Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Web Browsers wont run in XP

Started by adamj1976 , Jul 09 2011 01:36 PM

  • Please log in to reply

#1
adamj1976
Posted 09 July 2011 - 01:36 PM

adamj1976

    New Member

  • Member
  • Pip
  • 6 posts
Starting yesterday none of my web browsers will work. I have tried using Internet Explorer, Chrome, and Firefox. IE and Chrome freeze as soon as they start and Firefox wont start at all. It isn't an internet problem because I have tried pinging verious websites and they all work. I have scanned with both CA Security and malawarebytes and haven't had anything detected. I seem to think it is some kind of malaware instead of a XP problem because my computer has started acting slow as well. I was hoping someone might be able to help.

OTL logfile created on: 7/9/2011 3:14:09 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.29 Mb Total Physical Memory | 399.34 Mb Available Physical Memory | 39.02% Memory free
1.66 Gb Paging File | 1.11 Gb Available in Paging File | 67.26% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.10 Gb Total Space | 70.41 Gb Free Space | 47.87% Space Free | Partition Type: NTFS
Drive D: | 5.55 Gb Total Space | 0.95 Gb Free Space | 17.19% Space Free | Partition Type: FAT32

Computer Name: TIGGER | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/09 15:06:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/06/08 19:21:20 | 000,206,160 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\caaphupd.exe
PRC - [2011/06/08 19:18:52 | 001,570,128 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2011/06/08 19:18:47 | 001,119,568 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
PRC - [2011/06/08 19:18:47 | 000,251,216 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2011/06/08 19:18:47 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2011/06/08 19:18:45 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2011/06/08 19:18:44 | 000,206,152 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe
PRC - [2011/05/01 14:55:52 | 002,752,528 | ---- | M] () -- C:\WINDOWS\system32\svcprs32.exe
PRC - [2011/05/01 14:48:38 | 003,215,376 | ---- | M] () -- C:\WINDOWS\system32\mdmcls32.exe
PRC - [2011/04/04 12:42:28 | 000,662,096 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
PRC - [2011/03/03 20:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/03/03 20:52:00 | 000,948,880 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/05/24 12:20:34 | 000,311,296 | ---- | M] (Walt Disney Internet Group) -- C:\Program Files\Disney\Dreams Screensaver\Disney.WDPRO.DreamsScreensaver.ImageDownloader.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/09/14 18:34:59 | 000,028,672 | ---- | M] (DataViz, Inc.) -- C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
PRC - [2005/06/07 13:58:40 | 001,339,392 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
PRC - [2003/08/23 23:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
PRC - [2003/08/19 02:01:00 | 000,110,592 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
PRC - [2003/08/09 12:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/07/14 10:52:44 | 000,040,960 | ---- | M] (Agere Systems) -- C:\WINDOWS\ltmsg.exe
PRC - [2003/06/13 07:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 05:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2002/10/07 10:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Modules (SafeList) ==========

MOD - [2011/07/09 15:06:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2011/06/08 19:19:16 | 000,079,184 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-9.0.0.211\QOEHook.dll
MOD - [2011/02/28 12:13:28 | 000,357,968 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxw.dll
MOD - [2011/02/28 12:13:28 | 000,155,216 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxExw.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/03/03 11:29:00 | 001,335,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nview.dll
MOD - [2004/03/03 11:29:00 | 000,036,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2003/08/23 23:34:34 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\Owner\Local Settings\Temp\IadHide4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ExtractorServiceNPF03)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/06/28 07:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/08 19:18:47 | 000,251,216 | ---- | M] (CA, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/06/08 19:18:47 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/06/08 19:18:45 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2011/06/08 19:18:44 | 000,206,152 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe -- (CAAMSvc)
SRV - [2011/05/01 14:55:52 | 002,752,528 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\svcprs32.exe -- (WinSvchostManager)
SRV - [2011/05/01 14:48:38 | 003,215,376 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\mdmcls32.exe -- (WinExtManager)
SRV - [2011/04/04 12:42:28 | 000,662,096 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe -- (UmxEngine)
SRV - [2011/03/03 20:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/05/14 14:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/12 17:22:18 | 000,331,344 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2011/05/10 17:45:42 | 000,164,944 | ---- | M] (CA) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys -- (KmxAMRT)
DRV - [2011/05/06 09:26:16 | 000,150,096 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2011/05/02 10:40:18 | 000,123,984 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kmxstart.sys -- (KmxStart)
DRV - [2011/04/24 23:32:38 | 000,116,304 | ---- | M] (CA) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2011/03/23 16:29:02 | 000,083,536 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2011/03/23 16:29:02 | 000,063,056 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2011/03/14 04:02:01 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/03/14 04:02:00 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/02/24 14:33:28 | 000,082,000 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/09/14 18:08:13 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2005/08/02 16:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2004/10/01 11:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/04 01:29:51 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/07/10 08:29:51 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/05/13 09:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 07:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/02/17 06:49:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/08/11 13:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/14 13:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2003/05/14 13:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2003/05/14 13:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2003/05/14 13:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2003/05/06 18:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/05/01 13:23:22 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2003/04/11 11:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/20 01:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/02/20 19:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/12/27 14:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/04 20:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 10:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 17:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1879: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1939: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.872: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/06/09 07:34:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/09 10:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/07/09 07:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/03/12 00:05:48 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (no name) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No CLSID value found.
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [capfupgrade] File not found
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ImageDownloader] C:\Program Files\Disney\Dreams Screensaver\Disney.WDPRO.DreamsScreensaver.ImageDownloader.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [LTMSG] C:\WINDOWS\LTMSG.exe (Agere Systems)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe ( )
O4 - HKCU..\Run: [RecordNow!] File not found
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe (DataViz, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} http://help.rr.com/F...oad/tgctlar.cab (Support.com ActionRunner Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} http://www.worldwinn...mines/mines.cab (Mines Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....467&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} http://gamingzone.ub...m/GSManager.cab (CoGSManager Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {48A2634C-DA2F-4360-BF66-19B98872CD49} http://www.nvrddns.c...VSClientWeb.cab (MNVSClientWeb Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (WWHearts Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1266928501171 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinn...ll/freecell.cab (FreeCell Control)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai...all/xscan53.cab (HouseCall Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://floridakeysme...sCamControl.ocx (CamImage Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...8046.4501388889 (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab (SwapIt Control)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalci....1.11_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.s...ta/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://ccon.futurema...lobal/msc34.cab (Measurement Service Client v.3.4)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://playntrade.w...ent/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} https://www-secure.s.../ActiveData.cab (Reg Error: Key error.)
O16 - DPF: {F6676623-8BBD-479C-A51B-05868728708C} http://www.leonardot.../DIGITALDM2.cab (DigitalDM)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.ao.../ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: ActiveGS.cab http://www.virtualap...om/activegs.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 08:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/09 15:13:44 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/07/09 10:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/09 10:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2011/07/09 10:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\LogMeIn
[2011/07/09 10:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/07/09 08:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/07/09 08:17:15 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/09 08:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/09 08:17:06 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/09 08:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/09 08:16:29 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2011/07/09 08:06:23 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
[2011/07/09 07:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2011/07/09 07:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/06/26 12:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/17 06:48:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/17 06:48:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/17 06:48:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/16 19:38:57 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/09 15:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/09 15:10:48 | 000,003,731 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/07/09 15:10:42 | 000,001,407 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/07/09 15:10:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/09 15:09:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/09 15:08:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/09 15:08:58 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/09 15:06:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/07/09 14:31:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2005936006-509089422-62106512-1003UA.job
[2011/07/09 11:29:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/07/09 10:49:09 | 002,199,793 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/07/09 10:49:09 | 000,423,964 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/07/09 10:49:09 | 000,000,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/07/09 10:49:09 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/07/09 10:49:09 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/07/09 08:17:15 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/09 08:13:40 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2011/07/09 08:04:38 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
[2011/07/09 07:25:24 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/09 06:12:01 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{D139A003-AAB8-4848-BE82-36414C975BEB}
[2011/07/09 03:31:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2005936006-509089422-62106512-1003Core.job
[2011/07/07 20:35:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/07 18:39:04 | 000,093,525 | ---- | M] () -- C:\VETlog.dmp
[2011/07/07 18:20:44 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\IE8LinkProblem.bat
[2011/07/06 23:01:47 | 000,040,476 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.inc
[2011/07/04 20:38:34 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/04 20:38:34 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/07/03 23:45:19 | 000,155,136 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/30 20:36:05 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/26 12:16:40 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/24 18:47:58 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/24 18:47:57 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/18 08:45:44 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2011/06/18 08:37:53 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/18 08:20:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/14 17:27:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/09 08:17:15 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/09 07:25:23 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/09 07:25:23 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/09 06:12:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{D139A003-AAB8-4848-BE82-36414C975BEB}
[2011/07/07 18:26:06 | 000,001,758 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\IE8LinkProblem.bat
[2011/07/02 06:41:37 | 000,040,476 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.inc
[2011/07/02 06:36:07 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.cfg
[2011/06/26 12:16:40 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/18 08:45:44 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 8.lnk
[2011/06/18 08:45:44 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2011/05/04 19:41:12 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2011/05/04 19:36:29 | 001,414,480 | ---- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2011/05/04 19:36:05 | 002,752,528 | ---- | C] () -- C:\WINDOWS\System32\svcprs32.exe
[2011/05/04 19:36:04 | 004,091,920 | ---- | C] () -- C:\WINDOWS\System32\win32cpr.dll
[2011/05/04 19:36:03 | 001,744,912 | ---- | C] () -- C:\WINDOWS\System32\winsflt.dll
[2011/05/04 19:36:03 | 000,098,320 | ---- | C] () -- C:\WINDOWS\System32\winsfinst.exe
[2011/05/04 19:36:02 | 003,215,376 | ---- | C] () -- C:\WINDOWS\System32\mdmcls32.exe
[2011/05/02 20:39:08 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/02 20:39:08 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/03/14 21:15:48 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/12 16:44:44 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2009/09/29 12:39:38 | 000,450,560 | ---- | C] () -- C:\WINDOWS\System32\DecodeMSDK.dll
[2009/05/14 14:29:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2008/07/17 10:51:04 | 001,933,312 | ---- | C] () -- C:\WINDOWS\System32\ResJD.dll
[2008/06/15 21:37:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\DisplayManagerSDK.dll
[2008/06/03 11:46:30 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\MRemoteSocket.dll
[2008/03/19 11:15:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\BMPLoad.dll
[2008/01/18 17:25:44 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\AudCodecSDK.dll
[2007/10/03 08:36:17 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/05/24 12:20:34 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\Disney.WDPRO.DreamsScreenSaver.DirectShow.dll
[2006/09/14 18:41:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/08/09 07:55:29 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2006/08/09 07:55:28 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2006/05/18 14:08:21 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/01 08:47:57 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/04/01 08:47:57 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2005/08/09 18:13:59 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/08/09 18:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/06/20 11:50:02 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/05/10 19:06:06 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2005/05/10 19:06:06 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2005/05/10 19:05:39 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/03/30 17:32:47 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2005/03/20 20:42:43 | 000,001,090 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2005/03/20 20:38:19 | 000,001,278 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2005/03/03 20:29:55 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/02/20 20:41:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\hpdj6500.ini
[2005/02/20 20:40:37 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/01/13 08:53:27 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2004/08/30 14:47:43 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 21:13:25 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PdSACKey.sys
[2004/08/22 18:07:25 | 000,007,412 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/08/22 17:54:16 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/07/28 20:37:34 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/07/28 19:08:35 | 000,000,049 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/07/28 19:08:35 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/06/16 18:39:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/06/10 07:34:02 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS0W.DLL
[2004/06/10 07:33:51 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CNMCP0W.EXE
[2004/05/28 15:04:56 | 000,507,904 | ---- | C] () -- C:\WINDOWS\Silent Hunter II remove.exe
[2004/03/27 13:38:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004/03/27 13:38:30 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004/03/17 09:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 09:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/03/14 10:55:28 | 000,000,242 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2004/03/14 10:03:47 | 000,000,726 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2004/03/03 11:34:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/03/01 14:46:30 | 000,000,942 | ---- | C] () -- C:\WINDOWS\WaltDisney.INI
[2004/03/01 14:46:30 | 000,000,638 | ---- | C] () -- C:\WINDOWS\WALTDCS.INI
[2004/02/29 21:02:18 | 000,000,065 | ---- | C] () -- C:\WINDOWS\Showbiz20.ini
[2004/02/29 20:19:15 | 000,155,136 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/02/29 19:05:19 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP110JPR.{PB
[2004/02/29 19:05:19 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP110JCM.{PB
[2004/02/29 19:05:12 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\5FE9918028.sys
[2004/02/29 17:21:26 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/02/29 14:15:46 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/01/15 08:01:26 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2003/10/18 17:08:21 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/10/18 17:08:21 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/10/18 17:00:47 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/10/18 17:00:44 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/10/18 16:12:43 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/10/18 16:12:43 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/10/18 16:12:40 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/10/18 16:12:34 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/10/18 16:12:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/08/28 23:35:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/28 23:34:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/08/28 23:19:10 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/08/23 23:42:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/08/23 23:42:12 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/08/23 23:42:12 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/08/23 23:36:36 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/08/23 23:34:35 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.2.3.66.exe
[2003/08/23 23:33:23 | 000,026,395 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/08/23 23:32:54 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/08/23 23:32:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/08/23 10:25:25 | 000,000,396 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/08/23 10:25:15 | 000,000,774 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/08/23 10:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 10:01:26 | 000,006,848 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2003/08/23 10:01:21 | 000,018,403 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2003/08/23 10:01:21 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2003/08/23 09:54:38 | 000,014,598 | ---- | C] () -- C:\WINDOWS\hpdins01.dat
[2003/08/23 09:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpzmdl01.dat
[2003/08/23 09:46:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/08/23 09:37:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2003/08/23 09:37:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2003/08/23 09:19:52 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/08/23 09:11:57 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/08/23 09:11:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/08/23 09:11:35 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/08/23 08:57:05 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/23 08:55:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/08/23 08:51:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/08/23 08:42:24 | 000,000,667 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/08/23 08:42:05 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/08/23 08:42:05 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/08/23 01:46:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/08/23 01:46:00 | 000,172,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/07/24 01:56:49 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/07/24 01:56:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2002/11/01 16:17:50 | 000,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 000,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 000,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/11/19 20:05:18 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll

< End of report >

OTL Extras logfile created on: 7/9/2011 3:14:09 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.29 Mb Total Physical Memory | 399.34 Mb Available Physical Memory | 39.02% Memory free
1.66 Gb Paging File | 1.11 Gb Available in Paging File | 67.26% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.10 Gb Total Space | 70.41 Gb Free Space | 47.87% Space Free | Partition Type: NTFS
Drive D: | 5.55 Gb Total Space | 0.95 Gb Free Space | 17.19% Space Free | Partition Type: FAT32

Computer Name: TIGGER | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\aol90\waol.exe" = C:\aol90\waol.exe:*:Enabled:aol90 -- (America Online, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\aol90\waol.exe" = C:\aol90\waol.exe:*:Enabled:aol90 -- (America Online, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Standard
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies™
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098637A9-C208-4398-8374-853151D35200}" = SkinsHP2
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{113D36BA-56F5-44D0-AF94-AF87E53A33DF}" = Splinter Cell Pandora Tomorrow Single Player Demo
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1367D815-EC9F-4e2f-9FB9-E40A075AD19B}" = DNAMigrator
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1d1c4bab-632b-432c-a606-a939add320f5}" = Disney Dreams Screensaver
"{1E875C1C-7BFF-47D6-8A01-E9C93A244B41}" = Star Wars Empire at War Demo
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 26
"{284CF4B8-4055-4D2E-BC04-5ADD7AA10E3D}" = The Movies™ 1.1 Patch
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{305B23E7-F8D8-4B92-83AA-5AE0D0090DE7}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38151262-FAF8-4778-9AAB-33E90B60D8E9}" = CA Anti-Virus Plus
"{3D50E33F-0DB8-4E3B-B75C-2B872A33D87B}" = HP Deskjet 6500
"{3F46F8A1-75E1-4bbd-A02D-650C84422E87}" = HPImageZone
"{42948B02-7191-40CF-92AA-4E330869B28B}" = HPIZ Fix2
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{5A05B328-35EB-4CED-B16F-62FA5A2642E6}" =
"{5C650855-4C2B-418F-A747-8B3D8E3FF2A8}" = TrayApp
"{5D7F0A0E-369E-46C0-9F99-FAB21A064781}" = HP Photo and Imaging 2.0 - Photosmart Cameras
"{62B3B82F-B9B1-4D8C-B5D1-C3DAEA1F73AA}" = PhotoGallery
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{642B473F-2584-4C21-AB10-6D1EF28BD601}" = QuickProjects
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F1EC187-3C90-4CC5-A567-ADC4DC31CD61}" = The Spider-Man 2 Demo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}" = ArcSoft ShowBiz 2
"{7A1F1E81-A017-43EE-8A24-E88878164C91}" = SeaWorld Adventure Parks Tycoon 3D
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{84464E93-0222-42E5-8CCE-A618F86210F3}" = SkinsHP1
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8907EBDF-704A-4255-AAC7-52E055B60F14}" = palmOne VersaMail™
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = RecordNow!
"{98386532-89B5-42FF-AC49-60C0D9DBD8B1}" = CreativeProjects
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{990036E7-D647-45A4-8F7F-1CB277EF0ABD}" = RollerCoaster Tycoon 3 Demo
"{A0E27BA8-353A-4288-AB60-5DE8EDA18E16}" = Symantec Technical Support Web Controls
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.0
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B07DC0B6-923A-4877-9C81-1BF88BF6899A}" = Pirates of the Caribbean
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9266252-00CB-4140-B740-DE88FC0F7609}" = hpmdtab
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{BDFE199D-E889-4BB6-BECB-C4BDF5700849}" = Documents To Go
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C224DBAC-57F4-40FD-BB83-09DB532CCD68}" = HPSystemDiagnostics
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF07F56D-F9FD-45CB-8E2B-48786B5B5723}" = Director
"{CFD1B282-555D-494d-8231-4175C2AF08C2}" = PrintScreen
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = HP Organize
"{D310F6C5-39F2-48A4-0093-FD349EBFE5A3}" = NASCAR Thunder TM 2004 Demo
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E05895C5-FE97-4334-8D73-B0089FD07CE3}" = Multimedia Card Reader
"{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F2CA85EF-D86E-4F4C-99E7-8ED7AA18E7B8}" = SWAT 4 Single Player Demo
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{F80D94B4-44A1-4659-A785-2D90F84D5937}" = D-Day Demo
"{FCD50C2E-7DB3-4C18-8D73-6E24CEBD4021}" = Hewlett-Packard Multimedia Keyboard/Mouse Solution
"{FF8157AA-F640-45BD-B7C2-BAA1016B267A}" = palmOne
"1ABC286C-DE10-4590-BEFF-4D0DFF5EA1EC" = GemMaster 3 from Hewlett-Packard Desktops (remove only)
"1FEF9671-50F6-4CB0-9E96-304EB14158E0" = Honeycombs from Hewlett-Packard Desktops (remove only)
"342970EF-F8DF-4E9B-8477-A1A03E3E15E1" = STX from Hewlett-Packard Desktops (remove only)
"357ECB62-CD36-4B63-B57E-769D0CA174F4" = Blasterball 2 from Hewlett-Packard Desktops (remove only)
"36317AE4-57EC-4F3E-B828-009A3DD96BE8" = Polar Bowler from Hewlett-Packard Desktops (remove only)
"4F0AE1FB-4082-4A27-8363-05D292D92FB0" = Virtual Warfare from Hewlett-Packard Desktops (remove only)
"53EF27E9-150C-4063-8343-61C45FC6BB98" = Mars Rover from Hewlett-Packard Desktops (remove only)
"5415BC25-6D6C-46C4-B34C-EA8470FE56D5" = Blackhawk Striker from Hewlett-Packard Desktops (remove only)
"5F804D2B-A66D-4F0A-B64E-FBDA3F52E3F8" = Slyder from Hewlett-Packard Desktops (remove only)
"62067F4C-84A9-45B9-8573-B90468B0A3EF" = Orbital from Hewlett-Packard Desktops (remove only)
"ActiveTouchMeetingClient" = WebEx
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"America Online us" = America Online (Choose which version to remove)
"AOL Connectivity Services" = AOL Connectivity Services
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Spyware Protection" = AOL Spyware Protection
"AOL Toolbar" = AOL Toolbar
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"Azureus" = Azureus
"BackWeb-137903 Uninstaller" = Updates from HP
"BFBCBAE3-8293-4215-9C4F-C2402C118EDB" = Otto from Hewlett-Packard Desktops (remove only)
"Buzz Lightyear AstroBlaster" = Buzz Lightyear AstroBlaster
"C99127BE-FDE5-49BD-9621-BFE5DF19AA34" = Cannonballs from Hewlett-Packard Desktops (remove only)
"CAAPH2" = APH placeholder
"Call of Duty Dawnville Demo" = Call of Duty Dawnville Demo
"CANONBJ_Deinstall_CNMCP0W.DLL" = BJC-4200
"Carbonite Backup" = Carbonite
"caribbean desktop 1024" = caribbean desktop 1024 Wallpaper
"CCleaner" = CCleaner (remove only)
"Copernicus Software 32 Screen Saver" = WaltDisney Screen Saver
"coral_800" = coral_800 Wallpaper
"Coupon Printer for Windows2.0" = Coupon Printer for Windows
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"D11F7128-8CBD-408B-8BF8-034604DEDD42" = Bounce from Hewlett-Packard Desktops (remove only)
"DA44615A-C243-46A4-8E47-184CFF33CD38" = Five Card Frenzy from Hewlett-Packard Desktops (remove only)
"DCL Countdown Clock" = DCL Countdown Clock 1.0
"DCLCastawayCay" = DCLCastawayCay Screen Saver
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell File Manager" = Dell DJ Explorer
"DF479CEA-34C0-460F-9B56-93BCE4CD4086" = Excavation from Hewlett-Packard Desktops (remove only)
"eTrust Suite Personal" = CA Internet Security Suite
"EVEREST Home Edition_is1" = EVEREST Home Edition v1.51
"familykeylogger" = Family Keylogger v2.83 (remove only)
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.4.0
"GameChannel" = WildTangent GameChannel (remove only)
"Google Updater" = Google Updater
"GSpot" = GSpot Codec Information Appliance
"HijackThis" = HijackThis 2.0.2
"Homeworld2 Demo" = Homeworld2 Demo
"HP Instant Support" = HP Instant Support
"HP Photo & Imaging" = HP Photo & Imaging 3.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HPTOOLKIT" = toolkit
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{6F1EC187-3C90-4CC5-A567-ADC4DC31CD61}" = The Spider-Man 2 Demo
"InstallShield_{E05895C5-FE97-4334-8D73-B0089FD07CE3}" = Multimedia Card Reader
"InstallShield_{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"InstallShield_{F2CA85EF-D86E-4F4C-99E7-8ED7AA18E7B8}" = SWAT 4 Single Player Demo
"InstallShield_{FCD50C2E-7DB3-4C18-8D73-6E24CEBD4021}" = Hewlett-Packard Multimedia Keyboard/Mouse Solution
"Invision 2.0 Build 3515" = Invision 2.0 Build 3515
"IrfanView" = IrfanView (remove only)
"Java Web Start" = Java Web Start
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Measurement Services Client" = Futuremark Measurement Services Client
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" =
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Driver" = NVIDIA Display Driver
"NVIDIA Gart Driver" = NVIDIA Gart Driver
"PokerStars.net" = PokerStars.net
"Port Magic" = Pure Networks Port Magic
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 6.0" = RealPlayer
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SereneScene Marine Aquarium 2" = SereneScene Marine Aquarium 2
"Silent Hunter II" = Silent Hunter II
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"ST4UNST #1" = Atc
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TTB000001.TTB000001Toolbar" = CouponBar
"UT2004-Demo" = Unreal Tournament 2004 Demo
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WeatherBug" = WeatherBug
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 3.1 beta3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.0.0.320
"InstallShield_{8907EBDF-704A-4255-AAC7-52E055B60F14}" = palmOne VersaMail™
"Stitch" = Stitch

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 1, Sess: 0

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 1, Sess: 0

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 1, Sess: 0

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 1, Sess: 0

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 1, Sess: 0

Error - 7/9/2011 12:25:06 PM | Computer Name = TIGGER | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout

[ System Events ]
Error - 7/1/2011 6:19:56 AM | Computer Name = TIGGER | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the MS Software Shadow Copy
Provider service to connect.

Error - 7/3/2011 10:54:10 PM | Computer Name = TIGGER | Source = VolSnap | ID = 393228
Description = The shadow copy of volume C: became low on diff area space before
it was properly installed.

Error - 7/6/2011 1:14:32 AM | Computer Name = TIGGER | Source = DCOM | ID = 10010
Description = The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register
with DCOM within the required timeout.

Error - 7/7/2011 6:35:15 AM | Computer Name = TIGGER | Source = System Error | ID = 1003
Description = Error code 0000001a, parameter1 00003451, parameter2 c03c0980, parameter3
834cc890, parameter4 00000000.

Error - 7/7/2011 6:19:32 PM | Computer Name = TIGGER | Source = Service Control Manager | ID = 7031
Description = The CarboniteService service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 7/7/2011 6:20:02 PM | Computer Name = TIGGER | Source = DCOM | ID = 10010
Description = The server {36471C67-6A93-4434-92CC-4C614CD06666} did not register
with DCOM within the required timeout.

Error - 7/7/2011 6:20:32 PM | Computer Name = TIGGER | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the CarboniteService service,
but this action failed with the following error: %%1056

Error - 7/8/2011 8:31:32 AM | Computer Name = TIGGER | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Bonjour Service service.

Error - 7/8/2011 8:32:00 AM | Computer Name = TIGGER | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Bonjour Service service.

Error - 7/8/2011 8:32:31 AM | Computer Name = TIGGER | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Bonjour Service service.


< End of report >

Edited by adamj1976, 09 July 2011 - 01:55 PM.

  • 0

Advertisements

#2
havredave
Posted 11 July 2011 - 09:48 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Hi, welcome to GeeksToGo! I'm havredave, and I'll do my best to help you fix whatever it is that ails your computer.

Just a few things before we begin, to ease the process on both of us:
  • Please don't run any scanning or cleaning software without my direction, as it can make things worse and take longer in the long run.
  • Please be patient. A good cleaning can take quite a while, and usually involves many steps before it is complete. I may not post back quickly, because I often have to research issues or run ideas by my peers for a more thorough fix. Also, I'm currently still in training, so there may be a longer than normal pause between my posts as I get expert feedback and permission to post each fix.
  • You may wish to print out each instruction post in case you lose Internet connectivity (using safe mode, for example), so you can complete the fix.
  • If you have any question on any step, or if something doesn't work as described, please stop and ask before we proceed. Better safe than sorry!
  • Please paste your logs into your replies instead of attaching them. This makes it far easier to review. Feel free to use multiple replies if you need to.
  • Please stick with me until I let you know we're finished. Even if the machine is running better, it doesn't mean it's clean.

I'm currently reviewing your situation with the help of an expert reviewer, and will get back to you as soon as possible.
  • 0

#3
havredave
Posted 12 July 2011 - 11:07 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
First:

Please run OTL again.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :OTL
O3 - HKLM\..\Toolbar: (no name) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No CLSID value found.

:Files
C:\WINDOWS\System32\mkghj.dll
C:\WINDOWS\uccspecc.sys

:Commands
[purity]
[emptyflash]
[createrestorepoint]
[reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.




Next:

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.



Please reply with the GMER log, the OTL log and new quick scan, and the current issues still plaguing the machine.
  • 0

#4
adamj1976
Posted 13 July 2011 - 04:16 AM

adamj1976

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I ran both OTL and gmer and nothing was found. I am attaching the OTL log. I thought the gmer log copied to my flash drive and it didn't so I have to run that scan for you again. It took a long time so I'll post it after work for you. I still Cant get IE to run on that computer. It starts then crashes. Thanks for your help so far

OTL logfile created on: 7/12/2011 5:36:39 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.29 Mb Total Physical Memory | 401.86 Mb Available Physical Memory | 39.27% Memory free
1.66 Gb Paging File | 1.13 Gb Available in Paging File | 68.40% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.10 Gb Total Space | 70.70 Gb Free Space | 48.06% Space Free | Partition Type: NTFS
Drive D: | 5.55 Gb Total Space | 0.95 Gb Free Space | 17.19% Space Free | Partition Type: FAT32

Computer Name: TIGGER | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/09 15:06:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/06/08 19:21:20 | 000,206,160 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\caaphupd.exe
PRC - [2011/06/08 19:18:52 | 001,570,128 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2011/06/08 19:18:47 | 001,119,568 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
PRC - [2011/06/08 19:18:47 | 000,251,216 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2011/06/08 19:18:47 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2011/06/08 19:18:45 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2011/06/08 19:18:44 | 000,206,152 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe
PRC - [2011/05/01 14:55:52 | 002,752,528 | ---- | M] () -- C:\WINDOWS\system32\svcprs32.exe
PRC - [2011/05/01 14:48:38 | 003,215,376 | ---- | M] () -- C:\WINDOWS\system32\mdmcls32.exe
PRC - [2011/04/04 12:42:28 | 000,662,096 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
PRC - [2011/03/03 20:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/03/03 20:52:00 | 000,948,880 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/05/24 12:20:34 | 000,311,296 | ---- | M] (Walt Disney Internet Group) -- C:\Program Files\Disney\Dreams Screensaver\Disney.WDPRO.DreamsScreensaver.ImageDownloader.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/09/14 18:34:59 | 000,028,672 | ---- | M] (DataViz, Inc.) -- C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
PRC - [2005/06/07 13:58:40 | 001,339,392 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
PRC - [2003/08/23 23:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
PRC - [2003/08/19 02:01:00 | 000,110,592 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
PRC - [2003/08/09 12:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/07/14 10:52:44 | 000,040,960 | ---- | M] (Agere Systems) -- C:\WINDOWS\ltmsg.exe
PRC - [2003/06/13 07:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 05:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2002/10/07 10:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Modules (SafeList) ==========

MOD - [2011/07/09 15:06:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2011/06/08 19:19:16 | 000,079,184 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-9.0.0.211\QOEHook.dll
MOD - [2011/02/28 12:13:28 | 000,357,968 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxw.dll
MOD - [2011/02/28 12:13:28 | 000,155,216 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxExw.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/03/03 11:29:00 | 001,335,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nview.dll
MOD - [2004/03/03 11:29:00 | 000,036,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2003/08/23 23:34:34 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\Owner\Local Settings\Temp\IadHide4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ExtractorServiceNPF03)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/06/28 07:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/08 19:18:47 | 000,251,216 | ---- | M] (CA, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/06/08 19:18:47 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/06/08 19:18:45 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2011/06/08 19:18:44 | 000,206,152 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe -- (CAAMSvc)
SRV - [2011/05/01 14:55:52 | 002,752,528 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\svcprs32.exe -- (WinSvchostManager)
SRV - [2011/05/01 14:48:38 | 003,215,376 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\mdmcls32.exe -- (WinExtManager)
SRV - [2011/04/04 12:42:28 | 000,662,096 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe -- (UmxEngine)
SRV - [2011/03/03 20:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/05/14 14:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/12 17:22:18 | 000,331,344 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2011/05/10 17:45:42 | 000,164,944 | ---- | M] (CA) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys -- (KmxAMRT)
DRV - [2011/05/06 09:26:16 | 000,150,096 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2011/05/02 10:40:18 | 000,123,984 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kmxstart.sys -- (KmxStart)
DRV - [2011/04/24 23:32:38 | 000,116,304 | ---- | M] (CA) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2011/03/23 16:29:02 | 000,083,536 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2011/03/23 16:29:02 | 000,063,056 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2011/03/14 04:02:01 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/03/14 04:02:00 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/02/24 14:33:28 | 000,082,000 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/09/14 18:08:13 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2005/08/02 16:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2004/10/01 11:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/04 01:29:51 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/07/10 08:29:51 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/05/13 09:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 07:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/02/17 06:49:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/08/11 13:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/14 13:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2003/05/14 13:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2003/05/14 13:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2003/05/14 13:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2003/05/06 18:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/05/01 13:23:22 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2003/04/11 11:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/20 01:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/02/20 19:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/12/27 14:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/04 20:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 10:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 17:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1879: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1939: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.872: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/06/09 07:34:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/09 10:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/07/09 07:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/03/12 00:05:48 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [capfupgrade] File not found
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ImageDownloader] C:\Program Files\Disney\Dreams Screensaver\Disney.WDPRO.DreamsScreensaver.ImageDownloader.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [LTMSG] C:\WINDOWS\LTMSG.exe (Agere Systems)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe ( )
O4 - HKCU..\Run: [RecordNow!] File not found
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe (DataViz, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} http://help.rr.com/F...oad/tgctlar.cab (Support.com ActionRunner Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} http://www.worldwinn...mines/mines.cab (Mines Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....467&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} http://gamingzone.ub...m/GSManager.cab (CoGSManager Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {48A2634C-DA2F-4360-BF66-19B98872CD49} http://www.nvrddns.c...VSClientWeb.cab (MNVSClientWeb Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (WWHearts Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1266928501171 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinn...ll/freecell.cab (FreeCell Control)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai...all/xscan53.cab (HouseCall Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://floridakeysme...sCamControl.ocx (CamImage Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...8046.4501388889 (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab (SwapIt Control)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalci....1.11_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.s...ta/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://ccon.futurema...lobal/msc34.cab (Measurement Service Client v.3.4)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://playntrade.w...ent/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} https://www-secure.s.../ActiveData.cab (Reg Error: Key error.)
O16 - DPF: {F6676623-8BBD-479C-A51B-05868728708C} http://www.leonardot.../DIGITALDM2.cab (DigitalDM)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.ao.../ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: ActiveGS.cab http://www.virtualap...om/activegs.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 08:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/12 17:30:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/09 15:13:44 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/07/09 10:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/09 10:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2011/07/09 10:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\LogMeIn
[2011/07/09 10:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/07/09 08:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/07/09 08:17:15 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/09 08:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/09 08:17:06 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/09 08:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/09 08:16:29 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2011/07/09 08:06:23 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
[2011/07/09 07:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2011/07/09 07:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/06/26 12:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/12 17:34:56 | 000,003,731 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/07/12 17:34:48 | 000,001,407 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/07/12 17:34:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/12 17:33:39 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/07/12 17:33:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/12 17:33:19 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/12 17:33:19 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/12 17:33:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/12 17:33:14 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/12 17:32:01 | 002,202,553 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/07/12 17:32:01 | 000,479,548 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/07/12 17:32:01 | 000,000,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/07/12 17:32:01 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/07/12 17:32:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/07/12 17:31:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2005936006-509089422-62106512-1003UA.job
[2011/07/11 06:12:01 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{321FEC69-B500-4AB0-9B23-114B5ABC2E6A}
[2011/07/11 03:31:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2005936006-509089422-62106512-1003Core.job
[2011/07/10 06:12:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{A06CA617-2339-44D4-89FF-E17B3614CBF3}
[2011/07/09 15:06:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/07/09 08:17:15 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/09 08:13:40 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2011/07/09 08:04:38 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
[2011/07/09 07:25:24 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/09 06:12:01 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{D139A003-AAB8-4848-BE82-36414C975BEB}
[2011/07/07 18:39:04 | 000,093,525 | ---- | M] () -- C:\VETlog.dmp
[2011/07/07 18:20:44 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\IE8LinkProblem.bat
[2011/07/06 23:01:47 | 000,040,476 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.inc
[2011/07/04 20:38:34 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/04 20:38:34 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/07/03 23:45:19 | 000,155,136 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/02 09:07:11 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.cfg
[2011/06/30 20:36:05 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/26 12:16:40 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/24 18:47:58 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/24 18:47:57 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/18 08:45:44 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2011/06/18 08:20:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/14 17:27:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/11 06:12:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{321FEC69-B500-4AB0-9B23-114B5ABC2E6A}
[2011/07/10 06:12:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{A06CA617-2339-44D4-89FF-E17B3614CBF3}
[2011/07/09 08:17:15 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/09 07:25:23 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/09 07:25:23 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/09 06:12:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{D139A003-AAB8-4848-BE82-36414C975BEB}
[2011/07/07 18:26:06 | 000,001,758 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\IE8LinkProblem.bat
[2011/07/02 06:41:37 | 000,040,476 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.inc
[2011/07/02 06:36:07 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\svcdotnet.cfg
[2011/06/26 12:16:40 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/18 08:45:44 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 8.lnk
[2011/06/18 08:45:44 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2011/05/04 19:36:29 | 001,414,480 | ---- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2011/05/04 19:36:05 | 002,752,528 | ---- | C] () -- C:\WINDOWS\System32\svcprs32.exe
[2011/05/04 19:36:04 | 004,091,920 | ---- | C] () -- C:\WINDOWS\System32\win32cpr.dll
[2011/05/04 19:36:03 | 001,744,912 | ---- | C] () -- C:\WINDOWS\System32\winsflt.dll
[2011/05/04 19:36:03 | 000,098,320 | ---- | C] () -- C:\WINDOWS\System32\winsfinst.exe
[2011/05/04 19:36:02 | 003,215,376 | ---- | C] () -- C:\WINDOWS\System32\mdmcls32.exe
[2011/05/02 20:39:08 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/02 20:39:08 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/03/14 21:15:48 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/12 16:44:44 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2009/09/29 12:39:38 | 000,450,560 | ---- | C] () -- C:\WINDOWS\System32\DecodeMSDK.dll
[2009/05/14 14:29:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2008/07/17 10:51:04 | 001,933,312 | ---- | C] () -- C:\WINDOWS\System32\ResJD.dll
[2008/06/15 21:37:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\DisplayManagerSDK.dll
[2008/06/03 11:46:30 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\MRemoteSocket.dll
[2008/03/19 11:15:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\BMPLoad.dll
[2008/01/18 17:25:44 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\AudCodecSDK.dll
[2007/05/24 12:20:34 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\Disney.WDPRO.DreamsScreenSaver.DirectShow.dll
[2006/09/14 18:41:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/08/09 07:55:29 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2006/08/09 07:55:28 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2006/05/18 14:08:21 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/01 08:47:57 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/04/01 08:47:57 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2005/08/09 18:13:59 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/08/09 18:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/06/20 11:50:02 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/05/10 19:06:06 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2005/05/10 19:06:06 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2005/05/10 19:05:39 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/03/30 17:32:47 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2005/03/20 20:42:43 | 000,001,090 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2005/03/20 20:38:19 | 000,001,278 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2005/03/03 20:29:55 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/02/20 20:41:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\hpdj6500.ini
[2005/02/20 20:40:37 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/01/13 08:53:27 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2004/08/30 14:47:43 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 21:13:25 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PdSACKey.sys
[2004/08/22 18:07:25 | 000,007,412 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/08/22 17:54:16 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/07/28 20:37:34 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/07/28 19:08:35 | 000,000,049 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/07/28 19:08:35 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/06/16 18:39:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/06/10 07:34:02 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS0W.DLL
[2004/06/10 07:33:51 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CNMCP0W.EXE
[2004/05/28 15:04:56 | 000,507,904 | ---- | C] () -- C:\WINDOWS\Silent Hunter II remove.exe
[2004/03/27 13:38:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004/03/27 13:38:30 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004/03/17 09:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 09:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/03/14 10:55:28 | 000,000,242 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2004/03/14 10:03:47 | 000,000,726 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2004/03/03 11:34:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/03/01 14:46:30 | 000,000,942 | ---- | C] () -- C:\WINDOWS\WaltDisney.INI
[2004/03/01 14:46:30 | 000,000,638 | ---- | C] () -- C:\WINDOWS\WALTDCS.INI
[2004/02/29 21:02:18 | 000,000,065 | ---- | C] () -- C:\WINDOWS\Showbiz20.ini
[2004/02/29 20:19:15 | 000,155,136 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/02/29 19:05:19 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP110JPR.{PB
[2004/02/29 19:05:19 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP110JCM.{PB
[2004/02/29 19:05:12 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\5FE9918028.sys
[2004/02/29 17:21:26 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/02/29 14:15:46 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/01/15 08:01:26 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2003/10/18 17:08:21 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/10/18 17:08:21 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/10/18 17:00:47 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/10/18 17:00:44 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/10/18 16:12:43 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/10/18 16:12:43 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/10/18 16:12:40 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/10/18 16:12:34 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/10/18 16:12:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/08/28 23:35:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/28 23:34:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/08/28 23:19:10 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/08/23 23:42:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/08/23 23:42:12 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/08/23 23:42:12 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/08/23 23:36:36 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/08/23 23:34:35 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.2.3.66.exe
[2003/08/23 23:33:23 | 000,026,395 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/08/23 23:32:54 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/08/23 23:32:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/08/23 10:25:25 | 000,000,396 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/08/23 10:25:15 | 000,000,774 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/08/23 10:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 10:01:26 | 000,006,848 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2003/08/23 10:01:21 | 000,018,403 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2003/08/23 10:01:21 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2003/08/23 09:54:38 | 000,014,598 | ---- | C] () -- C:\WINDOWS\hpdins01.dat
[2003/08/23 09:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpzmdl01.dat
[2003/08/23 09:46:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/08/23 09:37:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2003/08/23 09:37:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2003/08/23 09:19:52 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/08/23 09:11:57 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/08/23 09:11:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/08/23 09:11:35 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/08/23 08:57:05 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/23 08:55:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/08/23 08:51:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/08/23 08:42:24 | 000,000,667 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/08/23 08:42:05 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/08/23 08:42:05 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/08/23 01:46:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/08/23 01:46:00 | 000,172,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/07/24 01:56:49 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/07/24 01:56:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2002/11/01 16:17:50 | 000,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 000,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 000,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/11/19 20:05:18 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll

========== LOP Check ==========

[2011/06/12 06:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2008/02/23 17:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2006/09/14 18:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DataViz
[2008/07/10 18:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney
[2008/08/22 12:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2006/09/14 18:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2005/12/13 13:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lionhead Studios
[2011/07/09 10:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/02/17 20:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/20 11:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/09/10 08:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/13 20:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/03/14 20:32:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D3450D7D-6D3E-4734-804F-44124D54B5EB}
[2005/07/08 21:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.bittorrent
[2004/10/22 08:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Aim
[2009/09/16 08:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus
[2006/09/14 18:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HotSync
[2004/03/01 14:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2004/02/29 19:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2005/02/03 08:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2005/12/13 13:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Lionhead Studios
[2010/06/21 07:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mjusbsp
[2005/03/30 17:30:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Musicmatch
[2006/01/28 10:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Petroglyph
[2003/08/23 23:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2007/11/20 17:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stitch
[2004/03/14 10:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2008/02/17 20:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2011/07/03 07:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug
[2009/01/07 20:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WebEx
[2011/07/12 17:33:19 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/01/31 20:32:12 | 000,000,514 | ---- | M] () -- C:\WINDOWS\Tasks\CAAntiSpywareScan_Daily as Owner at 12 07 AM.job

========== Purity Check ==========



< End of report >
  • 0

#5
havredave
Posted 13 July 2011 - 01:04 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
You're quite welcome for the help. :)

Would you mind also posting the output log from the OTL fix? You should be able to find it in the C:\_OTL\MovedFiles\ folder, with a name like 07112011_xxxxx.log, where the xxxxx represents a seemingly random set of numbers.

Take your time on the GMER log. It does take a long time, so that's to be expected.

Also, can you try running IE in no add-ons mode? To do this, click Start, then All Programs, then Accessories, System Tools, then Internet Explorer (No Add-ons). If it does or does not lock up in this mode, it narrows down our search a bit.

Additionally, I'd like you to run one more scan as well:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image




So, in your next reply, please paste the OTL repair log (no need to quickscan again, we have that), the GMER log, the aswMBR log, and let me know whether or not IE in no add-ons mode worked.
  • 0

#6
adamj1976
Posted 14 July 2011 - 04:18 AM

adamj1976

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I am attaching two of the three logs you requested. For some reason when I try re-running gmer it keeps crashing and my computer reboots half way through. I'm not sure why it worked the first time when I didn't copy the log. I'm going to keep trying. In the meantime here are the other tow logs you requested

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5BED3930-2E9E-76D8-BACC-80DF2188D455} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BED3930-2E9E-76D8-BACC-80DF2188D455}\ not found.
========== FILES ==========
C:\WINDOWS\System32\mkghj.dll moved successfully.
C:\WINDOWS\uccspecc.sys moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: Administrator.TIGGER
->Flash cache emptied: 348 bytes

User: All Users

User: Default User
->Flash cache emptied: 41 bytes

User: LocalService

User: NetworkService

User: Owner
->Flash cache emptied: 1527208 bytes

Total Flash Files Cleaned = 1.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.26.1 log created on 07122011_173017

aswMBR version 0.9.7.707 Copyright© 2011 AVAST Software
Run date: 2011-07-13 20:16:39
-----------------------------
20:16:39.062 OS Version: Windows 5.1.2600 Service Pack 3
20:16:39.062 Number of processors: 2 586 0x209
20:16:39.062 ComputerName: TIGGER UserName: Owner
20:16:42.937 Initialize success
20:16:58.750 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:16:58.765 Disk 0 Vendor: Maxtor_6Y160P0 YAR41BW0 Size: 156334MB BusType: 3
20:16:58.781 Disk 0 MBR read successfully
20:16:58.796 Disk 0 MBR scan
20:16:58.796 Disk 0 unknown MBR code
20:16:58.812 Disk 0 scanning sectors +320150880
20:16:58.875 Disk 0 scanning C:\WINDOWS\system32\drivers
20:17:37.109 Service scanning
20:17:40.875 Disk 0 trace - called modules:
20:17:40.890 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
20:17:40.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b91ab8]
20:17:40.890 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\0000006a[0x86b92eb0]
20:17:40.906 5 ACPI.sys[f743e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b6ad98]
20:17:40.906 Scan finished successfully
20:40:01.453 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
20:40:01.468 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
  • 0

#7
havredave
Posted 14 July 2011 - 09:09 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Did it help to run Internet Explorer in no add-ons mode?

I wouldn't worry over much about GMER not running completely. It is a bit sensitive; I'll try to figure out what's making it die as we go along here, but it's not a deal breaker by any means.
  • 0

#8
adamj1976
Posted 15 July 2011 - 09:32 AM

adamj1976

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
No, running IE in safe mode didn't work. I tried Firefox and an old version of crome I had installed and those still don't work. The connection to the internet is still working though because my anti-virus is still updating and XP downloaded the new updates.

Also I tried running GMER and it still keeps crashing and causing a fatal error in XP making it reboot.
  • 0

#9
havredave
Posted 15 July 2011 - 09:50 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
You don't have to bother running GMER again unless I mention it. I'm going to go a slightly different direction as soon as my reviewer OKs my next post. :)
  • 0

#10
havredave
Posted 15 July 2011 - 11:05 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Please try running these commands from the command prompt. It can be found under Start->All Programs->Accessories, or you can simple press Start, click Run, and type "cmd", then press Enter:

After typing each command in, press Enter and allow it to complete.

netsh winsock reset

netsh winhttp reset

After they complete, please reboot the computer, then give your browsers a try, starting with Internet Explorer. Let me know if it works or not, and we'll go from there.
  • 0

#11
adamj1976
Posted 16 July 2011 - 07:56 AM

adamj1976

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I was able to reset the winsock but when I did winhttp I got an error saying winhttp is not a valid command. IE started this time but when trying to load the web page it froze and i had to use CTL-ALT-Delete to close it.
  • 0

#12
havredave
Posted 16 July 2011 - 04:06 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Ok, some progress then. Nothing to worry about with the winhttp command. That's dependent on your version of XP, and I forgot that. I'm not on much during the weekends, but I'll try to check some. :)

Next, let's try re-installing Internet Explorer. It does affect other browsers when it's messed up, so worth a try.

  • In Add/Remove programs in the Control Panel, locate Windows Internet Explorer 8. Uninstall, then reboot the computer.
  • On your good machine (that you're obviously posting from!), download a fresh IE8 installer from here.
  • Transfer the file to your trouble machine, then double-click the installer to begin the installation process. When IE8 is completely installed, please reboot again, then test it to see if it's working.

Let me know whether or not it worked! :unsure:
  • 0

#13
adamj1976
Posted 19 July 2011 - 06:37 PM

adamj1976

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Sorry it took so long to try this fix. I uninstalled and then reinstalled IE and it still freezes and then have to do a ctl=alt-delete to end it.
  • 0

#14
havredave
Posted 20 July 2011 - 08:23 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
I'm not too worried about the timing if you're not. I'm not going anywhere. :)

I should point out though that during some of these fixes, if the computer is used a great deal in between, new issues can crop up that might hinder repair options.

Anyway, let me get with my reviewer with your results and see what we can come up with for you today.
  • 0

#15
havredave
Posted 20 July 2011 - 11:37 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
The cause of your issue isn't jumping out at me, but I'll certainly stick with you until we get it, if you wish. Here are a few things to try:

Do you have the paid CA Internet Security, or a freebie from your Internet provider? I'd like to ask you to remove CA temporarily and test without it. If you have no way to re-install it, please disable CA Internet Security for a moment, and see if you can browse without it.

If it works, I can suggest some very decent and free antivirus solutions, if you wish.

Ad-Aware would be the second application I'd try disabling or removing to test, if CA doesn't work.

These are admittedly both shots in the dark, but they're both applications with the potential to stifle Internet connectivity at different levels.

Please try the CA removal first, if you can, and let me know how that goes. Feel free to proceed on your own with Ad-Aware if you wish, if CA has no affect.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP