Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

my computer is extremely slow

Started by longhornbizza , Jul 27 2011 04:52 PM

  • This topic is locked This topic is locked

#1
longhornbizza
Posted 27 July 2011 - 04:52 PM

longhornbizza

    New Member

  • Member
  • Pip
  • 7 posts
aOTL logfile created on: 7/27/2011 5:17:43 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Computer\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.42 Mb Total Physical Memory | 44.79 Mb Available Physical Memory | 17.61% Memory free
705.31 Mb Paging File | 184.14 Mb Available in Paging File | 26.11% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 24.34 Gb Free Space | 65.34% Space Free | Partition Type: NTFS

Computer Name: ---------- | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/27 17:16:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\My Documents\Downloads\OTL.exe
PRC - [2011/06/26 09:49:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 07:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\explorer.exe
PRC - [2005/12/14 13:32:24 | 005,247,488 | ---- | M] (Linksys) -- C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
PRC - [2005/07/04 18:46:04 | 000,053,307 | ---- | M] (GEMTEKS) -- C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
PRC - [2004/10/15 22:40:56 | 002,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\Smc.exe


========== Modules (SafeList) ==========

MOD - [2011/07/27 17:16:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/10/15 21:32:10 | 000,083,096 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS.0\system32\SSSensor.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (WUSB54GCSVC)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2004/10/15 22:40:56 | 002,577,632 | ---- | M] (Sygate Technologies, Inc.) [Auto | Running] -- C:\Program Files\Sygate\SPF\Smc.exe -- (SmcService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS.0\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS.0\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS.0\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2008/04/14 02:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS.0\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 19:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 17:04:34 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2008/04/13 17:04:32 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2008/04/13 17:04:30 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2008/04/13 17:04:30 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2008/04/13 17:04:30 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2008/04/13 17:04:30 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2008/04/13 17:04:30 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2008/04/13 17:04:30 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2008/04/13 17:04:28 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 17:04:28 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2008/04/13 17:04:28 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2008/04/13 17:04:28 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2008/04/13 17:04:28 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2008/04/13 17:04:28 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2008/04/13 17:04:28 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2005/11/24 21:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/02/01 20:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/10/15 21:32:44 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS.0\SYSTEM32\Drivers\wg6n.sys -- (wg6n)
DRV - [2004/10/15 21:32:42 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS.0\SYSTEM32\Drivers\wg5n.sys -- (wg5n)
DRV - [2004/10/15 21:32:40 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS.0\SYSTEM32\Drivers\wg4n.sys -- (wg4n)
DRV - [2004/10/15 21:32:38 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS.0\SYSTEM32\Drivers\wg3n.sys -- (wg3n)
DRV - [2004/10/15 21:18:46 | 000,021,075 | ---- | M] (Sygate Technologies, Inc.) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\wpsdrvnt.sys -- (wpsdrvnt)
DRV - [2004/10/15 21:17:02 | 000,060,496 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS.0\SYSTEM32\Drivers\Teefer.sys -- (Teefer)
DRV - [2003/09/26 00:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2001/08/23 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS.0\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/23 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS.0\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 08:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\irsir.sys -- (irsir)
DRV - [2001/08/17 07:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1387
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Computer\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Computer\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/10 14:50:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/27 07:38:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/27 07:38:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Computer\Application Data\Move Networks [2009/12/01 00:41:05 | 000,000,000 | ---D | M]

[2009/08/02 20:56:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Application Data\Mozilla\Extensions
[2011/07/27 13:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\extensions
[2010/08/21 13:08:20 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/17 15:24:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\extensions\{69d1a568-ffdf-4ef5-8919-7003582e0ee8}
[2009/11/17 12:23:41 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\ask.xml
[2010/08/21 13:05:11 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\bing-zugo.xml
[2011/03/14 12:47:48 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\conduit.xml
[2008/12/12 13:23:54 | 000,002,158 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\MySpace.xml
[2009/09/03 17:04:16 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\mywebsearch.xml
[2011/07/27 13:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/20 15:12:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/15 21:08:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/12/01 00:41:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\COMPUTER\APPLICATION DATA\MOVE NETWORKS
[2011/07/10 14:50:34 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2009/11/28 21:36:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS.0\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SmcService] C:\Program Files\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\Run: [Search Protection] File not found
O4 - HKCU..\Run: [Singlesnet] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS.0\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS.0\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (GTGina.dll) - C:\WINDOWS.0\System32\GTGina.dll (Gemtek)
O24 - Desktop WallPaper: C:\Documents and Settings\Computer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Computer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS.0\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/02 13:47:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/27 07:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\QuickTime
[2011/07/27 07:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/07/27 07:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple Computer
[2011/07/27 07:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/07/27 07:34:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Local Settings\Application Data\Apple
[2011/07/27 07:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/07/27 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple
[2011/07/27 07:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Local Settings\Application Data\Apple Computer
[2011/07/21 13:06:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\My Documents\liz unemployment_files
[2011/07/10 12:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Local Settings\Application Data\Adobe
[3 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/27 10:34:19 | 000,000,264 | ---- | M] () -- C:\WINDOWS.0\tasks\WGASetup.job
[2011/07/27 10:29:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS.0\bootstat.dat
[2011/07/27 10:29:34 | 266,850,304 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/27 10:12:48 | 000,000,022 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\attachments_2009_09_09.zip
[2011/07/27 07:37:32 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\QuickTime Player.lnk
[2011/07/27 07:34:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job
[2011/07/27 06:32:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS.0\System32\wpa.dbl
[2011/07/26 10:55:28 | 004,409,374 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\Prosperity on Purpose 2011.pdf
[2011/07/22 07:17:25 | 000,058,141 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\Resume.pdf
[2011/07/21 13:07:04 | 000,018,359 | ---- | M] () -- C:\Documents and Settings\Computer\My Documents\liz unemployment.htm
[2011/07/12 18:37:56 | 122,187,852 | ---- | M] () -- C:\WINDOWS.0\System32\drivers\AVG\incavi.avm
[3 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/27 07:37:31 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\QuickTime Player.lnk
[2011/07/27 07:34:08 | 000,000,284 | ---- | C] () -- C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job
[2011/07/27 07:33:41 | 000,001,834 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Apple Software Update.lnk
[2011/07/26 10:55:24 | 004,409,374 | ---- | C] () -- C:\Documents and Settings\Computer\Desktop\Prosperity on Purpose 2011.pdf
[2011/07/21 13:06:56 | 000,018,359 | ---- | C] () -- C:\Documents and Settings\Computer\My Documents\liz unemployment.htm
[2011/03/15 07:53:27 | 000,095,072 | ---- | C] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2009/09/25 10:48:28 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Computer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/02 22:43:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS.0\System32\GTW32N50.dll
[2009/08/02 22:43:40 | 000,001,361 | ---- | C] () -- C:\WINDOWS.0\System32\WLAN.INI
[2009/08/02 22:29:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS.0\bootstat.dat
[2009/08/02 22:17:49 | 000,021,640 | ---- | C] () -- C:\WINDOWS.0\System32\emptyregdb.dat
[2009/08/02 20:56:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\nsreg.dat
[2009/08/02 15:09:48 | 000,004,249 | ---- | C] () -- C:\WINDOWS.0\ODBCINST.INI
[2008/10/27 12:56:16 | 000,000,566 | ---- | C] () -- C:\WINDOWS.0\System32\SP207.ini
[2008/04/14 07:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS.0\System32\Dcache.bin
[2006/12/31 09:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS.0\System32\secupd.dat
[2004/10/15 21:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS.0\System32\SetAid.dll
[2001/08/23 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.bin
[2001/08/23 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS.0\System32\mlang.dat
[2001/08/23 06:00:00 | 000,311,934 | ---- | C] () -- C:\WINDOWS.0\System32\perfh009.dat
[2001/08/23 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS.0\System32\perfi009.dat
[2001/08/23 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS.0\System32\dssec.dat
[2001/08/23 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS.0\System32\mib.bin
[2001/08/23 06:00:00 | 000,040,196 | ---- | C] () -- C:\WINDOWS.0\System32\perfc009.dat
[2001/08/23 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS.0\System32\perfd009.dat
[2001/08/23 06:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.dat
[2001/08/23 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS.0\System32\noise.dat
TL Extras logfile created on: 7/27/2011 5:17:43 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Computer\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.42 Mb Total Physical Memory | 44.79 Mb Available Physical Memory | 17.61% Memory free
705.31 Mb Paging File | 184.14 Mb Available in Paging File | 26.11% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 24.34 Gb Free Space | 65.34% Space Free | Partition Type: NTFS

Computer Name: ---------- | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiSpywareOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 23
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{DB90FF25-9932-48F2-B643-1802F1864FAF}" = AVG 2011
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall
"{F855C3AE-992D-4B84-A09D-07103CDCDAC2}" = Compact Wireless-G USB Adapter
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG" = AVG 2011
"Foxit Reader" = Foxit Reader
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Search Toolbar" = Search Toolbar
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/12/2011 7:35:13 PM | Computer Name = ---------- | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4182, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/12/2011 7:35:22 PM | Computer Name = ---------- | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4182, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/12/2011 7:36:19 PM | Computer Name = ---------- | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4182, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 7/18/2011 9:43:20 PM | Computer Name = ---------- | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4182, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 7/24/2011 7:04:37 PM | Computer Name = ---------- | Source = Application Hang | ID = 1002
Description = Hanging application Foxit Reader.exe, version 2.2.2007.2129, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/24/2011 7:04:37 PM | Computer Name = ---------- | Source = Application Hang | ID = 1002
Description = Hanging application Foxit Reader.exe, version 2.2.2007.2129, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/27/2011 8:39:05 AM | Computer Name = ---------- | Source = ESENT | ID = 490
Description = svchost (1536) An attempt to open the file "C:\WINDOWS.0\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 7/27/2011 9:01:25 AM | Computer Name = ---------- | Source = Application Error | ID = 1000
Description = Faulting application QuickTimePlayer.exe, version 7.69.80.9, faulting
module QuickTimePlayer.dll, version 7.69.80.9, fault address 0x00005b6d.

Error - 7/27/2011 11:22:00 AM | Computer Name = ---------- | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/27/2011 1:45:58 PM | Computer Name = ---------- | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

[ System Events ]
Error - 7/26/2011 7:36:04 AM | Computer Name = ---------- | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 7/26/2011 7:36:04 AM | Computer Name = ---------- | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.

Error - 7/27/2011 7:35:04 AM | Computer Name = ---------- | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 7/27/2011 7:35:04 AM | Computer Name = ---------- | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 7/27/2011 10:17:17 AM | Computer Name = ---------- | Source = PlugPlayManager | ID = 12
Description = The device 'E-IDE CD-ROM 52X/AKH' (IDE\CdRomE-IDE_CD-ROM_52X/AKH____________________A64_____\5&40d9078&0&0.0.0)
disappeared from the system without first being prepared for removal.

Error - 7/27/2011 11:33:00 AM | Computer Name = ---------- | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 7/27/2011 11:33:00 AM | Computer Name = ---------- | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 7/27/2011 1:44:07 PM | Computer Name = ---------- | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 7/27/2011 1:54:16 PM | Computer Name = ---------- | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 7/27/2011 2:08:35 PM | Computer Name = ---------- | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}


< End of report >
  • 0

Advertisements

#2
longhornbizza
Posted 27 July 2011 - 04:53 PM

longhornbizza

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ok, so how huge was that copy and paste?!! help =)
  • 0

#3
michaelg9
Posted 31 July 2011 - 05:08 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hi
:yes: . My name is Michael and I am here to help you fix your computer. :)

Note: Before we start the process you should:
  • POST your logs, don't attach them, as it makes it harder to read. Also please don't edit any log in any case
  • Disable ANY programs that offer real-time protection features while executing my instructions. That includes your antivirus, antispyware, windows defender or any other program that offers protection. When you're clean or waiting for my next set of instructions, re-enable them .If you need any help disabling them, ask.
  • Topics that are idle for 4 days after I post instructions will be closed, unless I'm notified of the delay.
  • Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.




Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" for further review.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**



Next:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    [2010/03/17 15:24:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\extensions\{69d1a568-ffdf-4ef5-8919-7003582e0ee8}
    [2009/11/17 12:23:41 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\ask.xml
    [2010/08/21 13:05:11 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\bing-zugo.xml
    [2011/03/14 12:47:48 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\conduit.xml
    [2009/09/03 17:04:16 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Computer\Application Data\Mozilla\Firefox\Profiles\1fmdgsnm.default\searchplugins\mywebsearch.xml
    O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
    O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
    O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
    O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O4 - HKCU..\Run: [Search Protection] File not found
    O4 - HKCU..\Run: [Singlesnet] File not found
    [3 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
    [1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]

    :Services

    :Reg

    :Files
    C:\Program Files\uTorrentBar
    C:\Program Files\Search Toolbar
    C:\Program Files\SGPSA

    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


Next:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

Also in Desktop there should be a file called MBR.dat after that, zip it and then attach it here :)


Next:

Please uninstall the following programs:

Java™ 6 Update 23
Search Toolbar
Fast Browser Search (My Web Tattoo)
uTorrentBar Toolbar


Then go here, click the red button "Free Java Download" and download the latest version of java :unsure:
  • 0

#4
longhornbizza
Posted 01 August 2011 - 08:37 AM

longhornbizza

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hello! I was trying to follow your instructions, downloading the combofix, I was only able to read I didn't have some necessary program for combofix to run, should I try downloading combofix again?
Thank you for your time.
Liz
  • 0

#5
michaelg9
Posted 01 August 2011 - 08:41 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
What do you mean? You don't need any other program apart from ComboFix to run it. Just download it in your Desktop and double click it. If anything happens at that moment instead of ComboFix running, stop and post here with details :)
  • 0

#6
longhornbizza
Posted 01 August 2011 - 08:44 AM

longhornbizza

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
ok, will do thx
  • 0

#7
longhornbizza
Posted 01 August 2011 - 08:55 AM

longhornbizza

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ok so I downloaded the combo fix, now I have a little window that seems to have a bunch of different names in alphabetical order, evrery line starts with the word extract, I tried double clicking on the one that says combo fix, but it's not doing anything =(
Liz
  • 0

#8
michaelg9
Posted 01 August 2011 - 09:38 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,
These program's actions are normal. You are not supposed to do anything more than downloading and double clicking Combo-Fix from your Desktop. It will do all automatically, no action of you is needed.
Just sit back and watch, or you can leave the computer and give it its time to finish
After double clicking it, a window will open saying that it's extracting files, as you said.
When this finish it will close the window, wait some seconds and a blue window will open performing some actions.
When the actions are complete, a text file will open with some contents in it. These contents you must post here. :)
  • 0

#9
longhornbizza
Posted 01 August 2011 - 10:06 AM

longhornbizza

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
So the box with the extractions has been open for a while no blue box is popping up =(
  • 0

#10
longhornbizza
Posted 01 August 2011 - 10:09 AM

longhornbizza

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Also, it doesn't give me the option to close it
  • 0

#11
michaelg9
Posted 01 August 2011 - 12:12 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,
Ok then, skip the ComboFix step and follow the other steps :)
  • 0

#12
michaelg9
Posted 05 August 2011 - 12:29 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP