windowssystem32win32k.sys 2011-11-09 00:56:48 141312 ----a-w- c:windowssystem32javacpl.cpl 2011-11-04 19:20:51 916992 ----a-w- c:windowssystem32wininet.dll 2011-11-04 19:20:51 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-11-04 19:20:51 1469440 ------w- c:windowssystem32inetcpl.cpl 2011-11-04 11:23:59 385024 ----a-w- c:windowssystem32html.iec 2011-11-01 16:07:10 1288704 ----a-w- c:windowssystem32ole32.dll 2011-10-28 05:31:48 33280 ----a-w- c:windowssystem32csrsrv.dll 2011-10-25 13:37:08 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe 2011-10-25 12:52:02 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe 2011-10-18 11:13:22 186880 -c--a-w- c:windowssystem32encdec.dll 2011-10-17 18:48:01 21035 ----a-w- c:windowssystem32driversAegisP.sys 2011-03-21 01:17:08 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe 2011-03-19 04:25:01 3033192 -c--a-w- c:program filesccsetup304.exe 2011-01-27 03:18:38 629968 ----a-w- c:program filesPartyPokerNetSetup.exe 2010-04-30 06:49:25 7184528 -c--a-w- c:program filesasc-setup.exe 2010-04-30 06:42:28 16409960 ----a-w- c:program filesspybotsd162.exe 2010-04-30 06:24:07 3103640 ----a-w- c:program filesspywareblastersetup43.exe 2010-03-14 16:29:04 336 ----a-w- c:program filestemp995.bat 2008-07-11 22:39:17 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll . ============= FINISH: 17:38:08.09 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Home Edition Boot Device: DeviceHarddiskVolume2 Install Date: 12/29/2007 10:25:58 PM System Uptime: 1/10/2012 10:05:58 AM (7 hours ago) . Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-6390 Processor: AMD Athlon XP 2200+ | Socket A | 1798/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 33 GiB total, 21.017 GiB free. D: is FIXED (FAT32) - 4 GiB total, 0.782 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP467: 1/9/2012 11:33:37 AM - System Checkpoint RP468: 1/9/2012 2:13:18 PM - Removed Adobe Reader 7.0 RP469: 1/10/2012 3:02:33 PM - Installed Java SE Development Kit 7 Update 2 RP470: 1/10/2012 3:11:10 PM - Installed Java 7 Update 2 RP471: 1/10/2012 3:17:16 PM - Installed JavaFX 2.0.2 SDK RP472: 1/10/2012 3:19:37 PM - Installed JavaFX 2.0.2 . ==== Installed Programs ====================== . . Adobe Flash Player 11 ActiveX Adobe Shockwave Player 11 AiO_Scan AVG 2012 Belarc Advisor 6.1 CCleaner CCScore CDBurnerXP Coloreal EasyCleaner ESET Online Scanner v3 essvatgt fflink Foxit Reader 5.1 Garmin Communicator Plugin Garmin POI Loader Garmin USB Drivers H&R Block Deluxe + Efile + State 2010 H&R Block North Carolina 2010 HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP PSC & OfficeJet 5.3.B IntelĀ® Extreme Graphics Driver Software Java Auto Updater Java 6 Update 3 Java 7 Update 2 Java SE Development Kit 7 Update 2 JavaFX 2.0.2 JavaFX 2.0.2 SDK jv16 PowerTools 2011 kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday Malwarebytes Anti-Malware version 1.60.0.1800 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mp3 Tag Tools v1.2 MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) netbrdg NVIDIA Windows 2000/XP Display Drivers OfotoXMI PartyPoker.net QFolder Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956390) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969897) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB976325) Security Update for Windows XP (KB977165-v2) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) SFR SHASTA skin0001 SKINXSDK SpeedyPC Pro Spybot - Search & Destroy 1.5.2.20 SpywareBlaster 4.5 staticcr SUPERAntiSpyware Free Edition tooltips Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB978506) Update for Windows Internet Explorer 8 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2616676-v2) Update for Windows XP (KB2641690) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update for Windows XP (KB978207) VC 9.0 Runtime VIA Rhine-Family Fast Ethernet Adapter VPRINTOL WD Diagnostics WeatherBug WebFldrs XP Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows XP Service Pack 3 WinPatrol 2008 WIRELESS ZoneAlarm Firewall ZoneAlarm Free ZoneAlarm Security ZoneAlarm Toolbar . ==== Event Viewer Messages From Past Week ======== . 1/9/2012 1:31:14 AM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s). 1/7/2012 5:03:09 PM, error: PlugPlayManager [11] - The device RootLEGACY_ESIHDRV0000 disappeared from the system without first being prepared for removal. 1/6/2012 8:57:06 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Avgldx86 Avgmfx86 Avgtdix BANTExt Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip Vsdatant 1/6/2012 8:57:06 AM, error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Vsdatant service which failed to start because of the following error: A device attached to the system is not functioning. 1/6/2012 8:57:06 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning. 1/6/2012 8:56:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/6/2012 8:47:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 1/6/2012 8:20:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 Avgldx86 Avgmfx86 BANTExt Fips MRxSmb Rdbss SASDIFSV SASKUTIL 1/6/2012 8:20:16 PM, error: Service Control Manager [7023] - The Workstation service terminated with the following error: The system cannot find the file specified. 1/6/2012 8:20:16 PM, error: Service Control Manager [7023] - The Server service terminated with the following error: The system cannot find the file specified. 1/6/2012 8:20:16 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The system cannot find the file specified. 1/6/2012 8:04:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 1/6/2012 8:00:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Avgldx86 Avgmfx86 Avgtdix BANTExt Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip Vsdatant WS2IFSL 1/5/2012 12:20:29 PM, error: atapi [9] - The device, DeviceIdeIdePort0, did not respond within the timeout period. 1/4/2012 8:27:58 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists. 1/3/2012 4:02:11 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: agp440 nv_agp 1/3/2012 4:02:11 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 1/3/2012 4:02:11 PM, error: Service Control Manager [7000] - The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: The system cannot find the file specified. 1/3/2012 4:01:41 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume. . ==== End Of File ===========================
  7. Hi Jeff, I downloaded JavaRa and ran it. It produced the following report. I went to the Java website and could not determine which of the download options I should get for my computer. I saw 2 for win xp, win86 and win64 ( I have 32 bit version ). I dumped Adobe and downloaded the Foxit Reader. The system seems to be a bit quicker now. JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Mon Jan 09 18:26:46 2012 Found and removed: JavaPlugin.FamilyVersionSupport Found and removed: CLSID{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} Found and removed: CLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: CLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} Found and removed: CLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} Found and removed: JavaScript Found and removed: JavaScript Author Found and removed: JavaScript1.1 Found and removed: JavaScript1.1 Author Found and removed: JavaScript1.2 Found and removed: JavaScript1.2 Author Found and removed: SoftwareClassesCLSID{E19F9331-3110-11D4-991C-005004D3B3DB} Found and removed: SoftwareClassesJavaPlugin.160_03 Found and removed: SoftwareJavaSoftJava Update Found and removed: SoftwareJavaSoftJava Runtime Environment1.6.0_03 Found and removed: SoftwareJavaSoftJava2D1.5.0_03 Found and removed: SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} Found and removed: SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} Found and removed: SOFTWAREClassesJavaPlugin Found and removed: SOFTWAREClassesJavaPlugin.160_03 Found and removed: SOFTWAREJavaSoftJava Plug-in1.6.0_03 Found and removed: SOFTWAREJavaSoftJava Runtime Environment1.6 Found and removed: SOFTWAREJavaSoftJava Runtime Environment1.6.0_03 Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1 Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1_02 Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1_03 Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1_04 Found and removed: SOFTWAREJavaSoftJava Web Start1.2 Found and removed: SOFTWAREJavaSoftJava Web Start1.2.0_01 Found and removed: SOFTWAREJavaSoftJava Web Start1.6.0_03 Found and removed: SOFTWAREMicrosoftActive SetupInstalled Components{08B0E5C0-4FCB-11CF-AAA5-00401C608500} Found and removed: SOFTWAREMicrosoftWindowsCurrentVersionInstallerFoldersC:Program FilesJavajre1.6.0_03 Found and removed: SOFTWAREMicrosoftWindowsCurrentVersionInstallerFoldersC:Program FilesCommon FilesJavaUpdateBase Imagesjre1.6.0.b105patch-jre1.6.0_03.b05 ------------------------------------ Finished reporting.
  8. I will look into the programs you suggested after we get finalized here, and again, I thank you for the suggestions. I just now reran OTL with the 2 checks in place and after reboot, I ran it again withOUT the checks. I also copied and pasted the same text into the Custom Scan Window. Again, I appreciate your patience with me. All processes killed ========== SERVICES/DRIVERS ========== ========== OTL ========== Error: No service named NMSAccess was found to stop! ServiceDriver key NMSAccess not found. File File not found not found. Error: No service named msCMTSrvc was found to stop! ServiceDriver key msCMTSrvc not found. File File not found not found. Error: No service named HidServ was found to stop! ServiceDriver key HidServ not found. File File not found not found. Error: No service named AppMgmt was found to stop! ServiceDriver key AppMgmt not found. File File not found not found. HKLMSOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully! HKLMSOFTWAREMicrosoftInternet ExplorerSearchDefault_Search_URL| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerMainDefault_Search_URL| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{02478D38-C3F9-4efb-9B51-7695ECA05670} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found. C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk moved successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found. File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found. Starting removal of ActiveX control {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. C:Documents and SettingsOwnerDesktopcmd.bat deleted successfully. C:Documents and SettingsOwnerDesktopcmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsListC:Program FilesBearShare ApplicationsBearShareBearShare.exe not found. ========== COMMANDS ========== C:WINDOWSSystem32driversetcHosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: Administrator User: All Users User: Default User User: LocalService User: NetworkService User: Owner ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: Administrator User: All Users ->Flash cache emptied: 0 bytes User: Default User User: LocalService User: NetworkService User: Owner ->Flash cache emptied: 470 bytes Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Owner ->Temp folder emptied: 98304 bytes ->Temporary Internet Files folder emptied: 17819992 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 704 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 17.00 mb Restore points cleared and new OTL Restore Point set! Error: Unable to interpret <[Reboot> in the current context! OTL by OldTimer - Version 3.2.31.0 log created on 01092012_111632 FilesFolders moved on Reboot... C:Documents and SettingsOwnerLocal SettingsTemp~DFACFB.tmp moved successfully. C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5UJFZ6UUQindex[4].htm moved successfully. C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5SWP3HDYJfastbutton[1].htm moved successfully. C:WINDOWStempZLT03fa6.TMP moved successfully. Registry entries deleted on Reboot... All processes killed ========== SERVICES/DRIVERS ========== ========== OTL ========== Error: No service named NMSAccess was found to stop! ServiceDriver key NMSAccess not found. File File not found not found. Error: No service named msCMTSrvc was found to stop! ServiceDriver key msCMTSrvc not found. File File not found not found. Error: No service named HidServ was found to stop! ServiceDriver key HidServ not found. File File not found not found. Error: No service named AppMgmt was found to stop! ServiceDriver key AppMgmt not found. File File not found not found. HKLMSOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully! HKLMSOFTWAREMicrosoftInternet ExplorerSearchDefault_Search_URL| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerMainDefault_Search_URL| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{02478D38-C3F9-4efb-9B51-7695ECA05670} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found. File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found. File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found. Starting removal of ActiveX control {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. C:Documents and SettingsOwnerDesktopcmd.bat deleted successfully. C:Documents and SettingsOwnerDesktopcmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsListC:Program FilesBearShare ApplicationsBearShareBearShare.exe not found. ========== COMMANDS ========== C:WINDOWSSystem32driversetcHosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: Administrator User: All Users User: Default User User: LocalService User: NetworkService User: Owner ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: Administrator User: All Users ->Flash cache emptied: 0 bytes User: Default User User: LocalService User: NetworkService User: Owner ->Flash cache emptied: 456 bytes Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Owner ->Temp folder emptied: 49152 bytes ->Temporary Internet Files folder emptied: 3271520 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 256 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 3.00 mb Restore points cleared and new OTL Restore Point set! Error: Unable to interpret <[Reboot> in the current context! OTL by OldTimer - Version 3.2.31.0 log created on 01092012_113257 FilesFolders moved on Reboot... C:Documents and SettingsOwnerLocal SettingsTemp~DF4493.tmp moved successfully. C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5M44Q85V2index[1].htm moved successfully. C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE50D26PN4Kfastbutton[1].htm moved successfully. FileFolder C:WINDOWStempZLT03fd2.TMP not found! Registry entries deleted on Reboot...
  9. I would appreciate any suggestions, even on software. Indeed send the info. I am posting this first scan, but I just noticed that the 2nd scan (after reboot) is to be done without the LOP Check or Purity boxes checked. Before doing the 2nd scan, I wanted to be sure I was doing this correctly. I ran first scan with those boxes not checked. Will I also need to copy contents of the box for 2nd run? For what is worth, after the reboot, I was missing an icon off the desktop. Party Poker. Was not uninstalled just icon was snatched. My home page was also changed to MSN.com. Did you expect this? Thanks for your patience and time. All processes killed ========== SERVICES/DRIVERS ========== ========== OTL ========== Service NMSAccess stopped successfully! Service NMSAccess deleted successfully! File File not found not found. Service msCMTSrvc stopped successfully! Service msCMTSrvc deleted successfully! File File not found not found. Service HidServ stopped successfully! Service HidServ deleted successfully! File File not found not found. Service AppMgmt stopped successfully! Service AppMgmt deleted successfully! File File not found not found. HKLMSOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully! HKLMSOFTWAREMicrosoftInternet ExplorerSearchDefault_Search_URL| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerMainDefault_Search_URL| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully! HKCUSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{02478D38-C3F9-4efb-9B51-7695ECA05670} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found. C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk moved successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found. File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found. Starting removal of ActiveX control {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} deleted successfully. Registry key HKEY_CURRENT_USERSOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. C:Documents and SettingsOwnerDesktopcmd.bat deleted successfully. C:Documents and SettingsOwnerDesktopcmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsListC:Program FilesBearShare ApplicationsBearShareBearShare.exe deleted successfully. ========== COMMANDS ========== C:WINDOWSSystem32driversetcHosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: Administrator User: All Users User: Default User User: LocalService User: NetworkService User: Owner ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: Administrator User: All Users ->Flash cache emptied: 70 bytes User: Default User User: LocalService User: NetworkService User: Owner ->Flash cache emptied: 875 bytes Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: Owner ->Temp folder emptied: 82346 bytes ->Temporary Internet Files folder emptied: 19923376 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 704 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 334885 bytes Total Files Cleaned = 20.00 mb Restore points cleared and new OTL Restore Point set! Error: Unable to interpret <[Reboot> in the current context! OTL by OldTimer - Version 3.2.31.0 log created on 01092012_013110 FilesFolders moved on Reboot... C:Documents and SettingsOwnerLocal SettingsTemp~DF1DCA.tmp moved successfully. C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5RPNXNFS9index[2].htm moved successfully. C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5NGP2N8CBfastbutton[1].htm moved successfully. FileFolder C:WINDOWStempZLT016ad.TMP not found! Registry entries deleted on Reboot...
  10. OTL Extras logfile created on: 1/8/2012 6:24:09 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsOwnerDesktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 479.48 Mb Total Physical Memory | 245.84 Mb Available Physical Memory | 51.27% Memory free 1.10 Gb Paging File | 0.75 Gb Available in Paging File | 68.52% Paging File free Paging file location(s): C:pagefile.sys 720 1440 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 33.40 Gb Total Space | 21.49 Gb Free Space | 64.34% Space Free | Partition Type: NTFS Drive D: | 3.89 Gb Total Space | 0.78 Gb Free Space | 20.13% Space Free | Partition Type: FAT32 Computer Name: YOUR-N3TY7ATHD5 | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall] "DisableMonitoring" = 1 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSr] "Start" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewall] [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallDomainProfile] [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallStandardProfile] [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList] "C:Program FilesBearShare ApplicationsBearShareBearShare.exe" = C:Program FilesBearShare ApplicationsBearShareBearShare.exe:*:Enabled:BearShare [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan "{0D9C6525-FE1B-471E-ADF1-BF286546EC58}" = H&R Block North Carolina 2010 "{10964A8F-21C1-45EA-BC2D-F84B505C3848}" = H&R Block Deluxe + Efile + State 2010 "{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink "{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers "{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012 "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = IntelĀ® Extreme Graphics Driver Software "{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday "{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}" = "{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{BDE90251-93EB-4F6A-89D8-086E2D91DC56}" = Coloreal "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DFA1E2C8-A9DE-4B99-8B3C-866664B5F67C}" = Garmin POI Loader "{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012 "{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11 "AVG" = AVG 2012 "Belarc Advisor 2.0" = Belarc Advisor 6.1 "CCleaner" = CCleaner "ESET Online Scanner" = ESET Online Scanner v3 "ie8" = Windows Internet Explorer 8 "jv16 PowerTools 2011" = jv16 PowerTools 2011 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "mtt12" = Mp3 Tag Tools v1.2 "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "PartyPokerNet" = PartyPoker.net "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20 "SpywareBlaster_is1" = SpywareBlaster 4.5 "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "WeatherBug" = WeatherBug "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinPatrol" = WinPatrol 2008 "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "ZoneAlarm Free" = ZoneAlarm Free "ZoneAlarm Toolbar" = ZoneAlarm Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall] "UnityWebPlayer" = Unity Web Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 7/16/2010 11:01:56 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = WmiAdapter | ID = 4099 Description = Open of service failed. Error - 7/17/2010 1:24:56 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000 Description = Faulting application patch.exe, version 0.0.0.0, faulting module patch.exe, version 0.0.0.0, fault address 0x00002864. Error - 7/17/2010 1:25:03 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000 Description = Faulting application patch.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x100027d1. Error - 2/16/2011 4:35:31 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 2/16/2011 4:35:31 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 3/29/2011 9:20:36 AM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0000ff56. Error - 6/17/2011 9:09:20 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19046, fault address 0x000e1584. Error - 6/28/2011 4:30:14 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = MsiInstaller | ID = 11719 Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance. Error - 6/28/2011 4:30:14 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = MsiInstaller | ID = 1023 Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'KB2478658' could not be installed. Error code 1603. Additional information is available in the log file C:WINDOWSsystem32configSYSTEM~1LOCALS~1TempMicrosoft .NET Framework 2.0-KB2478658_20110628_202937265-Msi0.txt. Error - 6/28/2011 4:30:17 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2478658, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 1719. [ System Events ] Error - 1/6/2012 9:20:16 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Workstation service which failed to start because of the following error: %%2 Error - 1/6/2012 9:20:16 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: AmdK7 Avgldx86 Avgmfx86 BANTExt Fips MRxSmb Rdbss SASDIFSV SASKUTIL Error - 1/6/2012 9:20:16 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7023 Description = The Server service terminated with the following error: %%2 Error - 1/6/2012 9:47:52 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 1/6/2012 9:56:08 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 1/6/2012 10:01:31 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000 Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: %%2 Error - 1/7/2012 10:45:46 AM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000 Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: %%2 Error - 1/7/2012 6:03:09 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = PlugPlayManager | ID = 11 Description = The device RootLEGACY_ESIHDRV0000 disappeared from the system without first being prepared for removal. Error - 1/7/2012 6:08:00 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000 Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: %%2 Error - 1/8/2012 12:01:11 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000 Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: %%2 < End of report >
  11. OTL logfile created on: 1/8/2012 6:24:09 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsOwnerDesktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 479.48 Mb Total Physical Memory | 245.84 Mb Available Physical Memory | 51.27% Memory free 1.10 Gb Paging File | 0.75 Gb Available in Paging File | 68.52% Paging File free Paging file location(s): C:pagefile.sys 720 1440 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 33.40 Gb Total Space | 21.49 Gb Free Space | 64.34% Space Free | Partition Type: NTFS Drive D: | 3.89 Gb Total Space | 0.78 Gb Free Space | 20.13% Space Free | Partition Type: FAT32 Computer Name: YOUR-N3TY7ATHD5 | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:Documents and SettingsOwnerDesktopOTL.exe (OldTimer Tools) PRC - C:Program FilesAVGAVG2012avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:Program FilesAVGAVG2012avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:Program FilesCheckPointZoneAlarmvsmon.exe (Check Point Software Technologies LTD) PRC - C:Program FilesCheckPointZoneAlarmzatray.exe (Check Point Software Technologies LTD) PRC - C:Program FilesAVGAVG2012AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:Program FilesAVGAVG2012avgemcx.exe (AVG Technologies CZ, s.r.o.) PRC - C:Program FilesAVGAVG2012avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:Program FilesAVGAVG2012avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:Program FilesAVGAVG2012avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:WINDOWSexplorer.exe (Microsoft Corporation) PRC - C:Program FilesAWSWeatherBugWeather.exe (AWS Convergence Technologies, Inc.) PRC - C:WINDOWSsystem32HPZipm12.exe (HP) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - (NMSAccess) -- File not found SRV - (msCMTSrvc) -- File not found SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (vsmon) -- C:Program FilesCheckPointZoneAlarmvsmon.exe (Check Point Software Technologies LTD) SRV - (IswSvc) -- C:Program FilesCheckPointZAForceFieldIswSvc.exe (Check Point Software Technologies) SRV - (AVGIDSAgent) -- C:Program FilesAVGAVG2012AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:Program FilesAVGAVG2012avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Pml Driver HPZ12) -- C:WINDOWSsystem32HPZipm12.exe (HP) ========== Driver Services (SafeList) ========== DRV - (catchme) -- File not found DRV - (SASKUTIL) -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASENUM) -- C:Program FilesSUPERAntiSpywareSASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (Vsdatant) -- C:WINDOWSsystem32vsdatant.sys (Check Point Software Technologies LTD) DRV - (ISWKL) -- C:Program FilesCheckPointZAForceFieldISWKL.sys (Check Point Software Technologies) DRV - (Avgldx86) -- C:WINDOWSsystem32driversavgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSShim) -- C:WINDOWSsystem32driversAVGIDSShim.sys (AVG Technologies CZ, s.r.o. ) DRV - (Avgrkx86) -- C:WINDOWSsystem32DRIVERSavgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgmfx86) -- C:WINDOWSsystem32driversavgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgtdix) -- C:WINDOWSsystem32driversavgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSFilter) -- C:WINDOWSsystem32driversAVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSEH) -- C:WINDOWSsystem32DRIVERSAVGIDSEH.Sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSDriver) -- C:WINDOWSsystem32driversAVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV - (StarOpen) -- C:WINDOWSSystem32driversStarOpen.sys () DRV - (motmodem) -- C:WINDOWSsystem32driversmotmodem.sys (Motorola) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:WINDOWSsystem32driversALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:WINDOWSsystem32driversrtl8139.sys (Realtek Semiconductor Corporation) DRV - (wg111nd5) -- C:WINDOWSsystem32driverswg111nd5.sys (NETGEAR, Inc.) DRV - (S3Psddr) -- C:WINDOWSsystem32driverss3gnbm.sys (S3 Graphics, Inc.) DRV - (ltmodem5) -- C:WINDOWSsystem32driversltmdmnt.sys (LT) DRV - (BANTExt) -- C:WINDOWSSystem32DriversBANTExt.sys () DRV - (pfc) -- C:WINDOWSsystem32driverspfc.sys (Padus, Inc.) DRV - (nv_agp) -- C:WINDOWSSystem32DRIVERSnv_agp.sys (NVIDIA Corporation) DRV - (Ps2) -- C:WINDOWSsystem32driversPS2.sys (Hewlett-Packard Company) DRV - (viaagp1) -- C:WINDOWSSystem32DRIVERSviaagp1.sys (VIA Technologies, Inc.) DRV - (ICAM3NT5) -- C:WINDOWSsystem32driversIcam3.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://srch-qus7.hpwis.com/ IE - HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com/ie IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-qus7.hpwis.com/ IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.facebook.com/login.php IE - HKCUSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com/ie IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0 FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.) FF - HKLMSoftwareMozillaPlugins@checkpoint.com/FFApi: C:Program FilesCheckPointZAForceFieldTrustCheckerbinnpFFApi.dll () FF - HKLMSoftwareMozillaPlugins@garmin.com/GpsControl: C:Program FilesGarmin GPS PluginnpGarmin.dll (GARMIN Corp.) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: c:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation) FF - HKCUSoftwareMozillaPlugins@unity3d.com/UnityPlayer,version=1.0: C:Documents and SettingsOwnerLocal SettingsApplication DataUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:Program FilesCheckPointZAForceFieldTrustChecker [2011/11/26 11:33:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:Program FilesAVGAVG2012Firefox4 [2012/01/05 20:28:05 | 000,000,000 | ---D | M] O1 HOSTS File: ([2012/01/07 17:07:13 | 000,000,027 | ---- | M]) - C:WINDOWSsystem32driversetchosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG2012avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll (Sun Microsystems, Inc.) O3 - HKCU..ToolbarShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU..ToolbarShellBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O3 - HKCU..ToolbarWebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU..ToolbarWebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:Program FilesCheckPointZAForceFieldTrustcheckerbinTrustCheckerIEPlugin.dll (Check Point Software Technologies) O4 - HKLM..Run: [AVG_TRAY] C:Program FilesAVGAVG2012avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..Run: [ZoneAlarm] C:Program FilesCheckPointZoneAlarmzatray.exe (Check Point Software Technologies LTD) O4 - HKCU..Run: [Weather] C:Program FilesAWSWeatherBugWeather.exe (AWS Convergence Technologies, Inc.) O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerInfodelivery present O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoResolveSearch = 1 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0 O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoWinKeys = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMMyDocs = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoFavoritesMenu = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0 O8 - Extra context menu item: Google Sidewiki... - res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binnpjpi160_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk () O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk () O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Value error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:WINDOWSJavaclassesdajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:WINDOWSJavaclassesxmldso.cab (Reg Error: Key error.) O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{733D3642-D733-402B-95C3-B9CFE83B7BA9}: DhcpNameServer = 209.18.47.61 209.18.47.62 O18 - ProtocolHandlerbelarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:Program FilesBelarcAdvisorSystemBAVoilaX.dll (Belarc, Inc.) O18 - ProtocolHandlerlinkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG2012avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WINDOWSexplorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) -C:WINDOWSsystem32userinit.exe (Microsoft Corporation) O20 - WinlogonNotify!SASWinLogon: DllName - (C:Program FilesSUPERAntiSpywareSASWINLO.DLL) - C:Program FilesSUPERAntiSpywareSASWINLO.DLL (SUPERAntiSpyware.com) O20 - WinlogonNotifydimsntfy: DllName - () - File not found O20 - WinlogonNotifyigfxcui: DllName - (igfxsrvc.dll) - C:WINDOWSSystem32igfxsrvc.dll (Intel Corporation) O24 - Desktop WallPaper: C:Documents and SettingsOwnerLocal SettingsApplication DataMicrosoftWallpaper1.bmp O24 - Desktop BackupWallPaper: C:Documents and SettingsOwnerLocal SettingsApplication DataMicrosoftWallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003/01/24 09:07:32 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:PROGRA~1AVGAVG2012avgrsx.exe /sync /restart) O35 - HKLM..comfile [open] -- "%1" %* O35 - HKLM..exefile [open] -- "%1" %* O37 - HKLM...com [@ = ComFile] -- "%1" %* O37 - HKLM...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/01/08 18:22:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsOwnerDesktopOTL.exe [2012/01/07 21:15:14 | 000,000,000 | ---D | C] -- C:Program FilesESET [2012/01/06 23:55:33 | 000,000,000 | ---D | C] -- C:$AVG [2012/01/06 20:24:15 | 000,000,000 | RHSD | C] -- C:cmdcons [2012/01/06 11:43:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:WINDOWSSWREG.exe [2012/01/06 11:43:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:WINDOWSSWSC.exe [2012/01/06 11:43:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:WINDOWSSWXCACLS.exe [2012/01/06 11:43:14 | 000,060,416 | ---- | C] (NirSoft) -- C:WINDOWSNIRCMD.exe [2012/01/05 22:18:38 | 004,374,678 | R--- | C] (Swearware) -- C:Documents and SettingsOwnerDesktopComboFix.exe [2012/01/05 20:30:03 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerApplication DataAVG2012 [2012/01/05 20:28:06 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsAVG 2012 [2012/01/05 20:25:52 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataAVG2012 [2012/01/05 20:25:52 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32driversAVG [2012/01/05 20:07:57 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAll UsersApplication DataCommon Files [2012/01/05 20:02:02 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataMFAData [2012/01/05 19:57:49 | 000,000,000 | ---D | C] -- C:WINDOWSERDNT [2012/01/05 19:14:22 | 000,000,000 | ---D | C] -- C:Qoobox [2012/01/04 21:08:48 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachebckgres.dll [2012/01/04 21:08:48 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachebckg.dll [2012/01/04 21:08:48 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachebckgzm.exe [2012/01/04 21:08:48 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachervsezm.exe [2012/01/04 21:08:47 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachechkrres.dll [2012/01/04 21:08:47 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachervseres.dll [2012/01/04 21:08:47 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachervse.dll [2012/01/04 21:08:47 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachechkrzm.exe [2012/01/04 21:08:47 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheshvlzm.exe [2012/01/04 21:08:47 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachechkr.dll [2012/01/04 21:08:46 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheshvlres.dll [2012/01/04 21:08:46 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachehrtzres.dll [2012/01/04 21:08:46 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheshvl.dll [2012/01/04 21:08:46 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachehrtz.dll [2012/01/04 21:08:46 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachehrtzzm.exe [2012/01/04 21:08:45 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecmnresm.dll [2012/01/04 21:08:45 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecmnclim.dll [2012/01/04 21:08:45 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezoneclim.dll [2012/01/04 21:08:45 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezcorem.dll [2012/01/04 21:08:45 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheuniansi.dll [2012/01/04 21:08:45 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheznetm.dll [2012/01/04 21:08:45 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezonelibm.dll [2012/01/04 21:08:45 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezeeverm.dll [2012/01/04 21:08:44 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezclientm.exe [2012/01/04 21:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32write.exe [2012/01/04 21:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachewrite.exe [2012/01/04 21:08:30 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32sndvol32.exe [2012/01/04 21:08:30 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesndvol32.exe [2012/01/04 21:08:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheavwav.dll [2012/01/04 21:08:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32avwav.dll [2012/01/04 21:08:30 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:WINDOWSSystem32hticons.dll [2012/01/04 21:08:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheavmeter.dll [2012/01/04 21:08:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32avmeter.dll [2012/01/04 21:08:30 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:WINDOWSSystem32dllcachehtrn_jis.dll [2012/01/04 21:08:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheavtapi.dll [2012/01/04 21:08:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32avtapi.dll [2012/01/04 21:08:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32winchat.exe [2012/01/04 21:08:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachewinchat.exe [2012/01/04 21:08:17 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32getuname.dll [2012/01/04 21:08:17 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachegetuname.dll [2012/01/04 21:08:17 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecharmap.exe [2012/01/04 21:08:17 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32charmap.exe [2012/01/04 21:08:16 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecalc.exe [2012/01/04 21:08:16 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32calc.exe [2012/01/04 21:08:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32sol.exe [2012/01/04 21:08:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesol.exe [2012/01/04 21:08:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32mshearts.exe [2012/01/04 21:08:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachemshearts.exe [2012/01/04 21:08:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32winmine.exe [2012/01/04 21:08:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachewinmine.exe [2012/01/04 21:08:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32freecell.exe [2012/01/04 21:08:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachefreecell.exe [2012/01/04 21:08:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesmierrsm.dll [2012/01/04 21:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesmimsgif.dll [2012/01/04 21:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesmierrsy.dll [2012/01/04 21:08:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesnmpstup.dll [2012/01/04 09:28:06 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsH&R Block 2010 [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsOwnerMy DocumentsMy Videos [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsAll UsersDocumentsMy Videos [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsOwnerMy DocumentsMy Pictures [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsAll UsersDocumentsMy Pictures [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsOwnerMy DocumentsMy Music [2012/01/03 21:46:13 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersFavorites [2012/01/03 21:39:47 | 000,000,000 | ---D | C] -- C:HiJack This [2012/01/03 21:37:50 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerStart MenuProgramsHiJackThis [2012/01/03 21:37:49 | 000,000,000 | ---D | C] -- C:Program FilesTrend Micro [2012/01/01 23:54:16 | 000,000,000 | ---D | C] -- C:Pictures [2012/01/01 23:31:16 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataAdobe [2012/01/01 23:31:04 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersTemplates [2011/12/31 21:13:27 | 000,000,000 | RH-D | C] -- C:Documents and SettingsOwnerRecent [2011/12/31 15:49:48 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataBlueSprig [2011/12/30 15:37:15 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerStart MenuProgramsPartyPoker.net [2011/12/28 08:13:58 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl [2011/12/21 21:07:26 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32LMRTREND.dll [2011/12/21 21:07:24 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:WINDOWSSystem32tm20dec.ax [2011/12/21 21:07:20 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dxtmsft3.dll [2011/12/21 21:06:38 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32unam4ie.exe [2011/12/21 21:06:35 | 000,000,000 | R--D | C] -- C:Documents and SettingsAll UsersDocumentsMy Music [2011/12/21 21:06:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32mciqtz.drv [2011/12/21 21:06:22 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32qcut.dll [2011/12/21 21:06:17 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf32.dll [2011/12/21 21:06:16 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf16.dll [2011/12/21 21:05:47 | 000,077,312 | ---- | C] (Twain Working Group) -- C:WINDOWSSystem32TWAIN_32.DLL [2011/12/21 20:44:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dshowext.ax [2011/12/21 20:44:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachedshowext.ax [2011/12/18 20:21:37 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerStart MenuProgramsjv16 PowerTools 2011 [2011/12/18 20:21:18 | 000,000,000 | ---D | C] -- C:Program Filesjv16 PowerTools 2011 [2011/12/18 20:11:51 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsMalwarebytes' Anti-Malware [2011/12/18 20:11:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys [2011/12/18 20:11:43 | 000,000,000 | ---D | C] -- C:Program FilesMalwarebytes' Anti-Malware [2011/12/17 10:31:39 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesHewlett-Packard [2011/12/17 10:27:43 | 000,061,440 | ---- | C] (HP) -- C:WINDOWSSystem32HPZinw12.exe [2011/12/17 10:27:42 | 000,204,800 | ---- | C] (HP) -- C:WINDOWSSystem32HPZipr12.dll [2011/12/17 10:27:42 | 000,094,208 | ---- | C] (HP) -- C:WINDOWSSystem32HPZipt12.dll [2011/12/17 10:27:42 | 000,069,632 | ---- | C] (HP) -- C:WINDOWSSystem32HPZipm12.exe [2011/12/17 10:27:42 | 000,057,344 | ---- | C] (HP) -- C:WINDOWSSystem32HPZisn12.dll [2011/12/17 10:27:41 | 000,278,584 | ---- | C] (HP) -- C:WINDOWSSystem32HPZidr12.dll [2011/12/17 10:24:17 | 000,180,315 | ---- | C] (HP) -- C:WINDOWSSystem32hpzsnt12.dll [2011/03/18 23:24:53 | 003,033,192 | ---- | C] (Piriform Ltd) -- C:Program Filesccsetup304.exe [2010/04/30 01:49:25 | 007,184,528 | ---- | C] (IObit ) -- C:Program Filesasc-setup.exe [2010/04/30 01:42:19 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:Program Filesspybotsd162.exe [2010/04/30 01:24:01 | 003,103,640 | ---- | C] (Javacool Software LLC ) -- C:Program Filesspywareblastersetup43.exe [2008/07/11 21:30:22 | 000,262,144 | ---- | C] (ZoneAlarm) -- C:Program FilesUninstall Spy Blocker.dll ========== Files - Modified Within 30 Days ========== [2012/01/08 18:32:05 | 000,000,422 | -H-- | M] () -- C:WINDOWStasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job [2012/01/08 18:22:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsOwnerDesktopOTL.exe [2012/01/08 11:45:45 | 004,374,678 | R--- | M] (Swearware) -- C:Documents and SettingsOwnerDesktopComboFix.exe [2012/01/08 11:09:55 | 086,269,174 | ---- | M] () -- C:WINDOWSSystem32driversAVGincavi.avm [2012/01/08 11:00:20 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat [2012/01/08 11:00:19 | 502,845,440 | -HS- | M] () -- C:hiberfil.sys [2012/01/07 17:07:13 | 000,000,027 | ---- | M] () -- C:WINDOWSSystem32driversetchosts [2012/01/06 21:05:20 | 000,571,112 | ---- | M] () -- C:WINDOWSSystem32perfh009.dat [2012/01/06 21:05:20 | 000,109,606 | ---- | M] () -- C:WINDOWSSystem32perfc009.dat [2012/01/06 20:24:25 | 000,000,316 | RHS- | M] () -- C:boot.ini [2012/01/06 17:32:50 | 000,026,403 | ---- | M] () -- C:WINDOWSSystem32driversAVGiavichjg.avm [2012/01/05 20:28:06 | 000,000,710 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopAVG 2012.lnk [2012/01/05 12:56:22 | 000,001,499 | ---- | M] () -- C:Documents and SettingsOwnerDesktopSolitaire.lnk [2012/01/05 02:36:08 | 000,000,561 | ---- | M] () -- C:Documents and SettingsOwnerDesktopHijackThis.lnk [2012/01/05 02:22:31 | 000,000,527 | ---- | M] () -- C:Documents and SettingsOwnerDesktopdds.lnk [2012/01/04 23:38:15 | 000,148,400 | ---- | M] () -- C:WINDOWSSystem32FNTCACHE.DAT [2012/01/04 21:11:26 | 000,004,507 | ---- | M] () -- C:WINDOWSimsins.BAK [2012/01/04 21:09:02 | 000,000,812 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchWindows Media Player.lnk [2012/01/04 21:06:57 | 000,000,057 | ---- | M] () -- C:WINDOWSSystem32mapisvc.inf [2012/01/04 09:28:41 | 000,001,690 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopH&R Block 2010.lnk [2012/01/03 16:01:54 | 000,000,823 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk [2012/01/03 15:31:29 | 000,000,792 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk [2012/01/02 01:23:26 | 000,001,463 | ---- | M] () -- C:Documents and SettingsOwnerDesktopautoruns.lnk [2012/01/02 00:18:41 | 000,001,364 | ---- | M] () -- C:Documents and SettingsOwnerDesktopJohnson Family.lnk [2012/01/02 00:18:18 | 000,001,369 | ---- | M] () -- C:Documents and SettingsOwnerDesktopFamily Pictures.lnk [2012/01/02 00:18:04 | 000,001,404 | ---- | M] () -- C:Documents and SettingsOwnerDesktopHinson Family Pictures.lnk [2012/01/02 00:17:25 | 000,001,359 | ---- | M] () -- C:Documents and SettingsOwnerDesktopPam's Wedding.lnk [2012/01/01 23:31:16 | 000,001,748 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopAdobe Reader 7.0.lnk [2012/01/01 23:30:47 | 000,526,447 | ---- | M] () -- C:Documents and SettingsOwnerMy Documentsbcertificatapp.pdf [2012/01/01 12:22:50 | 000,000,000 | ---- | M] () -- C:Documents and SettingsOwnerReset_IE_Windows.reg [2011/12/31 14:55:13 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl [2011/12/30 15:37:15 | 000,001,743 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchPartyPoker.net.lnk [2011/12/30 15:37:15 | 000,001,725 | ---- | M] () -- C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk [2011/12/27 17:54:27 | 000,000,177 | ---- | M] () -- C:Documents and SettingsOwnerDesktopGoogle.url [2011/12/26 04:55:46 | 000,000,113 | ---- | M] () -- C:WINDOWSphotoimpression.ini [2011/12/26 04:55:46 | 000,000,029 | ---- | M] () -- C:WINDOWSvideoimp.ini [2011/12/24 20:25:49 | 000,000,754 | ---- | M] () -- C:WINDOWSWORDPAD.INI [2011/12/23 20:54:03 | 000,000,199 | ---- | M] () -- C:Boot.bak [2011/12/21 21:06:57 | 000,023,392 | ---- | M] () -- C:WINDOWSSystem32nscompat.tlb [2011/12/21 21:06:57 | 000,016,832 | ---- | M] () -- C:WINDOWSSystem32amcompat.tlb [2011/12/21 21:06:14 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf32.dll [2011/12/21 21:06:14 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf16.dll [2011/12/21 07:14:57 | 000,001,158 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl [2011/12/20 19:16:55 | 000,000,762 | ---- | M] () -- C:Documents and SettingsOwnerDesktopSpywareBlaster.lnk [2011/12/18 20:22:16 | 000,000,022 | -HS- | M] () -- C:WINDOWSSystem5537 Data.Repository [2011/12/18 20:22:16 | 000,000,022 | -HS- | M] () -- C:Documents and SettingsOwnerApplication DataSys2662.Config.Repository.bin [2011/12/18 20:21:36 | 000,001,590 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick Launchjv16 PowerTools 2011.lnk [2011/12/18 20:21:36 | 000,001,572 | ---- | M] () -- C:Documents and SettingsOwnerDesktopjv16 PowerTools 2011.lnk [2011/12/17 10:32:22 | 000,102,262 | ---- | M] () -- C:WINDOWShpoins05.dat [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys ========== Files Created - No Company Name ========== [2012/01/08 11:09:55 | 086,269,174 | ---- | C] () -- C:WINDOWSSystem32driversAVGincavi.avm [2012/01/06 21:00:34 | 502,845,440 | -HS- | C] () -- C:hiberfil.sys [2012/01/06 20:24:25 | 000,000,199 | ---- | C] () -- C:Boot.bak [2012/01/06 20:24:20 | 000,260,272 | RHS- | C] () -- C:cmldr [2012/01/06 17:32:49 | 000,026,403 | ---- | C] () -- C:WINDOWSSystem32driversAVGiavichjg.avm [2012/01/06 11:43:14 | 000,256,000 | ---- | C] () -- C:WINDOWSPEV.exe [2012/01/06 11:43:14 | 000,208,896 | ---- | C] () -- C:WINDOWSMBR.exe [2012/01/06 11:43:14 | 000,098,816 | ---- | C] () -- C:WINDOWSsed.exe [2012/01/06 11:43:14 | 000,080,412 | ---- | C] () -- C:WINDOWSgrep.exe [2012/01/06 11:43:14 | 000,068,096 | ---- | C] () -- C:WINDOWSzip.exe [2012/01/05 20:28:06 | 000,000,710 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopAVG 2012.lnk [2012/01/05 12:56:22 | 000,001,499 | ---- | C] () -- C:Documents and SettingsOwnerDesktopSolitaire.lnk [2012/01/05 02:36:08 | 000,000,561 | ---- | C] () -- C:Documents and SettingsOwnerDesktopHijackThis.lnk [2012/01/05 02:22:31 | 000,000,527 | ---- | C] () -- C:Documents and SettingsOwnerDesktopdds.lnk [2012/01/04 21:09:02 | 000,000,812 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchWindows Media Player.lnk [2012/01/04 21:09:02 | 000,000,800 | ---- | C] () -- C:Documents and SettingsOwnerStart MenuProgramsWindows Media Player.lnk [2012/01/04 21:08:20 | 000,065,954 | ---- | C] () -- C:WINDOWSPrairie Wind.bmp [2012/01/04 21:08:20 | 000,065,832 | ---- | C] () -- C:WINDOWSSanta Fe Stucco.bmp [2012/01/04 21:08:20 | 000,026,680 | ---- | C] () -- C:WINDOWSRiver Sumida.bmp [2012/01/04 21:08:20 | 000,017,362 | ---- | C] () -- C:WINDOWSRhododendron.bmp [2012/01/04 21:08:20 | 000,009,522 | ---- | C] () -- C:WINDOWSZapotec.bmp [2012/01/04 21:08:19 | 000,065,978 | ---- | C] () -- C:WINDOWSSoap Bubbles.bmp [2012/01/04 21:08:19 | 000,026,582 | ---- | C] () -- C:WINDOWSGreenstone.bmp [2012/01/04 21:08:19 | 000,017,336 | ---- | C] () -- C:WINDOWSGone Fishing.bmp [2012/01/04 21:08:19 | 000,017,062 | ---- | C] () -- C:WINDOWSCoffee Bean.bmp [2012/01/04 21:08:19 | 000,016,730 | ---- | C] () -- C:WINDOWSFeatherTexture.bmp [2012/01/04 21:08:19 | 000,001,272 | ---- | C] () -- C:WINDOWSBlue Lace 16.bmp [2012/01/04 21:08:13 | 000,049,275 | ---- | C] () -- C:WINDOWSSystem32wfospf.mib [2012/01/04 21:08:13 | 000,026,236 | ---- | C] () -- C:WINDOWSSystem32wins.mib [2012/01/04 21:08:12 | 000,038,608 | ---- | C] () -- C:WINDOWSSystem32nipx.mib [2012/01/04 21:08:12 | 000,034,317 | ---- | C] () -- C:WINDOWSSystem32msiprip2.mib [2012/01/04 21:08:12 | 000,013,767 | ---- | C] () -- C:WINDOWSSystem32msipbtp.mib [2012/01/04 21:08:12 | 000,004,332 | ---- | C] () -- C:WINDOWSSystem32smi.mib [2012/01/04 21:08:11 | 000,107,882 | ---- | C] () -- C:WINDOWSSystem32mib_ii.mib [2012/01/04 21:08:11 | 000,030,448 | ---- | C] () -- C:WINDOWSSystem32mcastmib.mib [2012/01/04 21:08:11 | 000,021,386 | ---- | C] () -- C:WINDOWSSystem32mipx.mib [2012/01/04 21:08:11 | 000,010,313 | ---- | C] () -- C:WINDOWSSystem32mripsap.mib [2012/01/04 21:08:11 | 000,000,581 | ---- | C] () -- C:WINDOWSSystem32msft.mib [2012/01/04 21:08:10 | 000,048,593 | ---- | C] () -- C:WINDOWSSystem32hostmib.mib [2012/01/04 21:08:10 | 000,026,100 | ---- | C] () -- C:WINDOWSSystem32lmmib2.mib [2012/01/04 21:08:10 | 000,016,617 | ---- | C] () -- C:WINDOWSSystem32authserv.mib [2012/01/04 21:08:10 | 000,015,799 | ---- | C] () -- C:WINDOWSSystem32ipforwd.mib [2012/01/04 21:08:10 | 000,004,597 | ---- | C] () -- C:WINDOWSSystem32dhcp.mib [2012/01/04 21:08:09 | 000,015,597 | ---- | C] () -- C:WINDOWSSystem32accserv.mib [2012/01/04 09:28:41 | 000,001,690 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopH&R Block 2010.lnk [2012/01/03 16:01:54 | 000,000,823 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk [2012/01/03 16:01:53 | 000,000,811 | ---- | C] () -- C:Documents and SettingsOwnerStart MenuProgramsInternet Explorer.lnk [2012/01/03 15:31:29 | 000,000,792 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk [2012/01/03 15:25:47 | 000,004,507 | ---- | C] () -- C:WINDOWSimsins.BAK [2012/01/02 01:23:26 | 000,001,463 | ---- | C] () -- C:Documents and SettingsOwnerDesktopautoruns.lnk [2012/01/02 00:16:44 | 000,001,369 | ---- | C] () -- C:Documents and SettingsOwnerDesktopFamily Pictures.lnk [2012/01/02 00:16:33 | 000,001,404 | ---- | C] () -- C:Documents and SettingsOwnerDesktopHinson Family Pictures.lnk [2012/01/02 00:16:29 | 000,001,359 | ---- | C] () -- C:Documents and SettingsOwnerDesktopPam's Wedding.lnk [2012/01/01 23:30:45 | 000,526,447 | ---- | C] () -- C:Documents and SettingsOwnerMy Documentsbcertificatapp.pdf [2012/01/01 12:22:50 | 000,000,000 | ---- | C] () -- C:Documents and SettingsOwnerReset_IE_Windows.reg [2011/12/30 15:37:15 | 000,001,743 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchPartyPoker.net.lnk [2011/12/30 15:37:15 | 000,001,725 | ---- | C] () -- C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk [2011/12/24 20:25:48 | 000,000,754 | ---- | C] () -- C:WINDOWSWORDPAD.INI [2011/12/21 21:07:49 | 000,000,029 | ---- | C] () -- C:WINDOWSvideoimp.ini [2011/12/21 21:07:47 | 000,000,113 | ---- | C] () -- C:WINDOWSphotoimpression.ini [2011/12/21 21:06:26 | 000,010,240 | ---- | C] () -- C:WINDOWSSystem32vidx16.dll [2011/12/21 21:06:26 | 000,005,672 | ---- | C] () -- C:WINDOWSSystem32quartz.vxd [2011/12/18 20:22:16 | 000,000,022 | -HS- | C] () -- C:WINDOWSSystem5537 Data.Repository [2011/12/18 20:22:16 | 000,000,022 | -HS- | C] () -- C:Documents and SettingsOwnerApplication DataSys2662.Config.Repository.bin [2011/12/18 20:21:36 | 000,001,590 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick Launchjv16 PowerTools 2011.lnk [2011/12/18 20:21:36 | 000,001,572 | ---- | C] () -- C:Documents and SettingsOwnerDesktopjv16 PowerTools 2011.lnk [2011/12/17 10:25:17 | 000,102,262 | ---- | C] () -- C:WINDOWShpoins05.dat [2011/12/17 10:25:17 | 000,017,505 | ---- | C] () -- C:WINDOWShpomdl07.dat [2011/12/13 14:29:17 | 000,001,748 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopAdobe Reader 7.0.lnk [2011/12/13 14:29:15 | 000,002,321 | ---- | C] () -- C:Documents and SettingsAll UsersStart MenuProgramsAdobe Reader 7.0.lnk [2011/11/28 17:15:06 | 000,112,790 | ---- | C] () -- C:WINDOWShpoins07.dat.temp [2011/11/28 17:15:06 | 000,021,124 | ---- | C] () -- C:WINDOWShpomdl07.dat.temp [2011/10/13 22:40:28 | 000,150,058 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication DataWPFFontCache_v0400-System.dat [2011/08/24 09:40:24 | 000,206,411 | ---- | C] () -- C:Program Filesbowbie.com.jpg [2011/06/19 10:37:35 | 000,005,504 | ---- | C] () -- C:WINDOWSSystem32driversStarOpen.sys [2011/03/20 20:16:23 | 046,972,928 | ---- | C] () -- C:Program FileszaSetup_92_105_000_en.exe [2011/01/26 22:18:25 | 000,629,968 | ---- | C] () -- C:Program FilesPartyPokerNetSetup.exe [2010/03/14 11:28:53 | 000,000,336 | ---- | C] () -- C:Program Filestemp995.bat [2009/02/18 19:59:47 | 000,000,408 | ---- | C] () -- C:WINDOWSPowerReg.dat [2008/05/13 21:15:50 | 000,009,216 | ---- | C] () -- C:Documents and SettingsOwnerLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/12/31 22:40:03 | 000,051,716 | ---- | C] () -- C:WINDOWSSystem32pdf995mon.dll [2007/12/30 19:31:15 | 000,011,134 | ---- | C] () -- C:WINDOWSSystem32msvcr20.dll [2007/12/30 18:25:19 | 000,060,565 | ---- | C] () -- C:WINDOWSSystem32EPPICPrinterDB.dat [2007/12/30 18:25:19 | 000,029,114 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern1.dat [2007/12/30 18:25:19 | 000,021,021 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern3.dat [2007/12/30 18:25:19 | 000,015,670 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern5.dat [2007/12/30 18:25:19 | 000,013,280 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern2.dat [2007/12/30 18:25:19 | 000,010,673 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern4.dat [2007/12/30 18:25:19 | 000,004,943 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern6.dat [2007/12/30 18:25:19 | 000,001,140 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_PT.dat [2007/12/30 18:25:19 | 000,001,140 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_BP.dat [2007/12/30 18:25:19 | 000,001,137 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_ES.dat [2007/12/30 18:25:19 | 000,001,130 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_FR.dat [2007/12/30 18:25:19 | 000,001,130 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_CF.dat [2007/12/30 18:25:19 | 000,001,104 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_EN.dat [2007/12/30 18:25:19 | 000,000,097 | ---- | C] () -- C:WINDOWSSystem32PICSDK.ini [2007/12/30 18:24:24 | 000,000,058 | ---- | C] () -- C:WINDOWSSystem32EAL32.INI [2007/12/29 23:07:49 | 000,673,088 | ---- | C] () -- C:WINDOWSSystem32mlang.dat [2007/12/29 23:07:48 | 000,046,258 | ---- | C] () -- C:WINDOWSSystem32mib.bin [2007/12/29 23:04:10 | 000,218,003 | ---- | C] () -- C:WINDOWSSystem32dssec.dat [2007/12/29 23:04:04 | 000,001,804 | ---- | C] () -- C:WINDOWSSystem32dcache.bin [2007/12/29 23:00:33 | 000,003,840 | ---- | C] () -- C:WINDOWSSystem32driversBANTExt.sys [2007/12/29 22:24:30 | 000,272,128 | ---- | C] () -- C:WINDOWSSystem32perfi009.dat [2007/12/29 22:24:30 | 000,028,626 | ---- | C] () -- C:WINDOWSSystem32perfd009.dat [2007/12/29 22:24:28 | 000,004,490 | ---- | C] () -- C:WINDOWSSystem32oembios.dat [2007/12/29 22:24:23 | 013,107,200 | ---- | C] () -- C:WINDOWSSystem32oembios.bin [2007/12/29 22:24:19 | 000,000,741 | ---- | C] () -- C:WINDOWSSystem32noise.dat [2007/04/03 19:47:02 | 000,000,142 | ---- | C] () -- C:WINDOWSwpd99.drv [2007/04/03 19:46:55 | 000,691,545 | ---- | C] () -- C:WINDOWSunins000.exe [2007/04/03 19:46:55 | 000,002,550 | ---- | C] () -- C:WINDOWSunins000.dat [2007/04/03 19:46:51 | 000,000,028 | ---- | C] () -- C:WINDOWSpdf995.ini [2007/04/03 19:46:50 | 000,000,335 | ---- | C] () -- C:WINDOWSnsreg.dat [2007/04/03 19:46:50 | 000,000,010 | ---- | C] () -- C:WINDOWSmsoffice.ini [2007/04/03 19:46:36 | 000,006,550 | ---- | C] () -- C:WINDOWSjautoexp.dat [2007/04/03 19:46:35 | 000,000,044 | ---- | C] () -- C:WINDOWSEPR220.ini [2007/03/27 09:45:22 | 000,038,567 | ---- | C] () -- C:WINDOWSSystem32pcpbios.exe [2007/03/27 09:45:22 | 000,004,096 | ---- | C] () -- C:WINDOWSSystem32sysres.dll [2004/09/17 17:37:42 | 000,061,440 | ---- | C] () -- C:WINDOWSSystem32vuins32.dll [2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:WINDOWSSystem32secupd.dat [2003/08/07 13:01:50 | 000,237,568 | ---- | C] () -- C:WINDOWSSystem32lame_enc.dll [2003/01/25 05:43:47 | 000,000,061 | ---- | C] () -- C:WINDOWSsmscfg.ini [2003/01/25 05:43:16 | 000,000,000 | ---- | C] () -- C:WINDOWSSystem32iAlmcoin.dll [2003/01/24 10:36:27 | 000,073,728 | ---- | C] () -- C:WINDOWSSystem32IntroReg.dll [2003/01/24 10:36:25 | 000,024,576 | ---- | C] () -- C:WINDOWSSystem32syscontr.dll [2003/01/24 10:36:24 | 000,036,864 | ---- | C] () -- C:WINDOWSSystem32hpreg.dll [2003/01/24 10:27:03 | 000,008,822 | ---- | C] () -- C:WINDOWSmozver.dat [2003/01/24 10:18:55 | 000,000,052 | ---- | C] () -- C:WINDOWSintuprof.ini [2003/01/24 10:18:40 | 000,000,608 | ---- | C] () -- C:WINDOWSQUICKEN.INI [2003/01/24 09:41:30 | 000,266,240 | ---- | C] () -- C:WINDOWSSystem32shpshftr.dll [2003/01/24 09:30:21 | 000,299,073 | ---- | C] () -- C:WINDOWSSystem32PythonCOM22.dll [2003/01/24 09:30:21 | 000,065,536 | ---- | C] () -- C:WINDOWSSystem32PyWinTypes22.dll [2003/01/24 09:29:52 | 000,016,896 | ---- | C] () -- C:WINDOWSSystem32bcbmm.dll [2003/01/24 09:11:36 | 000,000,802 | ---- | C] () -- C:WINDOWSorun32.ini [2003/01/24 09:09:48 | 000,002,048 | --S- | C] () -- C:WINDOWSbootstat.dat [2003/01/24 09:04:56 | 000,021,640 | ---- | C] () -- C:WINDOWSSystem32emptyregdb.dat [2003/01/24 07:55:28 | 000,000,552 | ---- | C] () -- C:WINDOWSSystem32oeminfo.ini [2003/01/24 07:54:56 | 000,571,112 | ---- | C] () -- C:WINDOWSSystem32perfh009.dat [2003/01/24 07:54:56 | 000,109,606 | ---- | C] () -- C:WINDOWSSystem32perfc009.dat [2003/01/24 01:00:00 | 000,004,161 | ---- | C] () -- C:WINDOWSODBCINST.INI [2003/01/24 00:59:01 | 000,148,400 | ---- | C] () -- C:WINDOWSSystem32FNTCACHE.DAT ========== LOP Check ========== [2012/01/05 20:38:00 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataAVG2012 [2011/12/31 15:49:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataBlueSprig [2011/11/26 11:31:53 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataCheckPoint [2012/01/05 20:07:57 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCommon Files [2010/07/16 22:06:20 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataDriver Inspector [2012/01/08 11:10:37 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataMFAData [2010/06/05 22:39:24 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPC Drivers HeadQuarters [2011/11/25 01:17:08 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop [2008/08/18 09:58:35 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Datapdf995 [2011/02/05 16:27:57 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTaxCut [2012/01/05 20:30:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataAVG2012 [2011/11/25 03:27:04 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataBabylon [2011/06/19 10:38:02 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataCanneverbe Limited [2011/11/26 11:33:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataCheckPoint [2011/06/25 16:34:39 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataDriverFinder [2011/12/12 13:29:29 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataFrostWire [2011/10/14 12:36:32 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataGarmin [2010/04/30 02:07:11 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataIObit [2008/05/04 21:30:02 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication Dataiolo [2009/03/16 17:24:11 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataLimeWire [2008/03/09 17:31:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication Datapdf995 [2003/01/24 10:24:23 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataSampleView [2011/02/05 16:35:12 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataTaxCut [2008/08/22 20:44:39 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataTPA Software [2011/12/19 00:41:46 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataUniblue [2011/04/14 14:48:39 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataUnity [2011/12/12 13:29:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DatauTorrent [2003/01/24 10:09:08 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataVERITAS [2011/12/20 17:36:59 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataWeatherBug [2008/07/11 17:16:17 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataWinPatrol [2012/01/08 18:32:05 | 000,000,422 | -H-- | M] () -- C:WINDOWSTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job ========== Purity Check ========== < End of report >
  12. I have noticed that each time the system reboots after running these tests, that I am told by popup that the default browser is not IE. I tell it to make it the default. I have never seen that before. The system seems to be a little faster but its hard to tell. I am sure as old as the system is and amout of ram I have here is major reason for sluggishness. I wanted to be sure that it is as clean as possible. ComboFix 12-01-07.03 - Owner 01/08/2012 11:52:51.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.224 [GMT -5:00] Running from: c:documents and settingsOwnerDesktopComboFix.exe Command switches used :: c:documents and settingsOwnerDesktopCFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . FILE :: "c:documents and settingsOwnerMy DocumentsPicMorph.exe" "c:windowssystem32ConTest.dll" . . ((((((((((((((((((((((((( Files Created from 2011-12-08 to 2012-01-08 ))))))))))))))))))))))))))))))) . . 2012-01-08 02:15 . 2012-01-08 02:15 -------- d-----w- c:program filesESET 2012-01-07 04:55 . 2012-01-07 04:55 -------- d-----w- C:$AVG 2012-01-06 01:30 . 2012-01-06 01:30 -------- d-----w- c:documents and settingsOwnerApplication DataAVG2012 2012-01-06 01:25 . 2012-01-08 16:10 -------- d-----w- c:windowssystem32driversAVG 2012-01-06 01:25 . 2012-01-06 01:38 -------- d-----w- c:documents and settingsAll UsersApplication DataAVG2012 2012-01-06 01:07 . 2012-01-06 01:07 -------- d--h--w- c:documents and settingsAll UsersApplication DataCommon Files 2012-01-06 01:02 . 2012-01-08 16:10 -------- d-----w- c:documents and settingsAll UsersApplication DataMFAData 2012-01-04 02:39 . 2012-01-05 07:38 -------- d-----w- C:HiJack This 2012-01-04 02:37 . 2012-01-04 02:37 388096 ----a-r- c:documents and settingsOwnerApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe 2012-01-04 02:37 . 2012-01-04 02:37 -------- d-----w- c:program filesTrend Micro 2012-01-02 04:54 . 2012-01-02 05:08 -------- d-----w- C:Pictures 2012-01-01 17:22 . 2012-01-01 17:22 0 ----a-w- c:documents and settingsOwnerReset_IE_Windows.reg 2011-12-31 20:49 . 2011-12-31 20:49 -------- d-----w- c:documents and settingsAll UsersApplication DataBlueSprig 2011-12-28 13:13 . 2011-12-31 19:55 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-12-25 00:48 . 2011-12-31 01:48 -------- d-----w- c:documents and settingsAdministrator 2011-12-22 02:07 . 1998-09-02 08:28 38160 ----a-w- c:windowssystem32LMRTREND.dll 2011-12-22 02:07 . 1998-08-20 11:02 140800 ----a-w- c:windowssystem32tm20dec.ax 2011-12-22 02:07 . 1998-08-27 04:51 182032 ----a-w- c:windowssystem32dxtmsft3.dll 2011-12-22 02:06 . 1998-09-02 08:28 63488 ----a-w- c:windowssystem32unam4ie.exe 2011-12-22 02:06 . 1998-08-17 09:21 5672 ----a-w- c:windowssystem32quartz.vxd 2011-12-22 02:06 . 1998-08-17 09:21 10240 ----a-w- c:windowssystem32vidx16.dll 2011-12-22 02:06 . 1998-08-17 09:21 11776 ----a-w- c:windowssystem32mciqtz.drv 2011-12-22 02:06 . 1998-09-02 08:02 194320 ----a-w- c:windowssystem32qcut.dll 2011-12-22 02:06 . 2011-12-22 02:06 4608 ----a-w- c:windowssystem32w95inf32.dll 2011-12-22 02:06 . 2011-12-22 02:06 2272 ----a-w- c:windowssystem32w95inf16.dll 2011-12-22 02:05 . 1996-07-01 05:00 77312 ----a-w- c:windowssystem32TWAIN_32.DLL 2011-12-22 01:44 . 2008-04-14 01:12 20992 ----a-w- c:windowssystem32dshowext.ax 2011-12-19 01:22 . 2011-12-19 01:22 22 --sha-w- c:documents and settingsOwnerApplication DataSys2662.Config.Repository.bin 2011-12-19 01:21 . 2011-12-19 01:22 -------- d-----w- c:program filesjv16 PowerTools 2011 2011-12-19 01:11 . 2012-01-03 20:31 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2011-12-19 01:11 . 2011-12-10 20:24 20464 ----a-w- c:windowssystem32driversmbam.sys 2011-12-17 15:31 . 2011-12-17 15:31 -------- d-----w- c:program filesCommon FilesHewlett-Packard 2011-12-17 15:27 . 2004-09-29 17:08 61440 ----a-w- c:windowssystem32HPZinw12.exe 2011-12-17 15:27 . 2004-09-29 17:15 204800 ----a-w- c:windowssystem32HPZipr12.dll 2011-12-17 15:27 . 2004-09-29 17:14 69632 ----a-w- c:windowssystem32HPZipm12.exe 2011-12-17 15:27 . 2004-09-29 17:09 57344 ----a-w- c:windowssystem32HPZisn12.dll 2011-12-17 15:27 . 2004-09-29 17:09 94208 ----a-w- c:windowssystem32HPZipt12.dll 2011-12-17 15:27 . 2004-09-29 17:12 278584 ----a-w- c:windowssystem32HPZidr12.dll 2011-12-17 15:24 . 2005-03-18 18:32 180315 ----a-w- c:windowssystem32hpzsnt12.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 13:25 . 2007-12-30 03:26 1859584 ----a-w- c:windowssystem32win32k.sys 2011-11-04 19:20 . 2007-12-30 04:07 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-11-04 19:20 . 2007-12-30 04:07 1469440 ------w- c:windowssystem32inetcpl.cpl 2011-11-04 19:20 . 2007-12-30 03:26 916992 ----a-w- c:windowssystem32wininet.dll 2011-11-04 11:23 . 2007-12-30 10:26 385024 ----a-w- c:windowssystem32html.iec 2011-11-01 16:07 . 2007-12-30 03:24 1288704 ----a-w- c:windowssystem32ole32.dll 2011-10-28 05:31 . 2007-12-30 04:03 33280 ----a-w- c:windowssystem32csrsrv.dll 2011-10-25 13:37 . 2002-08-29 08:04 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe 2011-10-25 12:52 . 2002-08-29 08:04 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe 2011-10-18 11:13 . 2007-12-30 04:07 186880 -c--a-w- c:windowssystem32encdec.dll 2011-10-17 18:48 . 2011-10-17 18:48 21035 ----a-w- c:windowssystem32driversAegisP.sys 2011-03-21 01:17 . 2011-03-21 01:16 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe 2011-03-19 04:25 . 2011-03-19 04:24 3033192 -c--a-w- c:program filesccsetup304.exe 2011-01-27 03:18 . 2011-01-27 03:18 629968 ----a-w- c:program filesPartyPokerNetSetup.exe 2010-04-30 06:49 . 2010-04-30 06:49 7184528 -c--a-w- c:program filesasc-setup.exe 2010-04-30 06:42 . 2010-04-30 06:42 16409960 ----a-w- c:program filesspybotsd162.exe 2010-04-30 06:24 . 2010-04-30 06:24 3103640 ----a-w- c:program filesspywareblastersetup43.exe 2010-03-14 16:29 . 2010-03-14 16:28 336 ----a-w- c:program filestemp995.bat 2008-07-11 22:39 . 2008-07-12 02:30 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-07_01.39.40 ))))))))))))))))))))))))))))))))))))))))) . - 2003-01-24 12:54 . 2012-01-05 02:10 571112 c:windowssystem32perfh009.dat + 2003-01-24 12:54 . 2012-01-07 02:05 571112 c:windowssystem32perfh009.dat + 2003-01-24 12:54 . 2012-01-07 02:05 109606 c:windowssystem32perfc009.dat - 2003-01-24 12:54 . 2012-01-05 02:10 109606 c:windowssystem32perfc009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "Weather"="c:program filesAWSWeatherBugWeather.exe" [2004-11-08 1597440] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "ZoneAlarm"="c:program filesCheckPointZoneAlarmzatray.exe" [2011-11-10 73360] "AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2011-12-03 2415456] . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoWinKeys"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoFavoritesMenu"= 1 (0x1) . [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon] 2009-12-28 20:06 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices] "aawservice"=2 (0x2) . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-] "MSMSGS"="c:program filesMessengermsmsgs.exe" /background . [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile] "EnableFirewall"= 0 (0x0) . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%system32sessmgr.exe"= "%windir%Network Diagnosticxpnetdiag.exe"= . R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [7/11/2011 1:14 AM 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [9/13/2011 6:30 AM 32592] R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [10/7/2011 6:23 AM 230608] R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [7/11/2011 1:14 AM 295248] R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [5/28/2008 9:33 AM 12872] R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [5/28/2008 9:33 AM 67656] R2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [8/2/2011 6:09 AM 192776] R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [11/3/2011 9:44 AM 27016] R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [7/11/2011 1:14 AM 134608] R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [7/11/2011 1:14 AM 24272] R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [10/4/2011 6:21 AM 16720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [3/18/2010 12:16 PM 130384] S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driversCoachCap.sys --> c:windowssystem32driversCoachCap.sys [?] S3 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248] S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys --> c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys [?] S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [5/28/2008 9:33 AM 12872] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504] S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filesCheckPointZAForceFieldISWSVC.exe [11/3/2011 9:44 AM 497280] S4 msCMTSrvc;Content Monitoring Tool;c:windowssystem32msCMTSrvc.exe --> c:windowssystem32msCMTSrvc.exe [?] . Contents of the 'Scheduled Tasks' folder . 2012-01-08 c:windowsTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job - c:windowssystem32msfeedssync.exe [2009-03-08 09:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/login.php uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/ mSearch Bar = hxxp://srch-qus7.hpwis.com/ uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 DPF: DirectAnimation Java Classes - file://c:windowsJavaclassesdajava.cab DPF: Microsoft XML Parser for Java - file://c:windowsJavaclassesxmldso.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-01-08 12:06 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(876) c:program filesSUPERAntiSpywareSASWINLO.DLL c:windowssystem32WININET.dll . - - - - - - - > 'explorer.exe'(3848) c:windowssystem32WININET.dll c:windowssystem32ieframe.dll c:windowssystem32webcheck.dll . Completion time: 2012-01-08 12:14:38 ComboFix-quarantined-files.txt 2012-01-08 17:14 ComboFix2.txt 2012-01-07 22:20 ComboFix3.txt 2012-01-07 01:46 . Pre-Run: 23,063,560,192 bytes free Post-Run: 23,069,503,488 bytes free . - - End Of File - - B27E0C662383CE35B430CD97907E501F
  13. Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.08.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Owner :: YOUR-N3TY7ATHD5 [administrator] 1/7/2012 8:41:48 PM mbam-log-2012-01-07 (20-41-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 178501 Time elapsed: 16 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) C:Documents and SettingsOwnerMy DocumentsPicMorph.exe Win32/Toolbar.Zugo application C:WINDOWSsystem32ConTest.dll Win32/Adware.Ascentive application
×
×
  • Create New...