It's especially efficient when I use firefox over explorer.
Really slow computer that gets slower as it stays on longer
Started by
hammerz88
, Jul 19 2011 11:52 AM
#16
Posted 01 August 2011 - 03:04 PM
hammerz88
- Topic Starter
-
- Member
-
- 13 posts
Member
It's especially efficient when I use firefox over explorer.
#17
Posted 01 August 2011 - 06:30 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Run OTL again (Quickscan) and post the log. Let me see how it looks now.
If you look at your desktop there should be an Internet Explorer icon somewhere. If you right click on it and select Start without Add-ons, does it work better?
Ron
If you look at your desktop there should be an Internet Explorer icon somewhere. If you right click on it and select Start without Add-ons, does it work better?
Ron
#18
Posted 02 August 2011 - 05:17 PM
hammerz88
- Topic Starter
-
- Member
-
- 13 posts
Member
Yeah..IE works a bit better without add ons.
Here's the OTL log:
OTL logfile created on: 8/2/2011 3:35:12 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Henry Zee\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 152.73 Mb Available Physical Memory | 29.95% Memory free
1.22 Gb Paging File | 0.90 Gb Available in Paging File | 74.06% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.05 Gb Total Space | 283.39 Gb Free Space | 95.08% Space Free | Partition Type: NTFS
Computer Name: H19Z4QSDJDXJYUM | User Name: Henry Zee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/19 10:29:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
PRC - [2011/07/08 00:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/07/04 04:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/05/08 12:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
PRC - [1998/12/16 22:09:20 | 000,057,393 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
========== Modules (SafeList) ==========
MOD - [2011/07/19 10:29:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
MOD - [2011/07/04 04:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2003/05/08 12:00:46 | 000,159,744 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus®
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
SRV - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/08/29 05:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2003/06/30 19:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/03/05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002/06/03 12:20:36 | 000,072,704 | ---- | M] (ESS Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1969.sys -- (es1969) ESS 1969 Audio Driver (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3021046
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 22 F9 DD 2D 37 76 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://search.condui...ctid=CT3021046"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Henry Zee\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/07/29 08:37:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/29 08:16:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/07/29 08:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Henry Zee\Application Data\Mozilla\Extensions
[2011/07/29 08:16:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/07/29 08:37:45 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/08 00:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011/07/31 14:37:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1259203012687 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1259203126750 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/25 18:31:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/07/31 17:56:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/07/31 14:11:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/07/29 08:38:13 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/07/29 08:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/07/29 08:38:12 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/29 08:38:09 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/29 08:38:09 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/29 08:38:09 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/29 08:38:08 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/29 08:38:08 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/29 08:38:07 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/29 08:37:39 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/29 08:37:38 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/29 08:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/29 08:37:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/29 08:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\My Documents\Downloads
[2011/07/29 08:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Local Settings\Application Data\Mozilla
[2011/07/29 08:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Application Data\Mozilla
[2011/07/29 08:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/07/26 13:13:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/07/20 22:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Desktop\computer cleaning
[2011/07/20 22:10:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/07/20 22:08:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/07/20 22:08:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/07/20 22:08:05 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/07/20 22:08:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/07/20 22:07:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/07/20 22:07:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/07/20 22:05:58 | 004,159,367 | R--- | C] (Swearware) -- C:\Documents and Settings\Henry Zee\Desktop\ComboFix.exe
[2011/07/20 21:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Application Data\Malwarebytes
[2011/07/20 21:37:03 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/20 21:37:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/20 21:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/20 21:36:49 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/20 21:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/20 14:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2011/07/20 14:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/07/20 14:40:46 | 003,798,200 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Henry Zee\Desktop\spsetup111.exe
[2011/07/19 10:29:00 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/02 14:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/01 22:54:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc24d69b9d54a6.job
[2011/08/01 06:28:02 | 000,019,100 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\1109055.pdf
[2011/07/31 14:37:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/31 14:13:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/31 13:59:09 | 004,159,367 | R--- | M] (Swearware) -- C:\Documents and Settings\Henry Zee\Desktop\ComboFix.exe
[2011/07/29 08:38:13 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/07/29 08:38:08 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/29 08:23:18 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/07/29 08:19:36 | 056,727,728 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\setup_av_free.exe
[2011/07/29 08:17:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/07/29 08:17:01 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/29 08:17:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/27 12:57:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/20 22:10:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/07/20 21:37:05 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/20 14:41:55 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/07/20 14:41:27 | 003,798,200 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Henry Zee\Desktop\spsetup111.exe
[2011/07/19 13:31:27 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Henry Zee\My Documents\spider.sav
[2011/07/19 12:59:04 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\Microsoft Word.lnk
[2011/07/19 10:29:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
[2011/07/15 05:36:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/07/14 16:10:38 | 000,221,915 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\20110714+GA+Tech+Public+Infr+Report.pdf
[2011/07/13 15:31:00 | 000,110,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/13 03:03:21 | 000,590,294 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/13 03:00:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/04 04:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/04 04:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/04 04:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/01 06:28:02 | 000,019,100 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Desktop\1109055.pdf
[2011/07/29 08:38:13 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/07/29 08:18:51 | 056,727,728 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Desktop\setup_av_free.exe
[2011/07/29 08:17:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/07/29 08:17:01 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/29 08:17:01 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/29 08:17:01 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/27 13:00:20 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/07/20 22:10:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/07/20 22:10:05 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/20 22:08:05 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/20 22:08:05 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/20 22:08:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/20 22:08:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/20 22:08:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/20 21:37:05 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/20 14:41:55 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/07/19 13:31:27 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\Henry Zee\My Documents\spider.sav
[2011/07/14 16:10:37 | 000,221,915 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Desktop\20110714+GA+Tech+Public+Infr+Report.pdf
[2011/03/27 10:22:23 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/07/06 22:07:29 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2010/06/17 16:41:22 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/12/12 12:51:32 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/06 22:33:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/06 22:15:52 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/11/25 18:35:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/11/25 18:28:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/11/25 10:25:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/11/25 10:25:03 | 000,110,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/12/31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/11/20 14:39:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/07/16 13:54:55 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/16 13:54:54 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/07/16 13:41:25 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/07/16 13:41:25 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/07/16 13:41:23 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/07/16 13:41:21 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/07/16 13:39:07 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/07/16 13:33:50 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/07/16 13:33:39 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/07/16 13:27:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/07/16 13:26:37 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2011/07/29 08:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/01/07 22:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MipKukSoft
[2010/07/01 21:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2010/06/17 16:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/06/17 16:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2011/03/26 06:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/07/29 14:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/01 20:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\AVP 2009
[2010/06/17 17:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\Canon
[2010/07/11 13:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/12/06 21:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\FUJIFILM
[2011/05/01 08:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\GARMIN
[2010/06/17 16:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\ScanSoft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Here's the OTL log:
OTL logfile created on: 8/2/2011 3:35:12 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Henry Zee\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 152.73 Mb Available Physical Memory | 29.95% Memory free
1.22 Gb Paging File | 0.90 Gb Available in Paging File | 74.06% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.05 Gb Total Space | 283.39 Gb Free Space | 95.08% Space Free | Partition Type: NTFS
Computer Name: H19Z4QSDJDXJYUM | User Name: Henry Zee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/19 10:29:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
PRC - [2011/07/08 00:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/07/04 04:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/05/08 12:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
PRC - [1998/12/16 22:09:20 | 000,057,393 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
========== Modules (SafeList) ==========
MOD - [2011/07/19 10:29:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
MOD - [2011/07/04 04:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2003/05/08 12:00:46 | 000,159,744 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus®
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
SRV - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/08/29 05:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2003/06/30 19:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/03/05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002/06/03 12:20:36 | 000,072,704 | ---- | M] (ESS Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1969.sys -- (es1969) ESS 1969 Audio Driver (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3021046
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 22 F9 DD 2D 37 76 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://search.condui...ctid=CT3021046"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Henry Zee\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/07/29 08:37:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/29 08:16:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/07/29 08:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Henry Zee\Application Data\Mozilla\Extensions
[2011/07/29 08:16:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/07/29 08:37:45 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/08 00:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011/07/31 14:37:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1259203012687 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1259203126750 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/25 18:31:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/07/31 17:56:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/07/31 14:11:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/07/29 08:38:13 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/07/29 08:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/07/29 08:38:12 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/29 08:38:09 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/29 08:38:09 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/29 08:38:09 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/29 08:38:08 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/29 08:38:08 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/29 08:38:07 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/29 08:37:39 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/29 08:37:38 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/29 08:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/29 08:37:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/29 08:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\My Documents\Downloads
[2011/07/29 08:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Local Settings\Application Data\Mozilla
[2011/07/29 08:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Application Data\Mozilla
[2011/07/29 08:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/07/26 13:13:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/07/20 22:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Desktop\computer cleaning
[2011/07/20 22:10:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/07/20 22:08:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/07/20 22:08:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/07/20 22:08:05 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/07/20 22:08:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/07/20 22:07:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/07/20 22:07:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/07/20 22:05:58 | 004,159,367 | R--- | C] (Swearware) -- C:\Documents and Settings\Henry Zee\Desktop\ComboFix.exe
[2011/07/20 21:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Henry Zee\Application Data\Malwarebytes
[2011/07/20 21:37:03 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/20 21:37:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/20 21:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/20 21:36:49 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/20 21:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/20 14:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2011/07/20 14:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/07/20 14:40:46 | 003,798,200 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Henry Zee\Desktop\spsetup111.exe
[2011/07/19 10:29:00 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/02 14:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/01 22:54:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc24d69b9d54a6.job
[2011/08/01 06:28:02 | 000,019,100 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\1109055.pdf
[2011/07/31 14:37:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/31 14:13:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/31 13:59:09 | 004,159,367 | R--- | M] (Swearware) -- C:\Documents and Settings\Henry Zee\Desktop\ComboFix.exe
[2011/07/29 08:38:13 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/07/29 08:38:08 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/29 08:23:18 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/07/29 08:19:36 | 056,727,728 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\setup_av_free.exe
[2011/07/29 08:17:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/07/29 08:17:01 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/29 08:17:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/27 12:57:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/20 22:10:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/07/20 21:37:05 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/20 14:41:55 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/07/20 14:41:27 | 003,798,200 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Henry Zee\Desktop\spsetup111.exe
[2011/07/19 13:31:27 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Henry Zee\My Documents\spider.sav
[2011/07/19 12:59:04 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\Microsoft Word.lnk
[2011/07/19 10:29:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henry Zee\Desktop\OTL.exe
[2011/07/15 05:36:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/07/14 16:10:38 | 000,221,915 | ---- | M] () -- C:\Documents and Settings\Henry Zee\Desktop\20110714+GA+Tech+Public+Infr+Report.pdf
[2011/07/13 15:31:00 | 000,110,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/13 03:03:21 | 000,590,294 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/13 03:00:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/04 04:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/04 04:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/04 04:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/01 06:28:02 | 000,019,100 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Desktop\1109055.pdf
[2011/07/29 08:38:13 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/07/29 08:18:51 | 056,727,728 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Desktop\setup_av_free.exe
[2011/07/29 08:17:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/07/29 08:17:01 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/29 08:17:01 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/29 08:17:01 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/27 13:00:20 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/07/20 22:10:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/07/20 22:10:05 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/20 22:08:05 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/20 22:08:05 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/20 22:08:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/20 22:08:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/20 22:08:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/20 21:37:05 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/20 14:41:55 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/07/19 13:31:27 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\Henry Zee\My Documents\spider.sav
[2011/07/14 16:10:37 | 000,221,915 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Desktop\20110714+GA+Tech+Public+Infr+Report.pdf
[2011/03/27 10:22:23 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/07/06 22:07:29 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2010/06/17 16:41:22 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/12/12 12:51:32 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Henry Zee\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/06 22:33:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/06 22:15:52 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/11/25 18:35:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/11/25 18:28:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/11/25 10:25:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/11/25 10:25:03 | 000,110,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/12/31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/11/20 14:39:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/07/16 13:54:55 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/16 13:54:54 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/07/16 13:41:25 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/07/16 13:41:25 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/07/16 13:41:23 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/07/16 13:41:21 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/07/16 13:39:07 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/07/16 13:33:50 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/07/16 13:33:39 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/07/16 13:27:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/07/16 13:26:37 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2011/07/29 08:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/01/07 22:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MipKukSoft
[2010/07/01 21:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2010/06/17 16:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/06/17 16:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2011/03/26 06:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/07/29 14:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/01 20:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\AVP 2009
[2010/06/17 17:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\Canon
[2010/07/11 13:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/12/06 21:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\FUJIFILM
[2011/05/01 08:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\GARMIN
[2010/06/17 16:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henry Zee\Application Data\ScanSoft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
#19
Posted 02 August 2011 - 08:33 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Copy the text in the code box by highlighting and Ctrl + c
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.
Go into IE, Tools, Internet Options change the Home Page to Use Blank. OK. Close IE. Start IE. Is it faster now?
Get Simple Adblock and install it: Adhttp://simple-adblock.com/
This should make IE a bit faster when it hits a page with a lot of ads.
Open Firefox. (Count how long it takes to open. One thousand one, one thousand two...) Go to www.google.com
Then Firefox, (or tools if you have the older version) Options, tell it to Use Current for the homepage. OK.
Now go to https://addons.mozil...n/adblock-plus/ and get the ad-block plus ad-on for firefox.
Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . (Close Firefox.) Press the Speed up my Firefox button. Exit.
Open Firefox. Count how long it takes to open now.
Are things any faster now?
Ron
:processes
killallprocesses
:Services
nosGetPlusHelper
HidServ
AppMgmt
:OTL
SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus®
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
:Files
sc config nosGetPlusHelper start= disabled /c
sc config HidServ start= disabled /c
sc config AppMgmt start= disabled /c
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[purity]
[Reboot]
then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the topLet the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.
Go into IE, Tools, Internet Options change the Home Page to Use Blank. OK. Close IE. Start IE. Is it faster now?
Get Simple Adblock and install it: Adhttp://simple-adblock.com/
This should make IE a bit faster when it hits a page with a lot of ads.
Open Firefox. (Count how long it takes to open. One thousand one, one thousand two...) Go to www.google.com
Then Firefox, (or tools if you have the older version) Options, tell it to Use Current for the homepage. OK.
Now go to https://addons.mozil...n/adblock-plus/ and get the ad-block plus ad-on for firefox.
Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . (Close Firefox.) Press the Speed up my Firefox button. Exit.
Open Firefox. Count how long it takes to open now.
Are things any faster now?
Ron
#20
Posted 03 August 2011 - 03:10 PM
hammerz88
- Topic Starter
-
- Member
-
- 13 posts
Member
YES! Things are so much faster than I can remember them being. WOW.
Here is the log:
All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
Service nosGetPlusHelper stopped successfully!
Service nosGetPlusHelper deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
========== OTL ==========
Error: No service named nosGetPlusHelper was found to stop!
Service\Driver key nosGetPlusHelper not found.
Error: No service named HidServ was found to stop!
Service\Driver key HidServ not found.
Error: No service named AppMgmt was found to stop!
Service\Driver key AppMgmt not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
========== FILES ==========
< sc config nosGetPlusHelper start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Henry Zee\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Henry Zee\Desktop\cmd.txt deleted successfully.
< sc config HidServ start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Henry Zee\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Henry Zee\Desktop\cmd.txt deleted successfully.
< sc config AppMgmt start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Henry Zee\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Henry Zee\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes
User: Henry Zee
->Temp folder emptied: 176022 bytes
->Temporary Internet Files folder emptied: 114452958 bytes
->FireFox cache emptied: 124913724 bytes
->Google Chrome cache emptied: 12160594 bytes
->Flash cache emptied: 239670 bytes
User: Judy Zee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes
User: LocalService
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 343 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Nikki Zee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes
User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 294871 bytes
->Flash cache emptied: 41490 bytes
User: Stanley Zee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1126405 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 270 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 242.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Henry Zee
->Flash cache emptied: 0 bytes
User: Judy Zee
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
User: Nikki Zee
->Flash cache emptied: 0 bytes
User: Owner
->Flash cache emptied: 0 bytes
User: Stanley Zee
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.26.1 log created on 08032011_074533
Here is the log:
All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
Service nosGetPlusHelper stopped successfully!
Service nosGetPlusHelper deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
========== OTL ==========
Error: No service named nosGetPlusHelper was found to stop!
Service\Driver key nosGetPlusHelper not found.
Error: No service named HidServ was found to stop!
Service\Driver key HidServ not found.
Error: No service named AppMgmt was found to stop!
Service\Driver key AppMgmt not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
========== FILES ==========
< sc config nosGetPlusHelper start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Henry Zee\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Henry Zee\Desktop\cmd.txt deleted successfully.
< sc config HidServ start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Henry Zee\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Henry Zee\Desktop\cmd.txt deleted successfully.
< sc config AppMgmt start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Henry Zee\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Henry Zee\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes
User: Henry Zee
->Temp folder emptied: 176022 bytes
->Temporary Internet Files folder emptied: 114452958 bytes
->FireFox cache emptied: 124913724 bytes
->Google Chrome cache emptied: 12160594 bytes
->Flash cache emptied: 239670 bytes
User: Judy Zee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes
User: LocalService
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 343 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Nikki Zee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes
User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 294871 bytes
->Flash cache emptied: 41490 bytes
User: Stanley Zee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1126405 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 270 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 242.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Henry Zee
->Flash cache emptied: 0 bytes
User: Judy Zee
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
User: Nikki Zee
->Flash cache emptied: 0 bytes
User: Owner
->Flash cache emptied: 0 bytes
User: Stanley Zee
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.26.1 log created on 08032011_074533
#21
Posted 03 August 2011 - 03:45 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Let's do one final check and then I think we are done.
Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
#22
Posted 04 August 2011 - 09:11 AM
hammerz88
- Topic Starter
-
- Member
-
- 13 posts
Member
Here is the system log:
Vino's Event Viewer v01c run on Windows XP in English
Report run at 04/08/2011 8:10:08 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Here is the application log:
Vino's Event Viewer v01c run on Windows XP in English
Report run at 04/08/2011 8:11:28 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vino's Event Viewer v01c run on Windows XP in English
Report run at 04/08/2011 8:10:08 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Here is the application log:
Vino's Event Viewer v01c run on Windows XP in English
Report run at 04/08/2011 8:11:28 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#23
Posted 04 August 2011 - 09:24 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
We need to clean up System Restore. Follow Jim's procedure here:
http://aumha.net/vie...581099691bf108f
You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:
"%userprofile%\Desktop\combofix.exe" /Uninstall
Start, Run, cmd, OK then right click, Paste, then hit Enter.
OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.
To hide hidden files again:
XP
# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash, Reader or Acrobat.
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.
To help keep your programs up-to-date you can download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/
If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . It seems to work best if you reboot right after running it. You can run it any time that Firefox seems slow.
Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.
If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.
Ron
http://aumha.net/vie...581099691bf108f
You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:
"%userprofile%\Desktop\combofix.exe" /Uninstall
Start, Run, cmd, OK then right click, Paste, then hit Enter.
OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.
To hide hidden files again:
XP
# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash, Reader or Acrobat.
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.
To help keep your programs up-to-date you can download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/
If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . It seems to work best if you reboot right after running it. You can run it any time that Firefox seems slow.
Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.
If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.
Ron
#24
Posted 04 August 2011 - 03:39 PM
hammerz88
- Topic Starter
-
- Member
-
- 13 posts
Member
Done and done! My computer is working amazingly! Thanks!
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
