Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow running, hanging up and not responding [CLOSED] [RESOLVED]


  • This topic is locked This topic is locked

#1
Martines3kids

Martines3kids

    Member

  • Member
  • PipPip
  • 22 posts
Computer hangs up frequently..."program not responding". Intermittent problems with Outlook not opening. Malwarebytes, Hijackthis and Uninstall List posted below. Thanks in advance!


Malwarebytes' Anti-Malware 1.24
Database version: 1040
Windows 5.1.2600 Service Pack 2

9:00:56 AM 8/11/2008
mbam-log-8-11-2008 (09-00-56).txt

Scan type: Quick Scan
Objects scanned: 40315
Time elapsed: 6 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hdtip.bswf (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\AdwareAlert\ErrorLog.txt (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\SpyLog.txt (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\rs.txt (Malware.Trace) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:15 AM, on 8/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\windows\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\windows\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\windows\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\windows\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\qoeapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www1.snapfish...tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish....fishActivia.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgall..._2/axofupld.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineco...loadcontrol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab34246.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai...0/Installer.exe
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.co...GameManager.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai...l/installer.exe
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 10200 bytes

Uninstall List

Ad-Aware 2007
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player ActiveX
Adobe Photoshop Album 2.0
Adobe Reader 8.1.2
Blue's 123 Time Activities
Blue's Reading Time Activities
Broadcom Driver Installer
CA Internet Security Suite
Canon PowerShot A40 WIA Driver
Canon Utilities PhotoStitch 3.1
Canon Utilities RAW Image Converter
Canon Utilities RemoteCapture 2.2
Canon Utilities ZoomBrowser EX
CCleaner (remove only)
Deer Hunter 2
Dell ResourceCD
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
hp instant support
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 2100 series
hp psc 2100 series
hp psc 2100 series
Intel® Extreme Graphics Driver
iPod for Windows 2006-06-28
iTunes
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 6 Update 7
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Word Viewer 2003
Monsters Jr
MSXML 4.0 SP2 (KB936181)
MUSICMATCH Jukebox
Panda ActiveScan
Picasa 2
QuickTime
Road Runner Medic 5.4
ROBLOX
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
SoundMAX
SpywareBlaster v3.5.1
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Virtools 3D Life Player
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WordPerfect Office 11
Yahoo! Messenger
  • 0

Advertisements


#2
SpySentinel

SpySentinel

    R.I.P.

  • Retired Staff
  • 5,152 posts
Hey Martines3kids,

Welcome to Geeks to Go! My name is SpySentinel and I will be helping you fix your computer problem.

Take note that I'm still in training, and my posts will have to be checked by an expert. This may cause delays in between my responses, I ask for your patience. Please stick with me until we get your computer cleaned up.

I'm currently analyzing your log now, and I'll post back with a fix ASAP. Thanks for your patience.
  • 0

#3
SpySentinel

SpySentinel

    R.I.P.

  • Retired Staff
  • 5,152 posts
Welcome to Geeks to Go.


Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):


Java™ 6 Update 3
Java™ 6 Update 5


Please note any other programs that you don't recognize in that list in your next response.

Please download Runscanner to your desktop and run it.
  • When the first page comes up select Beginner Mode
  • On the next page select Save a binary .Run file (Recommended) then click Start full scan at the top.
  • At this time Runscanner.exe may request access to the Internet through your firewall please allow it to do so, it will then run for two or three minutes.
  • On completion it will ask for a location to save the file and a name. It will do this for both the .run file and the log file
  • Call the .run file "Select a name" and save it to your desktop. You will see the .run file on your desktop. Upload that file here.

  • 0

#4
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Thank you, SpySentinel,
I removed the 2 Java updates you requested, and also removed the Roblox game. Below you will find the log you requested. Thanks in advance for your help!!
Martine


Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

General info
------------
Computer name : SUTERA-X7HIIFEG
Creation time : 8/18/2008 11:02:02 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.11
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 1.7.0.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\windows

Running processes
-----------------
* C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)
* C:\windows\System32\alg.exe (Microsoft Corporation)
* C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe (Computer Associates International, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe (CA, Inc.)
* C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe (CA, Inc.)
* C:\windows\system32\csrss.exe (Microsoft Corporation)
* C:\windows\system32\ctfmon.exe (Microsoft Corporation)
* C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe (CA, Inc.)
* C:\windows\System32\svchost.exe (Microsoft Corporation)
* C:\windows\System32\svchost.exe (Microsoft Corporation)
* C:\windows\System32\svchost.exe (Microsoft Corporation)
* C:\windows\system32\svchost.exe (Microsoft Corporation)
* C:\windows\system32\svchost.exe (Microsoft Corporation)
* C:\windows\System32\svchost.exe (Microsoft Corporation)
* C:\windows\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe (CA)
* C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe (CA)
* C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe (CA)
* C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe (CA)
* C:\windows\system32\hkcmd.exe (Intel Corporation)
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe (Hewlett-Packard Co.)
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe (Hewlett-Packard Co.)
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
C:\Program Files\iPod\bin\iPodService.exe (Apple Computer, Inc.)
C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
* C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
* C:\windows\system32\lsass.exe (Microsoft Corporation)
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
* C:\WINDOWS\System32\HPZipm12.exe (HP)
* C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe (CA)
C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
* C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for runscanner.zip\RunScanner.exe (Runscanner.net)
* C:\windows\system32\services.exe (Microsoft Corporation)
* C:\windows\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\Support.com\bin\tgcmd.exe (SupportSoft, Inc.)
* C:\windows\Explorer.EXE (Microsoft Corporation)
* C:\windows\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\windows\system32\wscntfy.exe (Microsoft Corporation)
* C:\windows\System32\msiexec.exe (Microsoft Corporation)
* C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (Yahoo! Inc.)

Unrated items
-------------
002 * C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe (CA, Inc.)
002 * C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe (CA, Inc.)
002 * C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
002 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe (CA, Inc.)
002 * C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe (CA, Inc.)
002 C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
002 C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
002 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe (CA)
002 C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
002 C:\Program Files\Support.com\bin\tgcmd.exe (SupportSoft, Inc.)
003 * C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
005 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
005 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
010 * C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe (CA Pest Patrol Realtime Protection Service)
010 * C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe (CaCCProvSP)
010 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe (CAISafe)
010 * C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe (HIPS Configuration Interpreter)
010 * C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe (HIPS Event Manager)
010 * C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe (HIPS Firewall Helper)
010 * C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe (HIPS Policy Manager)
010 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (InstallDriver Table Manager)
010 C:\Program Files\iPod\bin\iPodService.exe (iPodService)
010 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe (PPCtlPriv)
010 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe (VET Message Service)
011 C:\windows\System32\Drivers\Capt905c.sys (DB CIF Cam)
011 * C:\windows\System32\DRIVERS\kmxagent.sys (KmxAgent)
011 * C:\windows\System32\DRIVERS\KmxCF.sys (KmxCF)
011 * C:\windows\System32\DRIVERS\kmxcfg.sys (KmxCfg)
011 * C:\windows\System32\DRIVERS\KmxFile.sys (KmxFile)
011 * C:\windows\System32\DRIVERS\kmxfw.sys (KmxFw)
011 * C:\windows\System32\DRIVERS\KmxSbx.sys (KmxSbx)
011 * C:\windows\System32\DRIVERS\kmxstart.sys (KmxStart)
011 C:\windows\system32\drivers\MxlW2k.sys (MxlW2k)
011 c:\windows\SYSTEM32\DRIVERS\OMCI.SYS (OMCI)
011 C:\WINDOWS\System32\drivers\pfc.sys (Padus ASPI Shell)
011 C:\windows\System32\Drivers\PxHelp20.sys (PxHelp20)
011 * C:\windows\system32\drivers\VETEBOOT.sys (VET Boot Scan Engine)
011 * C:\windows\system32\drivers\VETMONNT.sys (VET File Monitor)
011 * C:\windows\system32\drivers\VETEFILE.sys (VET File Scan Engine)
011 * C:\windows\system32\drivers\VET-FILT.sys (VET File System Filter)
011 * C:\windows\system32\drivers\VET-REC.sys (VET File System Recognizer)
011 * C:\windows\system32\drivers\VETFDDNT.sys (VET Floppy Boot Sector Monitor)
047 Zone: : msn
061 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll (CA, Inc.) {1CE2AA40-1317-11D3-9922-00104B0AD431}
061 C:\Program Files\iTunes\iTunesMiniPlayer.dll (Apple Computer, Inc.) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}
062 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
067 * C:\windows\system32\UmxWnp.Dll (CA)
068 * C:\windows\system32\VetRedir.dll (Computer Associates International, Inc.)
068 * C:\windows\system32\VetRedir.dll (Computer Associates International, Inc.)
068 * C:\windows\system32\VetRedir.dll (Computer Associates International, Inc.)
068 * C:\windows\system32\VetRedir.dll (Computer Associates International, Inc.)
073 CAAntiSpywareScan_Daily as Owner at 12 40 PM.job : C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.exe (CA, Inc.)
073 FRU Task #Hewlett-Packard#hp psc 2100 series#1133896926.job : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
100 Start Page HKCU : http://www.msnbc.msn.com/
102 GUID / CLSID not found {32683183-48a0-441b-a342-7c2a440a9478}
104 C:\Program Files\QuickTime\QTPlugin.ocx (Apple Computer, Inc.) {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
104 C:\windows\Downloaded Program Files\SnapfishOutlookImport1001.ocx (Snapfish Inc.) {10E0E75E-6701-4134-9D95-C0942ED1F1C8}
104 GUID / CLSID not found {31435657-9980-0010-8000-00AA00389B71}
104 GUID / CLSID not found {33564D57-9980-0010-8000-00AA00389B71}
104 C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.ocx (Snapfish) {406B5949-7190-4245-91A9-30A17DE16AD0}
104 C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll (TrendMicro Deutschland GmbH) {6E5A37BF-FD42-463A-877C-4EB7002E68AE}
104 C:\windows\Downloaded Program Files\axofupld.dll (KODAK EASYSHARE Gallery) {6F750202-1362-4815-A476-88533DE61D0C}
104 GUID / CLSID not found {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
104 * C:\WINDOWS\Downloaded Program Files\sfuploadplugin.ocx (Shutterfly, Inc.) {9600F64D-755F-11D4-A47F-0001023E6D5A}
104 * C:\WINDOWS\Downloaded Program Files\asinst.dll (Panda Software) {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}
104 C:\WINDOWS\Downloaded Program Files\FujifilmUploadClient.dll (Fujifilm E-Systems, Inc.) {A8683C98-5341-421B-B23C-8514C05354F1}
104 C:\windows\Downloaded Program Files\WMDownload.dll (Approach Inc.) {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}
104 C:\WINDOWS\Downloaded Program Files\ZIntro.ocx (Microsoft Corporation) {B8BE5E93-A60C-4D26-A2DC-220313175592}
104 C:\WINDOWS\DOWNLO~1\axscan.ocx (Emsi Software GmbH) {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}
104 * C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx (Virtools SA) {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3}
104 C:\windows\Downloaded Program Files\DIGGameManager.dll (Disney Enterprises Inc.) {CC32D4D8-2A0B-4CEB-B105-C9B968379105}
104 * C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx (Virtools SA) {D4323BF2-006A-4440-A2F5-27E3E7AB25F8}
104 * C:\WINDOWS\System32\qdiagh.ocx (Gteko Ltd.) {EB387D2F-E27B-4D36-979E-847D1036C65D}
173 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll (CA, Inc.) {1CE2AA40-1317-11D3-9922-00104B0AD431}
221 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll (CA, Inc.) {1CE2AA40-1317-11D3-9922-00104B0AD431}
225 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll (CA, Inc.) {1CE2AA40-1317-11D3-9922-00104B0AD431}
225 * C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll (CA, Inc.) {1CE2AA40-1317-11D3-9922-00104B0AD431}
227 C:\Program Files\WordPerfect Office 11\Programs\PFSE110.DLL (Novell, Inc., c/o Corel Corporation Limited) {C0E10002-0028-0004-C0E1-C0E1C0E1C0E1}
231 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info

Missing files
-------------
003 C:\Program Files\Ares\Ares.exe
003 C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
011 C:\windows\system32\drivers\Abiosdsk.sys
011 C:\windows\system32\drivers\abp480n5.sys
011 C:\windows\system32\drivers\adpu160m.sys
011 C:\windows\system32\drivers\Aha154x.sys
011 C:\windows\system32\drivers\aic78u2.sys
011 C:\windows\system32\drivers\aic78xx.sys
011 C:\windows\system32\drivers\AliIde.sys
011 C:\windows\system32\drivers\amsint.sys
011 C:\windows\system32\drivers\asc.sys
011 C:\windows\system32\drivers\asc3350p.sys
011 C:\windows\system32\drivers\asc3550.sys
011 C:\windows\system32\drivers\Atdisk.sys
011 C:\windows\system32\drivers\cd20xrnt.sys
011 C:\windows\system32\drivers\Changer.sys
011 C:\windows\system32\drivers\CmdIde.sys
011 C:\windows\system32\drivers\Cpqarray.sys
011 C:\windows\system32\drivers\dac2w2k.sys
011 C:\windows\system32\drivers\dac960nt.sys
011 C:\windows\system32\drivers\dpti2o.sys
011 System32\Drivers\jl2005c.sys
011 C:\windows\system32\drivers\hpn.sys
011 C:\windows\system32\drivers\i2omgmt.sys
011 C:\windows\system32\drivers\i2omp.sys
011 C:\windows\system32\drivers\ini910u.sys
011 C:\windows\system32\drivers\lbrtfdc.sys
011 C:\windows\system32\drivers\mraid35x.sys
011 C:\windows\system32\zntport.sys
011 C:\windows\system32\drivers\PCIDump.sys
011 C:\windows\system32\drivers\PDCOMP.sys
011 C:\windows\system32\drivers\PDFRAME.sys
011 C:\windows\system32\drivers\PDRELI.sys
011 C:\windows\system32\drivers\PDRFRAME.sys
011 C:\windows\system32\drivers\perc2.sys
011 C:\windows\system32\drivers\perc2hib.sys
011 C:\windows\system32\drivers\ql1080.sys
011 C:\windows\system32\drivers\Ql10wnt.sys
011 C:\windows\system32\drivers\ql12160.sys
011 C:\windows\system32\drivers\ql1240.sys
011 C:\windows\system32\drivers\ql1280.sys
011 C:\windows\system32\drivers\Simbad.sys
011 C:\windows\system32\drivers\Sparrow.sys
011 C:\windows\system32\drivers\sym_hi.sys
011 C:\windows\system32\drivers\sym_u3.sys
011 C:\windows\system32\drivers\symc810.sys
011 C:\windows\system32\drivers\symc8xx.sys
011 C:\windows\system32\drivers\TosIde.sys
011 C:\windows\system32\drivers\ultra.sys
011 C:\windows\system32\drivers\ViaIde.sys
011 C:\windows\system32\drivers\WDICA.sys
052 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
061 deskpan.dll
  • 0

#5
SpySentinel

SpySentinel

    R.I.P.

  • Retired Staff
  • 5,152 posts
Please upload the .run file from RunScanner
  • 0

#6
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I'm sorry to keep you waiting. I was out of town, without access to my computer. And...I hope I uploaded this the correct way. Thanks in advance!
Martine

Attached Files


  • 0

#7
SpySentinel

SpySentinel

    R.I.P.

  • Retired Staff
  • 5,152 posts

I'm sorry to keep you waiting. I was out of town, without access to my computer. And...I hope I uploaded this the correct way. Thanks in advance!


No problem, thanks for letting me know.

Download the attachment at the end of this post (this will be your runscanner file fixed by me)

  • Save it to your desktop then double click the runscanner icon this will run the program.
  • You will notice several entries in red and in blue.
  • Click the button at the top called Fix selected items
  • Accept the warning(s) and repeat until they are all gone.
  • Reboot your PC

Attached File  runscanner.run   177.66KB   79 downloads



Download OTViewIt to your desktop.
  • Close all windows and open it
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you (it gets saved on your desktop as well ), post that log here.

Edited by SpySentinel, 22 August 2008 - 04:19 PM.

  • 0

#8
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#9
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Thank you for reopening this topic and please accept my apologies. Things have been unusually busy here...will stay on top on this until it's done...promise!

I ran the OTViewIt a couple of times, but the scan was interrupted each time with the following message.

"List Index Out Of Bounds (19)"

Thanks in advance!
Martine
  • 0

#10
SpySentinel

SpySentinel

    R.I.P.

  • Retired Staff
  • 5,152 posts
That is an old version that had a bug in it.

Download OTViewIt to your desktop.
  • Close all windows and open it
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
  • You may need to use two posts to get it all on the forum


After please post a new HJT Log as well

Edited by SpySentinel, 26 August 2008 - 05:02 PM.

  • 0

Advertisements


#11
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Thanks!

OTViewIt Logfile....

OTViewIt logfile created on: 8/28/2008 9:07:13 AM - Run 3
OTViewIt by OldTimer - Version 1.0.0.15 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.00 Mb Total Physical Memory | 76.67 Mb Available Physical Memory | 30.18% Memory free
755.54 Mb Paging File | 233.98 Mb Available in Paging File | 30.97% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 21.14 Gb Free Space | 56.73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 489.75 Mb Total Space | 377.47 Mb Free Space | 77.07% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUTERA-X7HIIFEG
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[10/18/2007 10:24 AM | 00,801,296 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
[10/18/2007 10:24 AM | 00,145,936 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
[06/24/2008 07:10 PM | 00,281,104 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
[10/18/2007 10:24 AM | 01,010,192 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
[01/04/2007 12:10 PM | 00,280,080 | ---- | M] (CA, Inc.) - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
[08/20/2007 01:36 PM | 00,242,952 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe
[08/02/2008 03:38 PM | 00,181,488 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
[10/19/2005 08:59 AM | 00,126,976 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\hkcmd.exe
[06/27/2002 05:49 PM | 00,110,592 | ---- | M] (MUSICMATCH, Inc.) - C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
[01/11/2007 08:45 PM | 00,282,624 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\QuickTime\qttask.exe
[06/14/2006 05:24 PM | 00,278,528 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\iTunes\iTunesHelper.exe
[08/16/2007 10:19 PM | 00,177,416 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
[06/26/2008 12:40 PM | 00,014,088 | ---- | M] (CA) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
[08/20/2007 01:36 PM | 00,230,664 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
[08/02/2008 03:38 PM | 00,173,296 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
[06/14/2006 05:23 PM | 00,323,584 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\iPod\bin\iPodService.exe
[08/16/2007 09:10 PM | 00,218,376 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
[08/16/2007 09:10 PM | 00,189,704 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
[08/16/2007 10:19 PM | 00,214,280 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe

===== Win32 Services - Non-Microsoft Only =====

(CaCCProvSP) CaCCProvSP [On_Demand | Running]
[08/16/2007 10:19 PM | 00,214,280 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe

(CAISafe) CAISafe [Auto | Stopped]
[08/20/2007 01:27 PM | 00,144,960 | ---- | M] (Computer Associates International, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\isafe.exe

(iPodService) iPodService [On_Demand | Running]
[06/14/2006 05:23 PM | 00,323,584 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\iPod\bin\iPodService.exe

(ITMRTSVC) CA Pest Patrol Realtime Protection Service [Auto | Running]
[01/04/2007 12:10 PM | 00,280,080 | ---- | M] (CA, Inc.) - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe

(PPCtlPriv) PPCtlPriv [On_Demand | Running]
[08/16/2007 09:10 PM | 00,189,704 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe

(UmxAgent) HIPS Event Manager [Auto | Running]
[10/18/2007 10:24 AM | 01,010,192 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe

(UmxCfg) HIPS Configuration Interpreter [Auto | Running]
[10/18/2007 10:24 AM | 00,801,296 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe

(UmxFwHlp) HIPS Firewall Helper [Auto | Running]
[10/18/2007 10:24 AM | 00,145,936 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe

(UmxPol) HIPS Policy Manager [Auto | Running]
[06/24/2008 07:10 PM | 00,281,104 | ---- | M] (CA) - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe

(VETMSGNT) VET Message Service [Auto | Running]
[08/20/2007 01:36 PM | 00,242,952 | ---- | M] (CA, Inc.) - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe

===== Driver Services - Non-Microsoft Only =====

(ialm) ialm [On_Demand | Running]
[10/19/2005 08:59 AM | 00,807,998 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ialmnt5.sys

(KmxAgent) KmxAgent [System | Running]
[06/24/2008 07:08 PM | 00,063,504 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxAgent.sys

(KmxCF) KmxCF [Auto | Running]
[06/24/2008 07:08 PM | 00,134,648 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxCF.sys

(KmxCfg) KmxCfg [On_Demand | Running]
[06/24/2008 07:08 PM | 00,088,816 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxCfg.sys

(KmxFile) KmxFile [System | Running]
[06/24/2008 07:08 PM | 00,045,584 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxFile.sys

(KmxFw) KmxFw [System | Running]
[06/24/2008 07:08 PM | 00,115,216 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxFw.sys

(KmxSbx) KmxSbx [Auto | Running]
[06/24/2008 07:08 PM | 00,066,576 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxSbx.sys

(KmxStart) KmxStart [Boot | Running]
[06/24/2008 07:08 PM | 00,093,712 | ---- | M] (CA) - C:\WINDOWS\system32\drivers\KmxStart.sys

(MxlW2k) MxlW2k [On_Demand | Running]
[04/04/2006 01:56 PM | 00,028,276 | ---- | M] (MusicMatch, Inc.) - C:\windows\System32\drivers\MxlW2k.sys

(SQTECH905C) DB CIF Cam [On_Demand | Stopped]
[05/18/2007 11:41 AM | 00,037,760 | ---- | M] (Service & Quality Technology.) - C:\WINDOWS\system32\drivers\Capt905c.sys

(VET-FILT) VET File System Filter [System | Running]
[08/20/2007 01:38 PM | 00,026,376 | ---- | M] (Computer Associates International, Inc.) - C:\windows\System32\drivers\vet-filt.sys

(VET-REC) VET File System Recognizer [System | Running]
[08/20/2007 01:38 PM | 00,021,128 | ---- | M] (Computer Associates International, Inc.) - C:\windows\System32\drivers\vet-rec.sys

(VETEBOOT) VET Boot Scan Engine [On_Demand | Running]
[06/26/2008 12:42 PM | 00,108,368 | ---- | M] (Computer Associates International, Inc.) - C:\windows\System32\drivers\veteboot.sys

(VETEFILE) VET File Scan Engine [System | Running]
[06/26/2008 12:42 PM | 00,880,560 | ---- | M] (Computer Associates International, Inc.) - C:\windows\System32\drivers\vetefile.sys

(VETFDDNT) VET Floppy Boot Sector Monitor [System | Running]
[08/20/2007 01:38 PM | 00,021,512 | ---- | M] (Computer Associates International, Inc.) - C:\windows\System32\drivers\vetfddnt.sys

(VETMONNT) VET File Monitor [System | Running]
[08/20/2007 01:38 PM | 00,032,264 | ---- | M] (Computer Associates International, Inc.) - C:\windows\System32\drivers\vetmonnt.sys

({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS) Driver [On_Demand | Stopped]
[04/15/2003 11:40 AM | 00,113,504 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ialmsbw.sys

({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH) Driver [On_Demand | Stopped]
[04/15/2003 11:40 AM | 00,078,752 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ialmkchw.sys

===== Run Keys =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"" = File not found
"cafwc" = C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl [08/02/2008 03:38 PM | 01,193,200 | ---- | M] (CA, Inc.)
"capfasem" = C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe [08/02/2008 03:38 PM | 00,173,296 | ---- | M] (CA, Inc.)
"capfupgrade" = C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe [08/02/2008 03:38 PM | 00,259,312 | ---- | M] (CA, Inc.)
"CAVRID" = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [08/20/2007 01:36 PM | 00,230,664 | ---- | M] (CA, Inc.)
"cctray" = "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [08/16/2007 10:19 PM | 00,177,416 | ---- | M] (CA, Inc.)
"HotKeysCmds" = C:\windows\system32\hkcmd.exe [10/19/2005 08:59 AM | 00,126,976 | ---- | M] (Intel Corporation)
"IgfxTray" = C:\windows\system32\igfxtray.exe [10/19/2005 08:59 AM | 00,155,648 | ---- | M] (Intel Corporation)
"iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" [06/14/2006 05:24 PM | 00,278,528 | ---- | M] (Apple Computer, Inc.)
"MMTray" = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [06/27/2002 05:49 PM | 00,110,592 | ---- | M] (MUSICMATCH, Inc.)
"QOELOADER" = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe" [06/26/2008 12:40 PM | 00,014,088 | ---- | M] (CA)
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [01/11/2007 08:45 PM | 00,282,624 | ---- | M] (Apple Computer, Inc.)
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"tgcmd" = "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf [01/30/2004 08:44 AM | 01,921,024 | ---- | M] (SupportSoft, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [08/30/2007 05:43 PM | 04,670,704 | ---- | M] (Yahoo! Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

===== Startup Folders =====

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[04/09/2003 06:41 PM | 00,323,646 | ---- | M] (Hewlett-Packard Co.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
[04/09/2003 07:11 PM | 00,028,672 | ---- | M] (Hewlett-Packard) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

[Owner Startup Folder - C:\Documents and Settings\Owner\Start Menu\Programs\Startup]

===== BHO's =====

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

===== Toolbars =====

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Yahoo! Toolbar) - File not found Reg Error: Key does not exist or could not be opened.

===== Policies =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableTaskMgr" = 0
"DisableRegistryTools" = 0

===== Desktop Components =====

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "My Current Home Page"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"

===== Shared Task Scheduler =====

===== AppInit_Dlls =====

===== Lsa Authentication Packages =====

===== Lsa Security Packages =====

===== Authorized Applications List =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 03:56 AM | 00,140,800 | ---- | M] (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\network diagnostic\xpnetdiag.exe [10/10/2006 08:44 AM | 00,557,568 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 03:56 AM | 00,140,800 | ---- | M] (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\network diagnostic\xpnetdiag.exe [10/10/2006 08:44 AM | 00,557,568 | ---- | M] (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe [06/14/2006 05:48 PM | 14,276,608 | ---- | M] (Apple Computer, Inc.)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe File not found
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe File not found
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [08/30/2007 05:43 PM | 04,670,704 | ---- | M] (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe [08/30/2007 05:43 PM | 00,091,376 | ---- | M] (Yahoo! Inc.)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe [10/13/2004 12:24 PM | 01,694,208 | ---- | M] (Microsoft Corporation)

===== HKLM Winlogon Settings =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"explorer.exe" - [06/13/2007 06:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [08/04/2004 03:56 AM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [08/04/2004 03:56 AM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [08/04/2004 03:56 AM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

===== User's Winlogon Settings =====

===== Winlogon Notify Settings =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
"DllName" = C:\WINDOWS\system32\igfxsrvc.dll [10/19/2005 08:59 AM | 00,348,160 | ---- | M] (Intel Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PFW]
"DllName" = C:\WINDOWS\system32\UmxWNP.dll [05/18/2007 01:30 PM | 00,079,368 | ---- | M] (CA)

===== Safeboot Options =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

===== Disabled MsConfig Items =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 0
"startup" = 0

===== DNS Name Servers =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{A596310E-21FF-41C2-8359-CB028C4057B1}]
Servers: | Description:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{CE0A9293-159C-46EA-BF70-AF1CF24F8624}]
Servers: | Description: Broadcom 440x 10/100 Integrated Controller

===== CDRom AutoRun Settings =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

===== Autorun Files on Drives =====

AUTOEXEC.BAT []
[11/21/2005 10:51 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

===== MountPoints2 =====

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

===== Hosts File =====

HOSTS File = (734 bytes) - C:\windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost



[Files/Folders - Created Within 30 days]
[08/16/2008 06:33 PM | 00,025,216 | ---- | C] (Service & Quality Technology.) - C:\windows\System32\drivers\Camd905c.sys
[08/16/2008 06:33 PM | 00,037,760 | ---- | C] (Service & Quality Technology.) - C:\windows\System32\drivers\Capt905c.sys
[08/15/2008 03:04 AM | 00,001,374 | ---- | C] () - C:\windows\imsins.BAK
[08/11/2008 08:52 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/11/2008 08:52 AM | ---D | C] - C:\Documents and Settings\Owner\Application Data\Malwarebytes
[08/16/2008 06:33 PM | ---D | C] - C:\Documents and Settings\Owner\Application Data\InstallShield
[08/18/2008 10:58 PM | ---D | C] - C:\Documents and Settings\Owner\Local Settings\Application Data\Runscanner.net
[08/21/2008 05:54 PM | 00,003,122 | ---- | C] () - C:\Documents and Settings\All Users\Documents\last.sb4
[08/11/2008 09:02 AM | 00,034,580 | ---- | C] () - C:\Documents and Settings\Owner\My Documents\HijackThisLog.wpd
[08/12/2008 09:08 PM | ---D | C] - C:\Documents and Settings\Owner\My Documents\Theresa
[08/12/2008 09:16 PM | ---D | C] - C:\Documents and Settings\Owner\My Documents\Theresa2
[08/11/2008 08:52 AM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/16/2008 06:31 PM | 00,000,734 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[08/16/2008 06:32 PM | 00,000,949 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[08/21/2008 05:51 PM | 00,002,050 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\SpongeBob SquarePants - The Movie DEMO.lnk
[08/11/2008 08:51 AM | 00,128,368 | ---- | C] (Digital River) - C:\Documents and Settings\Owner\Desktop\Download_mbam-setup.exe
[08/18/2008 10:57 PM | 01,791,702 | ---- | C] () - C:\Documents and Settings\Owner\Desktop\runscanner.zip
[08/18/2008 11:09 PM | 00,177,446 | ---- | C] () - C:\Documents and Settings\Owner\Desktop\Select A Name.run
[08/20/2008 09:32 AM | 00,180,216 | ---- | C] () - C:\Documents and Settings\Owner\Desktop\Run File.run
[08/24/2008 05:13 PM | 00,181,921 | ---- | C] () - C:\Documents and Settings\Owner\Desktop\runscanner.run
[08/11/2008 08:52 AM | ---D | C] - C:\Program Files\Common Files\Download Manager
[08/11/2008 07:32 PM | ---D | C] - C:\Program Files\Microsoft Silverlight
[08/11/2008 08:52 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
[08/16/2008 06:30 PM | ---D | C] - C:\Program Files\Disney Pix 2.2
[08/16/2008 06:32 PM | ---D | C] - C:\Program Files\Disney Pix Micro Downloader
[08/16/2008 06:33 PM | ---D | C] - C:\Program Files\DB CIF Cam
[08/19/2008 08:24 PM | ---D | C] - C:\Program Files\MSECache
[08/21/2008 05:48 PM | ---D | C] - C:\Program Files\THQ

[Files/Folders - Modified Within 30 days]
[08/21/2008 05:48 PM | R--D | M] - C:\Program Files
[08/27/2008 03:24 PM | 00,000,488 | ---- | M] () - C:\hpfr5550.xml
[08/28/2008 01:42 AM | ---D | M] - C:\WINDOWS
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k1
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k2
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k3
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k4
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k5
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k6
[08/24/2008 05:17 PM | 00,000,064 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k7
[08/24/2008 05:17 PM | 00,045,610 | ---- | M] () - C:\windows\System32\drivers\kmxcfg.u2k0
[1 C:\windows\System32\*.tmp files]
[08/11/2008 09:57 AM | ---D | M] - C:\windows\System32\CatRoot
[08/16/2008 06:33 PM | ---D | M] - C:\windows\System32\drivers
[08/16/2008 06:33 PM | RHSD | M] - C:\windows\System32\dllcache
[08/20/2008 08:55 AM | 00,179,448 | ---- | M] () - C:\windows\System32\FNTCACHE.DAT
[08/24/2008 05:18 PM | 00,002,206 | ---- | M] () - C:\windows\System32\wpa.dbl
[08/25/2008 02:17 PM | ---D | M] - C:\windows\System32\CatRoot2
[4 C:\windows\*.tmp files]
[08/11/2008 08:31 AM | --SD | M] - C:\windows\Downloaded Program Files
[08/15/2008 03:04 AM | ---D | M] - C:\windows\ie7updates
[08/15/2008 03:06 AM | ---D | M] - C:\windows\Debug
[08/15/2008 03:09 AM | -H-D | M] - C:\windows\$hf_mig$
[08/15/2008 03:10 AM | 00,001,374 | ---- | M] () - C:\windows\imsins.BAK
[08/16/2008 06:33 PM | 00,000,785 | ---- | M] () - C:\windows\win.ini
[08/16/2008 06:41 PM | -H-D | M] - C:\windows\inf
[08/16/2008 06:42 PM | ---D | M] - C:\windows\twain_32
[08/19/2008 08:25 PM | ---D | M] - C:\windows\WinSxS
[08/19/2008 08:25 PM | R-SD | M] - C:\windows\Fonts
[08/20/2008 08:54 AM | ---D | M] - C:\windows\SxsCaPendDel
[08/21/2008 02:39 PM | ---D | M] - C:\windows\Help
[08/21/2008 03:03 AM | -HSD | M] - C:\windows\Installer
[08/24/2008 05:17 PM | 00,002,048 | --S- | M] () - C:\windows\bootstat.dat
[08/24/2008 05:23 PM | ---D | M] - C:\windows\CAVTemp
[08/26/2008 09:22 AM | ---D | M] - C:\windows\Prefetch
[08/27/2008 03:24 PM | ---D | M] - C:\windows\Temp
[08/28/2008 01:42 AM | ---D | M] - C:\windows\system32
[08/24/2008 05:18 PM | 00,000,006 | -H-- | M] () - C:\windows\tasks\SA.DAT
[08/25/2008 02:17 PM | 00,000,514 | ---- | M] () - C:\windows\tasks\CAAntiSpywareScan_Daily as Owner at 12 40 PM.job
[08/11/2008 08:52 AM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/11/2008 08:52 AM | ---D | M] - C:\Documents and Settings\Owner\Application Data\Malwarebytes
[08/16/2008 06:33 PM | ---D | M] - C:\Documents and Settings\Owner\Application Data\InstallShield
[08/11/2008 07:32 PM | ---D | M] - C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft
[08/19/2008 08:28 PM | 00,043,072 | ---- | M] () - C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[08/24/2008 05:14 PM | ---D | M] - C:\Documents and Settings\Owner\Local Settings\Application Data\Runscanner.net
[08/24/2008 05:16 PM | 05,333,972 | -H-- | M] () - C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[08/21/2008 07:14 PM | 00,003,122 | ---- | M] () - C:\Documents and Settings\All Users\Documents\last.sb4
[08/11/2008 11:01 AM | 00,034,580 | ---- | M] () - C:\Documents and Settings\Owner\My Documents\HijackThisLog.wpd
[08/12/2008 09:19 PM | ---D | M] - C:\Documents and Settings\Owner\My Documents\Theresa
[08/12/2008 09:19 PM | ---D | M] - C:\Documents and Settings\Owner\My Documents\Theresa2
[08/25/2008 02:20 PM | R--D | M] - C:\Documents and Settings\Owner\My Documents\My Pictures
[08/11/2008 08:52 AM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/16/2008 06:31 PM | 00,000,734 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[08/16/2008 06:32 PM | 00,000,949 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[08/21/2008 05:51 PM | 00,002,050 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\SpongeBob SquarePants - The Movie DEMO.lnk
[08/11/2008 08:51 AM | 00,128,368 | ---- | M] (Digital River) - C:\Documents and Settings\Owner\Desktop\Download_mbam-setup.exe
[08/18/2008 10:57 PM | 01,791,702 | ---- | M] () - C:\Documents and Settings\Owner\Desktop\runscanner.zip
[08/18/2008 11:09 PM | 00,177,446 | ---- | M] () - C:\Documents and Settings\Owner\Desktop\Select A Name.run
[08/20/2008 09:32 AM | 00,180,216 | ---- | M] () - C:\Documents and Settings\Owner\Desktop\Run File.run
[08/24/2008 05:13 PM | 00,181,921 | ---- | M] () - C:\Documents and Settings\Owner\Desktop\runscanner.run
[08/11/2008 08:52 AM | ---D | M] - C:\Program Files\Common Files\Download Manager
[08/16/2008 06:32 PM | ---D | M] - C:\Program Files\Common Files\Wise Installation Wizard
[08/19/2008 08:25 PM | ---D | M] - C:\Program Files\Common Files\Microsoft Shared
[08/21/2008 05:48 PM | ---D | M] - C:\Program Files\Common Files\InstallShield

< End of report >
  • 0

#12
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
OTViewIT Extras Logfile....

OTViewIt Extras logfile created on: 8/28/2008 9:07:13 AM - Run 3
OTViewIt by OldTimer - Version 1.0.0.15 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.00 Mb Total Physical Memory | 76.67 Mb Available Physical Memory | 30.18% Memory free
755.54 Mb Paging File | 233.98 Mb Available in Paging File | 30.97% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 21.14 Gb Free Space | 56.73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 489.75 Mb Total Space | 377.47 Mb Free Space | 77.07% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

===== File Associations =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - File not found -
.cmd [@ = cmdfile] - File not found -
.com [@ = comfile] - File not found -
.exe [@ = exefile] - File not found -
.pif [@ = piffile] - File not found -
.scr [@ = scrfile] - File not found -

===== HKEY_LOCAL_MACHINE Uninstall List =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}" = Disney Pix Micro Downloader
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46A170EB-5F9E-4FED-BCC6-46E20108D5AE}" = SpongeBob SquarePants - The Movie DEMO
"{54C0D94A-F467-4ABC-9D02-6E58748668D4}" = iTunes
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{5F87EF36-A373-11D5-AA2E-0008C760B784}" = Monsters Jr
"{6846389C-BAC0-4374-808E-B120F86AF5D7}" = Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{82DFB852-9594-4668-9C66-28BB6E94BCB2}" = hp psc 2100 series
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A367C28-423C-48E2-8C76-EBA1171F932A}" = Adobe Photoshop Album 2.0
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-1033-7B44-A81200000003}_Adobe Reader 8.1.2" = Adobe Reader 8.1.2 Security Update 1 (KB403742)
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = B57Inst
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)
"{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}" = QuickTime
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}" = Disney Pix 2.2
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Blue's 123 Time Activities" = Blue's 123 Time Activities
"Blue's Reading Time Activities" = Blue's Reading Time Activities
"Canon Camera WIA Driver PowerShot A40" = Canon PowerShot A40 WIA Driver
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"Canon Utilities RAW Image Converter" = Canon Utilities RAW Image Converter
"CCleaner" = CCleaner (remove only)
"dh2" = Deer Hunter 2
"eTrust Suite Personal" = CA Internet Security Suite
"HijackThis" = HijackThis 2.0.2
"hp instant support" = hp instant support
"HP PSC 2100 Series" = HP Photo and Imaging 2.0 - hp psc 2100 series
"hp psc 2100 series_Driver" = hp psc 2100 series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{54C0D94A-F467-4ABC-9D02-6E58748668D4}" = iTunes
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Driver Installer
"InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}" = QuickTime
"KB873339" = Windows XP Hotfix - KB873339
"KB885250" = Windows XP Hotfix - KB885250
"KB885835" = Windows XP Hotfix - KB885835
"KB885836" = Windows XP Hotfix - KB885836
"KB886185" = Windows XP Hotfix - KB886185
"KB887472" = Windows XP Hotfix - KB887472
"KB887742" = Windows XP Hotfix - KB887742
"KB888113" = Windows XP Hotfix - KB888113
"KB888302" = Windows XP Hotfix - KB888302
"KB890046" = Security Update for Windows XP (KB890046)
"KB890859" = Windows XP Hotfix - KB890859
"KB891781" = Windows XP Hotfix - KB891781
"KB892130" = Windows Genuine Advantage Validation Tool (KB892130)
"KB893756" = Security Update for Windows XP (KB893756)
"KB893803v2" = Windows Installer 3.1 (KB893803)
"KB896358" = Security Update for Windows XP (KB896358)
"KB896422" = Security Update for Windows XP (KB896422)
"KB896423" = Security Update for Windows XP (KB896423)
"KB896424" = Security Update for Windows XP (KB896424)
"KB896428" = Security Update for Windows XP (KB896428)
"KB898461" = Update for Windows XP (KB898461)
"KB899587" = Security Update for Windows XP (KB899587)
"KB899591" = Security Update for Windows XP (KB899591)
"KB900485" = Update for Windows XP (KB900485)
"KB900725" = Security Update for Windows XP (KB900725)
"KB901017" = Security Update for Windows XP (KB901017)
"KB901214" = Security Update for Windows XP (KB901214)
"KB902400" = Security Update for Windows XP (KB902400)
"KB904706" = Security Update for Windows XP (KB904706)
"KB904942" = Update for Windows XP (KB904942)
"KB905414" = Security Update for Windows XP (KB905414)
"KB905749" = Security Update for Windows XP (KB905749)
"KB905915" = Security Update for Windows XP (KB905915)
"KB908519" = Security Update for Windows XP (KB908519)
"KB908531" = Security Update for Windows XP (KB908531)
"KB910437" = Update for Windows XP (KB910437)
"KB911280" = Security Update for Windows XP (KB911280)
"KB911562" = Security Update for Windows XP (KB911562)
"KB911564" = Security Update for Windows Media Player (KB911564)
"KB911565" = Security Update for Windows Media Player 9 (KB911565)
"KB911567" = Security Update for Windows XP (KB911567)
"KB911927" = Security Update for Windows XP (KB911927)
"KB912812" = Security Update for Windows XP (KB912812)
"KB912919" = Security Update for Windows XP (KB912919)
"KB913446" = Security Update for Windows XP (KB913446)
"KB913580" = Security Update for Windows XP (KB913580)
"KB914388" = Security Update for Windows XP (KB914388)
"KB914389" = Security Update for Windows XP (KB914389)
"KB914440" = Hotfix for Windows XP (KB914440)
"KB915865" = Hotfix for Windows XP (KB915865)
"KB916281" = Security Update for Windows XP (KB916281)
"KB916595" = Update for Windows XP (KB916595)
"KB917159" = Security Update for Windows XP (KB917159)
"KB917344" = Security Update for Windows XP (KB917344)
"KB917422" = Security Update for Windows XP (KB917422)
"KB917734_WMP9" = Security Update for Windows Media Player 9 (KB917734)
"KB917953" = Security Update for Windows XP (KB917953)
"KB918118" = Security Update for Windows XP (KB918118)
"KB918439" = Security Update for Windows XP (KB918439)
"KB918899" = Security Update for Windows XP (KB918899)
"KB919007" = Security Update for Windows XP (KB919007)
"KB920213" = Security Update for Windows XP (KB920213)
"KB920214" = Security Update for Windows XP (KB920214)
"KB920670" = Security Update for Windows XP (KB920670)
"KB920683" = Security Update for Windows XP (KB920683)
"KB920685" = Security Update for Windows XP (KB920685)
"KB920872" = Update for Windows XP (KB920872)
"KB921398" = Security Update for Windows XP (KB921398)
"KB921503" = Security Update for Windows XP (KB921503)
"KB921883" = Security Update for Windows XP (KB921883)
"KB922582" = Update for Windows XP (KB922582)
"KB922616" = Security Update for Windows XP (KB922616)
"KB922760" = Security Update for Windows XP (KB922760)
"KB922819" = Security Update for Windows XP (KB922819)
"KB923191" = Security Update for Windows XP (KB923191)
"KB923414" = Security Update for Windows XP (KB923414)
"KB923689" = Security Update for Windows XP (KB923689)
"KB923694" = Security Update for Windows XP (KB923694)
"KB923980" = Security Update for Windows XP (KB923980)
"KB924191" = Security Update for Windows XP (KB924191)
"KB924270" = Security Update for Windows XP (KB924270)
"KB924496" = Security Update for Windows XP (KB924496)
"KB924667" = Security Update for Windows XP (KB924667)
"KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
"KB925486" = Security Update for Windows XP (KB925486)
"KB925902" = Security Update for Windows XP (KB925902)
"KB926255" = Security Update for Windows XP (KB926255)
"KB926436" = Security Update for Windows XP (KB926436)
"KB927779" = Security Update for Windows XP (KB927779)
"KB927802" = Security Update for Windows XP (KB927802)
"KB927891" = Update for Windows XP (KB927891)
"KB928090-IE7" = Security Update for Windows Internet Explorer 7 (KB928090)
"KB928255" = Security Update for Windows XP (KB928255)
"KB928843" = Security Update for Windows XP (KB928843)
"KB929123" = Security Update for Windows XP (KB929123)
"KB929338" = Update for Windows XP (KB929338)
"KB929969" = Security Update for Windows Internet Explorer 7 (KB929969)
"KB930178" = Security Update for Windows XP (KB930178)
"KB930916" = Update for Windows XP (KB930916)
"KB931261" = Security Update for Windows XP (KB931261)
"KB931768-IE7" = Security Update for Windows Internet Explorer 7 (KB931768)
"KB931784" = Security Update for Windows XP (KB931784)
"KB931836" = Update for Windows XP (KB931836)
"KB932168" = Security Update for Windows XP (KB932168)
"KB932823-v3" = Update for Windows XP (KB932823-v3)
"KB933360" = Update for Windows XP (KB933360)
"KB933566-IE7" = Security Update for Windows Internet Explorer 7 (KB933566)
"KB933729" = Security Update for Windows XP (KB933729)
"KB935839" = Security Update for Windows XP (KB935839)
"KB935840" = Security Update for Windows XP (KB935840)
"KB936021" = Security Update for Windows XP (KB936021)
"KB936357" = Update for Windows XP (KB936357)
"KB936782_WMP9" = Security Update for Windows Media Player 9 (KB936782)
"KB937143-IE7" = Security Update for Windows Internet Explorer 7 (KB937143)
"KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127)
"KB938828" = Update for Windows XP (KB938828)
"KB938829" = Security Update for Windows XP (KB938829)
"KB939653-IE7" = Security Update for Windows Internet Explorer 7 (KB939653)
"KB941202" = Security Update for Windows XP (KB941202)
"KB941568" = Security Update for Windows XP (KB941568)
"KB941569" = Security Update for Windows XP (KB941569)
"KB941644" = Security Update for Windows XP (KB941644)
"KB941693" = Security Update for Windows XP (KB941693)
"KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615)
"KB942763" = Update for Windows XP (KB942763)
"KB943055" = Security Update for Windows XP (KB943055)
"KB943460" = Security Update for Windows XP (KB943460)
"KB943485" = Security Update for Windows XP (KB943485)
"KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533)
"KB944653" = Security Update for Windows XP (KB944653)
"KB945553" = Security Update for Windows XP (KB945553)
"KB946026" = Security Update for Windows XP (KB946026)
"KB946648" = Security Update for Windows XP (KB946648)
"KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864)
"KB948590" = Security Update for Windows XP (KB948590)
"KB948881" = Security Update for Windows XP (KB948881)
"KB950749" = Security Update for Windows XP (KB950749)
"KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759)
"KB950760" = Security Update for Windows XP (KB950760)
"KB950762" = Security Update for Windows XP (KB950762)
"KB950974" = Security Update for Windows XP (KB950974)
"KB951066" = Security Update for Windows XP (KB951066)
"KB951072-v2" = Update for Windows XP (KB951072-v2)
"KB951376" = Security Update for Windows XP (KB951376)
"KB951376-v2" = Security Update for Windows XP (KB951376-v2)
"KB951698" = Security Update for Windows XP (KB951698)
"KB951748" = Security Update for Windows XP (KB951748)
"KB952287" = Hotfix for Windows XP (KB952287)
"KB952954" = Security Update for Windows XP (KB952954)
"KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838)
"KB953839" = Security Update for Windows XP (KB953839)
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"Panda ActiveScan" = Panda ActiveScan
"Picasa2" = Picasa 2
"RemoteCapture" = Canon Utilities RemoteCapture 2.2
"Road Runner Medic 5.4_is1" = Road Runner Medic 5.4
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"Virtools3DLifePlayer" = Virtools 3D Life Player
"WGA" = Windows Genuine Advantage Validation Tool (KB892130)
"WgaNotify" = Windows Genuine Advantage Notifications (KB905474)
"Windows XP Service Pack" = Windows XP Service Pack 2
"Yahoo! Messenger" = Yahoo! Messenger
"ZoomBrowserEXDeInstall" = Canon Utilities ZoomBrowser EX

===== HKEY_CURRENT_USER Uninstall List =====

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sun Download Manager 2.0 (web)" = Sun Download Manager 2.0 (web)

===== Winsock2 Catalogs =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
Protocol_Catalog9\Catalog_Entries\000000000001 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000002 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000003 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000004 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000005 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000006 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000007 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000008 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000009 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000010 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000011 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000012 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000013 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000014 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000015 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000016 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll
Protocol_Catalog9\Catalog_Entries\000000000017 - [08/20/2007 01:26 PM | 00,079,424 | ---- | M] (Computer Associates International, Inc.) C:\WINDOWS\system32\vetredir.dll

===== HKEY_LOCAL_MACHINE Protocol Defaults =====


===== HKEY_CURRENT_USER Protocol Defaults =====


===== Protocol Handlers =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

===== Protocol Filters =====

< End of report >
  • 0

#13
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
HJT File...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:28:34 AM, on 8/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\windows\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\windows\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\windows\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\windows\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www1.snapfish...tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish....fishActivia.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgall..._2/axofupld.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineco...loadcontrol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab34246.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai...0/Installer.exe
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.co...GameManager.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai...l/installer.exe
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 9674 bytes
  • 0

#14
SpySentinel

SpySentinel

    R.I.P.

  • Retired Staff
  • 5,152 posts
The steps that I am about to suggest involve modifying the registry. Modfying the registry can be dangerous so we will make a backup of the registry first.
Modification of the registry can be EXTREMELY dangerous if you do not know exactly what you are doing so follow the steps that are listed below EXACTLY. if you cannot preform some of these steps or if you have ANY questions please ask BEFORE proceeding.

Backing Up Your Registry
  • Download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Posted Image

Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    [kill explorer]
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}
    purity 
    EmptyTemp
    [start explorer]
  • Return to OTMoveIt2, right click in the "Paste Standard List of Files/Folders to Move" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#15
Martines3kids

Martines3kids

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
OTMoveIT results:
Explorer killed successfully
< HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4} >
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}\\ deleted successfully.
< HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4} >
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}\\ not found.
< HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4} >
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d9d30b-c3f0-11da-891b-000bdbbc5be4}\\ not found.
< HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4} >
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}\\ deleted successfully.
< HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4} >
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}\\ not found.
< HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4} >
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4d2d45e-e601-11db-8a1e-000bdbbc5be4}\\ not found.
< purity >
< EmptyTemp >
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\Perflib_Perfdata_c38.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF2191.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF6520.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF91DB.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFA3F6.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFA48E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFB44A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFDB2B.tmp scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08312008_222501
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP