Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet Explorer and firefox crashing immediately and poor system per


  • Please log in to reply

#1
alexisstephani

alexisstephani

    Member

  • Member
  • PipPip
  • 33 posts
Internet Explorer starts but searches are redirected Scour.com/Search web then crashes immediately. Firefox starts and then crashes immediately. Poor system performance and screen slowly disappears and then comes back slowly. I have to use another Computer to access GeeksToGo website. The infected PC that I am experiencing theses problems with is a Dell E-310 P4 running Windows XP Media Center
I ran runkill in safe mode and malwarebytes anti malware in regular mode recently too

502.07 Mb Total Physical Memory | 110.13 Mb Available Physical Memory | 21.93% Memory free
1.20 Gb Paging File | 0.84 Gb Available in Paging File | 70.07% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 436.50 Gb Total Space | 340.83 Gb Free Space | 78.08% Space Free | Partition Type: NTFS

Computer Name: DH75M091 | User Name: ALEXIS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/10 00:00:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/08/19 13:08:42 | 000,246,400 | ---- | M] (F5 Networks) -- C:\WINDOWS\system32\F5InstallerService.exe
PRC - [2008/11/13 14:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
PRC - [2008/06/24 20:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2007/01/18 13:20:24 | 000,024,120 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Sync\SeaSyncServices.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/03/09 15:59:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\twain_32\ca561a\SnapDetect.exe


========== Modules (SafeList) ==========

MOD - [2011/07/10 00:00:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/08/19 13:08:42 | 000,246,400 | ---- | M] (F5 Networks) [Auto | Running] -- C:\WINDOWS\system32\F5InstallerService.exe -- (F5 Networks Component Installer)
SRV - [2008/11/13 14:17:38 | 000,439,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/06/24 20:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007/01/18 13:20:24 | 000,024,120 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Sync\SeaSyncServices.exe -- (Seagate Sync Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/12/23 10:50:58 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/12/23 10:50:58 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/12/23 10:50:52 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/12/23 10:50:42 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2010/01/25 17:18:51 | 000,033,920 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\covpndrv.sys -- (urvpndrv)
DRV - [2010/01/25 17:18:46 | 000,010,752 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2005/12/15 14:35:20 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/10/17 20:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/08/17 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/02/01 19:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2003/11/17 23:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 23:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 23:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/01 14:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\spca561.sys -- (CA561)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.mywa...idebar.jsp?p=DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
IE - HKCU\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {DBBB3167-6E81-400f-BBFD-BD8921726F52}:6031.2010.0617.2004
FF - prefs.js..extensions.enabledItems: [email protected]:4.5

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/27 20:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/09 13:14:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/09 13:14:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\WeightWatchers Browser\components [2010/12/23 13:51:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\WeightWatchers Browser\plugins [2010/12/23 13:51:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/27 20:36:46 | 000,000,000 | ---D | M]

[2008/11/23 23:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Extensions
[2011/07/05 22:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\ylk195nv.default\extensions
[2010/04/27 22:09:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\ylk195nv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/23 10:56:47 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\ylk195nv.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2011/07/05 22:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/31 21:04:42 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/03/27 20:36:46 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2009/06/29 00:36:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008/04/18 11:56:34 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\MyCamera.dll
[2008/04/18 11:55:58 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\NPCIG.dll
[2009/07/04 18:48:14 | 000,283,952 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\mozilla firefox\plugins\npmusicn.dll
[2009/05/12 17:38:33 | 000,024,668 | ---- | M] (Pando Networks, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPPandBr.dll
[2009/04/23 11:57:14 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2009/06/18 13:16:18 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\PDFNetC.dll
[2009/06/18 13:36:06 | 000,108,272 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll

O1 HOSTS File: ([2011/06/09 13:55:08 | 000,000,916 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 184.95.59.209 www.google.com
O1 - Hosts: 184.95.59.210 search.yahoo.com
O1 - Hosts: 184.95.59.210 www.bing.com
O2 - BHO: (Pando Search Assistant BHO) - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CInterceptor Object) - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll (Pando Networks)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Pando Toolbar BHO) - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O3 - HKLM\..\Toolbar: (Pando Toolbar) - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O3 - HKCU\..\Toolbar\WebBrowser: (Pando Toolbar) - {E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnapDetect.lnk = C:\WINDOWS\twain_32\ca561a\SnapDetect.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: weightwatchers.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: weightwatchers.com ([]https in Trusted sites)
O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} file://C:/Program Files/F5 VPN/F5_TMP/f5certchk.cab (F5 Networks Certificate Checker)
O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT AntiViruses Class)
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} file://C:/Program Files/F5 VPN/F5_TMP/cachecleaner.cab (F5 Networks CacheCleaner)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} file://C:/Program Files/F5 VPN/F5_TMP/urxvpn.cab (F5 Networks VPN Manager)
O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT FireWalls Class)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} file://C:/Program Files/F5 VPN/F5_TMP/f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} file://C:/Program Files/F5 VPN/F5_TMP/InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT ProcessesScanner Class)
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab (F5 Networks Policy Agent Host Class)
O16 - DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab (F5 Virtual Sandbox Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab (F5 Networks Group Policy Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} file://C:/Program Files/F5 VPN/F5_TMP/urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} file://C:/Program Files/F5 VPN/F5_TMP/urxhost.cab (F5 Networks Host Control)
O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} file://C:/Program Files/F5 VPN/F5_TMP/f5syschk.cab (F5 Networks OS Policy Agent)
O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (F5 Networks OPSWAT Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/10 00:16:37 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/10 00:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/10 00:16:34 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/10 00:09:52 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALEXIS\Desktop\mbam-setup-1.51.0.1200.exe
[2011/07/10 00:09:11 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\Desktop\OTL.exe
[2011/07/09 13:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\MyWaySA
[2011/06/28 19:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/06/28 19:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/06/25 23:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/06/22 20:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer
[2011/06/22 20:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/06/18 03:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/18 03:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/18 02:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Application Data\Malwarebytes
[2011/06/18 02:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/18 02:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/18 00:30:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/06/18 00:30:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/06/18 00:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\{071A77D0-B623-4EEA-8673-658AA4A423C8}
[2011/06/18 00:21:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\dG28258OmOeO28258
[2009/07/04 18:48:17 | 000,283,952 | ---- | C] (Musicnotes, Inc.) -- C:\Program Files\npmusicn.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/10 09:57:38 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/07/10 09:55:04 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job
[2011/07/10 09:55:03 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job
[2011/07/10 09:42:30 | 000,482,976 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/10 09:42:30 | 000,080,380 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/10 09:37:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/10 09:37:42 | 526,536,704 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 00:16:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/10 00:11:55 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Desktop\Microsoft Word.lnk
[2011/07/10 00:00:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\Desktop\OTL.exe
[2011/07/09 14:17:52 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/09 13:20:41 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2011/07/09 13:18:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/09 13:18:00 | 000,234,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/09 12:45:08 | 000,001,135 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Desktop\crucial order.rtf
[2011/07/05 22:31:34 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/28 16:36:44 | 000,036,114 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Desktop\Tesori-BuildAWall.mtd
[2011/06/18 01:57:06 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALEXIS\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/18 01:33:36 | 001,007,120 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Desktop\rkill.com
[2011/06/18 00:51:53 | 000,017,406 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\037ta678tf55b13niyu466uwy36t77
[2011/06/18 00:35:26 | 000,017,390 | -HS- | M] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
[2011/06/18 00:23:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Uqeqe.bin
[2011/06/18 00:23:35 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Jyeruqumofutoca.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\dabukuyi
[2011/07/10 00:16:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/10 00:14:36 | 526,536,704 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/10 00:09:53 | 001,007,120 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Desktop\rkill.com
[2011/07/09 12:45:08 | 000,001,135 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Desktop\crucial order.rtf
[2011/06/28 16:37:07 | 000,036,114 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Desktop\Tesori-BuildAWall.mtd
[2011/06/18 00:23:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Uqeqe.bin
[2011/06/18 00:23:35 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Jyeruqumofutoca.dat
[2011/06/18 00:19:47 | 000,017,406 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\037ta678tf55b13niyu466uwy36t77
[2011/06/18 00:19:47 | 000,017,390 | -HS- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
[2011/03/27 20:25:47 | 000,201,438 | ---- | C] () -- C:\WINDOWS\hpoins43.dat.temp
[2010/12/04 10:30:47 | 000,032,397 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2010/12/04 10:14:07 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2010/11/23 08:49:21 | 000,157,487 | ---- | C] () -- C:\WINDOWS\hphins27.dat
[2010/11/23 08:49:20 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl27.dat
[2010/05/22 00:00:25 | 000,000,675 | ---- | C] () -- C:\WINDOWS\hpomdl43.dat.temp
[2010/05/01 00:09:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\prvlcl.dat
[2010/04/07 13:48:47 | 000,115,200 | ---- | C] () -- C:\WINDOWS\snap.dat
[2010/04/02 09:00:58 | 000,201,372 | ---- | C] () -- C:\WINDOWS\hpoins43.dat
[2010/04/02 09:00:57 | 000,000,675 | ---- | C] () -- C:\WINDOWS\hpomdl43.dat
[2010/03/31 21:09:06 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/31 20:57:08 | 000,000,180 | ---- | C] () -- C:\WINDOWS\ap561.ini
[2010/03/31 20:57:07 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2010/03/31 20:57:07 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2010/03/31 20:57:07 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2010/03/12 22:31:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/11 04:04:01 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/12/13 13:39:07 | 000,044,152 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/20 10:51:02 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/08/26 22:13:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Application Data\$_hpcst$.hpc
[2009/03/01 19:33:42 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/02/22 14:00:33 | 000,000,469 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009/02/22 13:40:04 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/27 13:39:32 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/11/27 12:52:41 | 000,071,680 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/24 00:19:17 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/11/23 23:33:54 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/11/23 18:10:41 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\fusioncache.dat
[2008/02/19 02:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2005/12/15 14:43:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/15 14:39:43 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/15 14:35:48 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/15 14:34:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/15 14:11:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2005/12/15 14:11:08 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
[2005/12/15 14:11:06 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2005/12/15 14:10:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/12/15 14:10:32 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 06:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 06:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 06:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 06:27:59 | 000,234,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 06:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 06:18:33 | 000,482,976 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 06:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 06:18:33 | 000,080,380 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 06:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 06:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 06:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 06:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 06:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 06:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 06:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 06:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 16:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 19:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2009/09/20 11:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Blackberry Desktop
[2008/11/27 13:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Leadertech
[2009/09/20 10:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Research In Motion
[2011/04/02 21:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\TaxCut
[2009/03/01 19:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/10/14 23:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/09 13:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dG28258OmOeO28258
[2005/08/16 22:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/01/24 17:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dumizuyo
[2011/02/13 21:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2010/10/14 23:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/07/04 19:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/11/27 12:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Digital Technologies
[2010/02/03 13:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rimasafi
[2010/12/23 10:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/04/02 21:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2009/12/13 13:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/01 19:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/01/24 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\wizunure
[2010/02/03 13:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\yiyizesa
[2010/01/24 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zopiwaka
[2010/12/23 14:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/13 11:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP