Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

CPU 100% then blaster.worm then tid serv Am I clean now?


  • Please log in to reply

#1
QueenJenny71

QueenJenny71

    Member

  • Member
  • PipPip
  • 10 posts
I initially posted and am receiving help from macboatmaster. My problem started out as 100% CPU usage specifically when I am on-line. I thought I had tracked the problem to a svchost file (discovered it was a netsvcs file). I asked for help and was connected with macboatmaster. Here are the steps we followed. (I've been working on this problem for about 4 months now. I consider myself between novice and average in expertise.)

1)Downloaded PCPitstop/ran "free computer check-up"/posted results
2)Uninstalled McAfee, Spybot S&D (could not get to open or run)

3)Turned on Windows firewall (which I had disabled when installed Norton 360)
<Side note: when I tried to turn on Windows Firewall, at first, it said "Windows firewall settings cannot be displayed because associated service is not running. Do you want to start windows firewall/Internet connection sharing (ICS) service? Yes Next message was" Windows cannot start the Internet Connection Sharing Service" I "Shut down" the computer and received a ccsvchost"not responding" I clicked "end now" and explorer.exe"not responding" I clicked "end now". These 2 files have been "not responding" at "shut down" for about 2 months now. My computer actually did not shut down, so after 6 mins I turned off power. 10 mins later I turned the computer back on and found the "Internet Connection Firewall" and enabled that.
4)disabled Norton 360 (see post "CPU 100% while on-line, I think netsvcs prob.")/went on-line to check if surfing had improved.
5)Posted results on my above post and "shut down" computer. 11 mins later "closing network connections" came up then "saving settings" fan sped up and computer was making more than usual noises, sped up and slowed down a few times. After 20 mins I turned off power because the computer was still running.

6)Started computer double checked windows firewall was active. Uninstalled Norton 360. Surfed the internet 30 mins. "Shut Down" computer.
7) Turned on computer checked email and then received a message that I had a malicious program "W32/blaster.worm" Another notice was malicious program "W32/child-porn.proxy/server" then I started to get programs not working "Verclsid.exe cannot start infected W32/blaster.worm" I put the Norton 360 disk in and I could not run the program because of the infection. "Shut Down"

8)Started in Safe Mode with Networking - installed Norton 360 v6. Ran "quick scan" it found the blaster.worm and quarantined it. Shut Down computer.
9)Started Computer in normal mode and everything fine. Went on-line and received a notice that I had a trojan boot "TID Serv" I googled it and found a solution from Norton 360. Downloaded "FixTDSS.exe (Backdoor Tidserv removal tool)from Norton. Closed all running programs.
Turned off System Restore. Started the removal tool.
Restarted the computer when program was finished.
Re-enabled System Restore.
Ran scans in Norton 360 and Malwarebytes' Anti-malware. Everything came up clean. Backed up and created a restore point.

10)Received 25 Microsoft updates (downloaded and installed them). I knew for about a month that I couldn't receive Microsoft updates despite all that I tried. One of the updates was for Internet Explorer 8. I haven't used IE for a long time so I hadn't been updating it. I decided that maybe I should be using Internet Explorer instead of Mozilla, maybe the problem was with Mozilla.
11)Started computer - everything fine. uninstalled Soluto.com, gamesbar Oberon and IOBIT bar. "restarted" computer

12)"Windows could not start because the following file is missing or corrupt: <Windows Root>\system32\hal.dll. Please reinstall a copy of the above file." "shut down computer" and started again-message still there. Found solution on-line, put windows reinstallation disk in computer - went to recovery console did a repair/recover "bootcfg /rebuild" at command prompt (Yes-Windows XP Home Edition-/fastdetect-exit) Windows started normally.
13) Removed IE8, now running IE6./ran quick scan on Norton 360 and Malwarebytes'. No malicious items or viruses. created a restore point/ ran error check on C:\. all stages completed. 140KB bad sectors.
14)Today downloaded Oldtimer and ran "quick scan". Attached are results:

OTL logfile created on: 8/30/2011 9:02:14 AM - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\Jen\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 68.89% Memory free
3.13 Gb Paging File | 2.47 Gb Available in Paging File | 78.82% Paging File free
Paging file location(s): C:\pagefile.sys 800 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 51.60 Gb Free Space | 46.18% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 804.82 Gb Free Space | 86.40% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Jen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/30 09:01:52 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jen\Desktop\OTL.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/04/14 08:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2008/04/14 08:00:00 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/14 08:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\iprip.dll -- (Iprip)


========== Driver Services (SafeList) ==========

DRV - [2011/08/26 17:27:36 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/08/26 15:47:30 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110828.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/08/26 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110829.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/26 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/08/26 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110829.023\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/12 23:21:56 | 000,815,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110812.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/03/30 23:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 23:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 20:39:49 | 000,369,784 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 22:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 02:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 01:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys -- (Tcpip6)
DRV - [2009/11/23 09:43:30 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/23 09:43:30 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/11/23 09:43:28 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2006/03/10 16:55:18 | 000,039,424 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\fantom.sys -- (FANTOM)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=B8DF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...=OIE8HP&PC=B8DF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 9C 61 9E 7C E5 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.iplay.com/?o=shp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=http://www.google.com/search?ie=UTF-8&oe=UTF-8&gfns=1&sourceid=navclient&rls=com.google:en-US:official&q="
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:2.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.33
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..keyword.URL: "data:text/plain,keyword.URL=http://www.google.com/search?ie=UTF-8&oe=UTF-8&gfns=1&sourceid=navclient&rls=com.google:en-US:official&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0: C:\Documents and Settings\Jen\Application Data\Facebook\npfbplugin_1_0_0.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\Jen\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Jen\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Jen\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/10/31 15:01:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/08/28 14:22:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_1_3 [2011/08/30 08:01:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 11:09:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/19 12:19:30 | 000,000,000 | ---D | M]

[2010/01/13 19:06:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jen\Application Data\Mozilla\Extensions
[2011/08/17 11:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\extensions
[2010/11/20 15:35:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/21 15:43:29 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/08/17 11:11:13 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/03/06 11:42:11 | 000,000,000 | ---D | M] ("Amazon Toolbar") -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\extensions\[email protected]
[2011/06/23 19:07:31 | 000,002,263 | ---- | M] () -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\searchplugins\bing-zugo.xml
[2011/08/28 17:04:51 | 000,002,469 | ---- | M] () -- C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\dsk9m49w.default\searchplugins\safesearch.xml
[2011/08/29 10:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/30 08:01:45 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\COFFPLGN_2011_7_1_3
[2011/08/28 14:22:37 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPLGN
[2011/08/12 01:57:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/08/11 23:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2011/03/29 09:33:03 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober8342031.xml

Hosts file not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON NX620 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAA.EXE (SEIKO EPSON CORPORATION)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O15 - HKCU\..Trusted Domains: //@[email protected]/ ([]money in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.11.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/18 19:25:14 | 000,423,424 | ---- | M] () - F:\AutoBackupProcess.exe -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/30 09:01:35 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jen\Desktop\OTL.exe
[2011/08/28 18:12:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/08/28 15:11:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/08/26 17:27:36 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/08/26 17:27:36 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/08/26 17:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/08/26 17:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/08/26 17:27:18 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.sys
[2011/08/26 17:27:18 | 000,516,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.sys
[2011/08/26 17:27:18 | 000,369,784 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdi.sys
[2011/08/26 17:27:18 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.sys
[2011/08/26 17:27:18 | 000,331,384 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011/08/26 17:27:18 | 000,296,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnets.sys
[2011/08/26 17:27:18 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Ironx86.sys
[2011/08/26 17:27:18 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.sys
[2011/08/26 17:26:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2011/08/26 17:26:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0501000.01D
[2011/08/26 17:26:52 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2011/08/26 15:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mozilla
[2011/08/26 15:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Mozilla
[2011/08/22 15:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/08/22 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2011/08/22 13:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[2011/08/15 12:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jen\Application Data\Malwarebytes
[2011/08/07 11:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jen\Application Data\ElevatedDiagnostics
[2011/08/07 11:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/08/07 11:14:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/08/07 10:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/08/05 17:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/08/05 17:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/08/05 16:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jen\Application Data\Easeware
[2011/08/05 15:31:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2011/08/05 15:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jen\Local Settings\Application Data\Microsoft Corporation
[2011/08/02 14:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jen\Application Data\EurekaLog
[2011/08/01 15:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011/08/01 15:42:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jen\My Documents\Anti-Malware
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/30 09:01:52 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jen\Desktop\OTL.exe
[2011/08/30 08:02:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/08/30 08:01:42 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/08/30 08:01:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/30 08:01:07 | 2683,375,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/29 19:52:44 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Jen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/29 18:57:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/29 14:39:42 | 000,000,184 | RHS- | M] () -- C:\boot.ini
[2011/08/29 10:15:50 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/29 10:02:19 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cab6e6117f7c02.job
[2011/08/29 07:36:30 | 000,002,248 | ---- | M] () -- C:\WINDOWS\System32\.rsp
[2011/08/29 07:36:30 | 000,001,568 | ---- | M] () -- C:\WINDOWS\System32\.lck
[2011/08/28 18:32:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/28 18:32:33 | 000,600,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2011/08/28 15:27:14 | 000,166,712 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/28 15:24:07 | 000,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/28 15:24:07 | 000,071,298 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/28 13:50:24 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/26 17:27:36 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/08/26 17:27:36 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/08/26 17:27:36 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/08/26 17:27:36 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/08/26 17:27:22 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2011/08/25 08:00:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\DriverNavigator Scheduled Scan.job
[2011/08/17 17:00:41 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Intelli-studio.lnk
[2011/08/17 12:40:58 | 000,000,834 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cab6e6106888e0.job
[2011/08/17 11:10:40 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/17 11:10:36 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/08/05 15:57:04 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Jen\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/05 12:41:43 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Jen\Desktop\Microsoft Office OneNote 2007 (2).lnk
[2011/08/04 11:18:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\0.8614373000518131.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/29 14:39:42 | 000,000,184 | RHS- | C] () -- C:\boot.ini
[2011/08/28 18:22:33 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Jen\Start Menu\Programs\Internet Explorer.lnk
[2011/08/27 16:02:41 | 000,002,248 | ---- | C] () -- C:\WINDOWS\System32\.rsp
[2011/08/26 17:34:27 | 2683,375,616 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/26 17:33:55 | 000,600,068 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2011/08/26 17:27:36 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/08/26 17:27:36 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/08/26 17:27:22 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2011/08/26 17:27:19 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.cat
[2011/08/26 17:26:58 | 000,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNetV.inf
[2011/08/26 17:26:58 | 000,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNet.inf
[2011/08/26 17:26:56 | 000,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.inf
[2011/08/26 17:26:56 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.inf
[2011/08/26 17:26:56 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.inf
[2011/08/26 17:26:56 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.inf
[2011/08/26 17:26:56 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Iron.inf
[2011/08/26 17:26:55 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.cat
[2011/08/26 17:26:55 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.cat
[2011/08/26 17:26:55 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNet.cat
[2011/08/26 17:26:55 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.cat
[2011/08/26 17:26:55 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.cat
[2011/08/26 17:26:55 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.cat
[2011/08/26 17:26:55 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\isolate.ini
[2011/08/26 16:55:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/13 14:28:44 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/08/05 16:33:12 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\DriverNavigator Scheduled Scan.job
[2011/08/05 15:57:04 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Jen\Start Menu\Programs\Windows Media Player.lnk
[2011/08/05 15:57:03 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Jen\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/05 15:56:35 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/08/05 15:56:35 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/08/05 15:56:35 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/08/05 15:56:34 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/08/05 15:56:34 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/08/05 15:56:34 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/08/05 15:56:34 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/08/05 15:56:34 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/08/05 15:56:34 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/08/05 15:56:34 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/08/05 15:56:34 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/08/05 15:56:25 | 000,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib
[2011/08/05 15:56:25 | 000,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib
[2011/08/05 15:56:25 | 000,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib
[2011/08/05 15:56:24 | 000,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib
[2011/08/05 15:56:24 | 000,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib
[2011/08/05 15:56:24 | 000,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib
[2011/08/05 15:56:24 | 000,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib
[2011/08/05 15:56:22 | 000,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib
[2011/08/05 15:56:22 | 000,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib
[2011/08/05 15:56:22 | 000,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib
[2011/08/05 15:56:21 | 000,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib
[2011/08/05 15:56:21 | 000,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib
[2011/08/05 15:56:21 | 000,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib
[2011/08/05 15:56:21 | 000,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib
[2011/08/05 15:56:20 | 000,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib
[2011/08/05 15:56:20 | 000,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib
[2011/08/05 15:56:20 | 000,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib
[2011/08/05 15:38:41 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/08/04 11:18:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\0.8614373000518131.exe
[2011/08/04 10:54:23 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cab6e6117f7c02.job
[2011/08/04 10:54:22 | 000,000,834 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cab6e6106888e0.job
[2011/07/30 18:04:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/07/30 16:03:11 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011/07/30 16:03:10 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/07/30 16:03:10 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/07/30 16:03:09 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/07/30 16:03:09 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/07/30 16:03:09 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/07/30 16:03:09 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/07/30 16:03:09 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/07/30 16:03:08 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/07/30 16:03:08 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/07/30 16:03:08 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/07/30 16:03:08 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/07/30 16:03:08 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/07/30 16:03:08 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/07/30 16:03:08 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/07/30 16:03:08 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/07/30 15:58:49 | 000,000,079 | ---- | C] () -- C:\WINDOWS\ENX625.ini
[2011/07/13 16:11:56 | 007,243,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/13 15:54:39 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/05/19 07:22:40 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Jen\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/19 06:33:39 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/04/08 19:45:55 | 000,000,074 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2010/10/22 16:05:05 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2010/01/21 11:23:09 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Jen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/14 10:27:20 | 000,032,092 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/13 19:32:56 | 000,000,051 | ---- | C] () -- C:\WINDOWS\dbghist.ini
[2010/01/13 19:25:14 | 000,000,584 | ---- | C] () -- C:\WINDOWS\DELLSTAT.INI
[2010/01/13 19:05:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/01/11 15:05:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/01/11 14:58:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/01/11 09:51:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/01/11 09:49:51 | 000,166,712 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 08:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008/04/14 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 08:00:00 | 000,441,362 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 08:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008/04/14 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 08:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008/04/14 08:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008/04/14 08:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2008/04/14 08:00:00 | 000,071,298 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/09/13 17:27:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlbacnv4.dll
[2003/02/03 06:26:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[1999/07/29 04:27:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010/01/13 18:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/30 16:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/06/24 09:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/03/23 10:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2011/03/29 09:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/08/22 15:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2010/08/22 17:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2010/09/20 19:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2011/08/29 10:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2011/04/04 10:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2011/01/09 16:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2011/08/03 15:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/30 16:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/01/13 12:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ViceVersa PRO 2
[2010/04/24 08:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/13 20:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/07/18 14:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\.minecraft
[2010/09/20 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Arkadium
[2010/04/06 19:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1
[2011/03/24 10:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\DivoGames
[2011/08/05 16:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Easeware
[2011/08/07 11:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\ElevatedDiagnostics
[2011/07/30 16:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Epson
[2011/08/02 14:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\EurekaLog
[2010/04/22 16:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Facebook
[2011/07/30 16:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Leader Technologies
[2011/07/30 16:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Leadertech
[2011/04/04 10:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\MysteryStudio
[2010/05/30 07:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\SMART Technologies Inc
[2011/06/23 19:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\Systweak
[2011/01/09 16:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jen\Application Data\TaxCut
[2011/08/30 08:02:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/08/25 08:00:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 161 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D9F6664C
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89CC7FD8
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3447AB86
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A53EDDED

< End of report >

I hope you can help me determine if my computer is clean so that I can get back to the heart of the matter the 100%CPU Usage while I'm on-line.


Thanks for your time. I Apologize for the lengthy post but I am trying to provide you with everything I know or have done.

Jen
  • 0

Advertisements


#2
QueenJenny71

QueenJenny71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
I was informed that I need to provide you a "link to a thread" - or something like that. (I really don't understand, since I've never posted to forums or chatrooms or anything like that)
This was the help I received before.

So I hope I got this right. :) http://www.geekstogo...k-netsvcs-prob/

Thanks for your time,

Jen
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP