Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Sudden loss of access to emails or facebook, get repetitive Media Cent

Started by chellejeff , Mar 18 2011 01:54 AM

  • Please log in to reply

#1
chellejeff
Posted 18 March 2011 - 01:54 AM

chellejeff

    Member

  • Member
  • PipPip
  • 30 posts
I have an HP Media Center 4200+ with XP SP3. I went out of town for the weekend and returned to find an error message on my screen stating "Media Center Receiver Service has encountered an error and needs to close". I started Google Chrome to check emails and Facebook. Verizon email, Gmail, Livemail (hotmail) and Facebook would not let me log in. I enter my login info and it returns me to the log in page. Gmail says it has a "redirect loop". "Windows Security Alerts" in the lower right corner of my screen says my antivirus (Avast) is out of date, even though it is current. I have not had this warning in the past. Using Internet Explorer I was able to get some things to work. With Firefox everything but hotmail works. It seems like an OS issue, but I'm betting it's actually a malware problem. Since all of these issues arose at once it seems possible they're related. Avast has found and removed infected files 4 times in the past month and a half, but scans have been clean for the last 2 weeks, including now. Some of the infected files Avast found were restore points, which I always find alarming. If you can help me rule out malware, I'll go bug your OS guys. Thanks in advance.

Jeff

OTL logfile created on: 7/18/2011 12:17:11 AM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.99 Gb Total Space | 70.28 Gb Free Space | 25.93% Space Free | Partition Type: NTFS
Drive D: | 84.88 Gb Total Space | 26.28 Gb Free Space | 30.95% Space Free | Partition Type: NTFS
Drive E: | 8.45 Gb Total Space | 0.45 Gb Free Space | 5.32% Space Free | Partition Type: FAT32
Drive F: | 626.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 8.26 Gb Total Space | 0.60 Gb Free Space | 7.32% Space Free | Partition Type: FAT32

Computer Name: GUESTROOM | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/18 00:09:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
PRC - [2011/03/17 00:15:04 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/02/23 08:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/02/23 08:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/04 23:30:01 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/17 13:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2008/07/07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 17:12:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
PRC - [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006/02/22 15:20:01 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
PRC - [2006/01/06 12:07:25 | 000,348,160 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon04.exe
PRC - [2006/01/06 12:07:25 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
PRC - [2005/08/03 00:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
PRC - [2005/08/03 00:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe


========== Modules (SafeList) ==========

MOD - [2011/07/18 00:09:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
MOD - [2011/02/23 08:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/17 13:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2006/02/22 15:19:59 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\HP_Administrator\Local Settings\temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/23 08:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/04/10 13:23:02 | 000,025,640 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2008/07/07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/01/06 12:07:26 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
SRV - [2005/08/03 00:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)


========== Driver Services (SafeList) ==========

DRV - [2011/02/23 07:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/02/23 07:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/02/23 07:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/02/23 07:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/02/23 07:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/02/23 07:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/02/23 07:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/02/01 20:22:12 | 000,138,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010/03/17 13:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 13:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/06/19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009/05/28 13:09:48 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrmRVideo.sys -- (DrmRVideo)
DRV - [2009/05/28 13:09:44 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrmRAudio.sys -- (DrmRAudio)
DRV - [2009/05/08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009/01/29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/03/21 16:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/09/04 20:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007/03/11 14:37:20 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2007/03/11 14:37:19 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2006/12/26 13:43:12 | 000,035,144 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2006/12/13 16:41:48 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/04/04 21:58:44 | 001,536,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/01/06 12:07:27 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2006/01/06 12:07:27 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2006/01/06 12:07:26 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/09/30 11:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/08/29 15:11:00 | 003,644,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/07/28 18:07:58 | 000,156,800 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/06/29 17:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 13:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/21 08:17:08 | 000,017,857 | ---- | M] (iolo technologies, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SGuard.sys -- (SGUARD)
DRV - [2004/08/03 14:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 07:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)
DRV - [2003/09/19 16:47:24 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/04/19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003/03/02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.foxnews.c...k.com/home.php"
FF - prefs.js..extensions.enabledItems: [email protected]:20110101
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {61ED2A9A-39EB-4AAF-BD14-06DFBE8880C3}:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..keyword.enabled: false

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/02/25 20:22:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/04 23:30:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/10 14:00:09 | 000,000,000 | ---D | M]

[2009/03/26 13:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2009/03/26 13:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
[2011/07/17 16:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions
[2011/07/17 16:37:05 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2011/07/17 16:37:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/07/03 12:02:56 | 000,000,000 | ---D | M] (Duplicate Tab) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions\{61ED2A9A-39EB-4AAF-BD14-06DFBE8880C3}
[2009/06/03 15:39:03 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2011/07/17 16:49:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/02/14 16:42:03 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\zbjyrkkr.default\extensions\[email protected]
[2011/07/17 16:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/10 14:00:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/10 14:27:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/15 11:31:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/07/15 13:10:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/25 20:22:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2010/04/01 15:43:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/12/30 01:48:07 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2007/07/26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2010/05/07 10:32:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: <Company name>)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)
O4 - HKLM..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD04] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10m_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.67.0.cab (SysInfo Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1162891808328 (WUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.16.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 68.238.64.12 68.238.128.12
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\junomsg {C4D10830-379D-11d4-9B2D-00C04F1579A5} - C:\Program Files\Juno\bin\jmsgpph.dll (Juno Online Services, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/13 22:35:45 | 000,000,600 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2001/12/14 22:21:26 | 000,765,952 | R--- | M] (Quarium, Inc.) - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001/11/21 21:59:50 | 000,000,053 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{d5c25a34-5edf-11df-b0fe-0016172ee985}\Shell\AutoRun\command - "" = M:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/15 13:10:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/07/15 13:10:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/07/15 13:10:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/07/15 13:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/07/14 20:35:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent
[2010/12/27 12:09:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/07/17 23:38:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/17 23:31:12 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1335882682-4040128034-3268021838-1008UA.job
[2011/07/17 21:42:03 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Login.job
[2011/07/17 21:42:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011/07/17 21:10:07 | 000,000,563 | ---- | M] () -- C:\hpfr5550.xml
[2011/07/17 18:38:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/17 18:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/07/17 13:31:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1335882682-4040128034-3268021838-1008Core.job
[2011/07/15 13:43:11 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/15 13:42:14 | 000,249,230 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/07/15 13:40:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/15 13:40:46 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 13:39:25 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011/07/14 20:28:04 | 000,446,136 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/14 20:28:04 | 000,073,216 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2011/07/15 13:42:27 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\HP Usg Login.job
[2011/07/15 13:42:24 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011/01/11 00:36:28 | 000,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2010/12/27 12:09:16 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\inst.exe
[2010/12/27 12:09:16 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.cat
[2010/12/27 12:09:16 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.inf
[2010/10/08 14:00:05 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/09/25 23:14:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2010/09/25 23:14:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2010/09/25 23:14:21 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2010/08/08 23:59:37 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ExamView.ini
[2010/08/08 23:56:18 | 000,946,176 | R--- | C] () -- C:\WINDOWS\System32\MTEVDic.dll
[2010/08/08 23:56:17 | 000,692,224 | R--- | C] () -- C:\WINDOWS\System32\EVComCtl.dll
[2010/05/07 09:14:26 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/07 09:14:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/07 09:14:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/07 09:14:26 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/07 09:14:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/12/22 13:41:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\prvlcl.dat
[2009/11/03 16:25:36 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/03 16:23:48 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/10/07 06:43:57 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2009/09/27 16:12:22 | 001,604,482 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/20 15:44:23 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/08/18 11:10:59 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/07/17 14:32:25 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\PwrUpCid.dll
[2009/06/29 12:23:49 | 000,012,208 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/02/21 20:37:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/02/18 15:44:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/02/18 15:44:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/02/18 15:44:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/02/18 15:44:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/02/18 15:44:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/02/18 15:44:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/02/18 15:44:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/02/18 15:44:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/11/01 18:58:19 | 000,138,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/11/01 18:57:55 | 000,201,816 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/11/01 18:57:53 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008/11/01 18:57:53 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/08/04 23:07:20 | 000,065,216 | ---- | C] () -- C:\WINDOWS\System32\PDFreDirectMonNT.dll
[2008/06/05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/05/16 11:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008/05/03 08:16:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/04/28 12:51:20 | 000,119,538 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2008/04/28 12:50:46 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2008/03/13 13:20:04 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\virport.dll
[2008/02/17 15:03:07 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008/01/15 05:31:00 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2007/12/24 21:42:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\pixworks.ini
[2007/11/06 10:44:24 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe
[2007/08/01 17:34:20 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2007/08/01 17:34:20 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2007/06/02 13:28:05 | 000,000,771 | ---- | C] () -- C:\WINDOWS\SysMech6.INI
[2007/06/02 13:05:48 | 000,030,942 | ---- | C] () -- C:\WINDOWS\System32\iolobtdfg.exe
[2007/06/02 13:05:48 | 000,025,264 | ---- | C] () -- C:\WINDOWS\System32\smrgdf.exe
[2007/06/02 13:05:47 | 001,212,416 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2007/03/12 13:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2007/02/10 21:56:36 | 000,118,703 | ---- | C] () -- C:\WINDOWS\hpoins09.dat
[2007/02/09 20:58:28 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/02/08 19:30:37 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Apollo Audio DVD Creator.INI
[2007/02/04 22:15:31 | 000,296,448 | ---- | C] () -- C:\WINDOWS\Xenofex.ini
[2007/02/04 18:30:09 | 000,000,673 | ---- | C] () -- C:\WINDOWS\AVPuzzlePro12.ini
[2007/02/04 18:22:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\AVUNTOOL.EXE
[2007/02/03 17:55:25 | 000,000,279 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2006/12/31 00:42:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\rzrunins.exe
[2006/12/31 00:39:33 | 000,012,264 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2006/12/29 09:48:24 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2006/12/14 00:19:54 | 000,000,603 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006/12/07 17:27:45 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/11/25 15:54:40 | 000,000,267 | ---- | C] () -- C:\WINDOWS\fileman.ini
[2006/11/09 12:50:18 | 000,002,437 | ---- | C] () -- C:\WINDOWS\VIEWER.INI
[2006/11/09 01:43:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/11/07 01:31:33 | 000,004,528 | R--- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE
[2006/11/07 00:33:40 | 000,000,236 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2006/10/19 00:49:36 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/12 11:03:25 | 000,000,100 | ---- | C] () -- C:\WINDOWS\JUNO.INI
[2006/10/09 00:20:28 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2006/10/08 16:09:16 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2006/07/22 01:08:05 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2006/06/29 12:30:47 | 000,000,597 | ---- | C] () -- C:\WINDOWS\BTW.INI
[2006/06/29 12:30:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AUTORUN.INI
[2006/06/25 14:11:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\imageCache7.db
[2006/06/21 23:43:59 | 000,000,698 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2006/05/31 16:47:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/05/25 12:50:20 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ClonyCDs.ini
[2006/05/25 12:48:58 | 000,000,297 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2006/05/24 17:07:37 | 000,001,597 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/05/18 13:31:17 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006/05/17 23:53:24 | 000,000,264 | ---- | C] () -- C:\WINDOWS\game.ini
[2006/05/16 23:40:45 | 000,002,568 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI
[2006/05/16 23:39:55 | 000,000,535 | ---- | C] () -- C:\WINDOWS\MSTXTCNV.INI
[2006/05/16 23:32:58 | 000,002,041 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI
[2006/05/16 23:32:58 | 000,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI
[2006/05/16 23:32:05 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/05/16 23:31:54 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/05/16 23:23:54 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/05/16 23:22:30 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/05/16 16:21:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/16 16:21:07 | 000,004,310 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/05/16 13:49:38 | 000,002,314 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
[2006/03/09 10:29:36 | 000,011,645 | ---- | C] () -- C:\WINDOWS\hpomdl09.dat
[2006/02/22 15:45:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/22 15:23:34 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/02/22 15:19:59 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-9972322.exe
[2006/02/22 15:19:05 | 000,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/02/22 15:18:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/02/22 15:16:23 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2006/02/22 15:13:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/22 15:02:45 | 000,004,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/02/22 15:01:23 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/02/22 15:01:23 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/02/22 14:55:42 | 000,080,417 | ---- | C] () -- C:\WINDOWS\HPHins08.dat
[2006/02/22 14:55:42 | 000,004,011 | ---- | C] () -- C:\WINDOWS\hphmdl08.dat
[2006/02/22 14:54:44 | 000,072,881 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2006/02/22 14:54:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2006/02/22 14:51:11 | 000,087,276 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/02/22 14:45:22 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/22 14:42:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/02/22 14:40:54 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/22 14:39:38 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/02/22 14:19:34 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/02/22 14:19:34 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/02/22 14:19:15 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/12/09 14:03:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/30 21:17:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/30 21:07:46 | 000,446,136 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/30 21:07:46 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/30 21:05:30 | 000,335,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/30 21:01:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 20:58:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/05 22:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 00:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/09/16 13:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/10 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/09 21:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/09 21:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/09 21:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/09 21:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/09 21:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/09 21:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/09 21:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/26 07:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 08:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/06 23:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/11/29 10:50:40 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll
[1997/06/13 18:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D458568
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation
@Alternate Data Stream - 170 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F4CE9946
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9

< End of report >
  • 0

Advertisements

#2
chellejeff
Posted 20 March 2011 - 02:00 AM

chellejeff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
The answer was in the first line of the OTL log. For whatever reason, with the spring time change, my computer moved 1 hour and 4 months ahead, which is why the scan says it was done on July 18th 2011. Changed the date, and everything is back to normal. I still have the Media Center warning, but I figured out how to turn that off.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP