Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow computer after installing SuperAntiSpyware,etc


  • Please log in to reply

#1
realapp

realapp

    Member

  • Member
  • PipPipPip
  • 338 posts
I am having a couple of issues. First, I've noticed the computer running slower, so I updated/ installed superantispyware, spywareblaster, etc. (all that is recommended by GTG)It did get rid of quite a bit of stuff, but now my computer seems to be even slower.

Also, I noticed that when I create a document (like Word), it seems to create a duplicate and stores it in my folder with some symbols in front like $$.

Also, I installed the online armor firewall as suggested. It keeps having popups everytime it blocks something and do I need this if I am using a router? I'm going to try and post and OTL log. Thanks so much!


OTL logfile created on: 9/22/2011 9:24:49 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Teresa L\Desktop\computer security stuff
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.30 Mb Total Physical Memory | 236.43 Mb Available Physical Memory | 23.10% Memory free
1.41 Gb Paging File | 0.49 Gb Available in Paging File | 34.55% Paging File free
Paging file location(s): C:\pagefile.sys 512 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 11.50 Gb Free Space | 30.89% Space Free | Partition Type: NTFS
Drive E: | 449.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.76 Gb Total Space | 456.05 Gb Free Space | 97.92% Space Free | Partition Type: NTFS

Computer Name: TERESA | User Name: Teresa L | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/22 09:24:01 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Teresa L\Desktop\computer security stuff\OTL.exe
PRC - [2011/09/06 03:55:14 | 004,220,376 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oasrv.exe
PRC - [2011/09/06 03:55:14 | 002,493,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oaui.exe
PRC - [2011/09/06 03:55:12 | 001,150,928 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oahlp.exe
PRC - [2011/09/06 03:55:10 | 000,207,936 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oacat.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/12 16:37:06 | 004,603,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/07/08 13:21:52 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/08 13:21:12 | 000,323,296 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/07/06 14:32:04 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010/07/06 14:32:02 | 000,069,896 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2010/06/25 21:14:04 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/06/16 14:36:22 | 003,272,704 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2009/06/04 15:49:18 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/22 12:49:56 | 000,263,712 | ---- | M] () -- C:\Program Files\Upromise__RemindU\UpromiseRemindUv.exe
PRC - [2004/07/18 11:43:58 | 000,368,640 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
PRC - [2003/08/29 20:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 12:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/03/19 09:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2001/10/11 18:35:02 | 000,082,026 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
PRC - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\Nhksrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/22 08:26:32 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/09/22 08:26:31 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/09/21 14:33:06 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/09/21 14:33:06 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/01/21 04:04:52 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/01/21 04:04:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/01/20 04:33:05 | 011,797,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
MOD - [2011/01/20 04:32:35 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
MOD - [2011/01/20 04:32:09 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll
MOD - [2011/01/20 04:29:25 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll
MOD - [2011/01/20 04:28:41 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2011/01/20 04:24:54 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2011/01/20 04:24:38 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2011/01/20 04:23:55 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2011/01/20 04:23:10 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll
MOD - [2011/01/20 04:19:35 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2011/01/20 04:17:38 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2010/07/08 13:24:34 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/08 13:24:02 | 000,026,848 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/08 13:21:12 | 000,323,296 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/03/22 17:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/06/16 14:36:22 | 003,272,704 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2009/06/16 14:19:46 | 000,319,488 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
MOD - [2009/06/04 15:49:18 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
MOD - [2009/03/16 16:49:42 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2009/01/28 16:03:49 | 000,326,401 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007/05/22 12:49:58 | 000,108,064 | ---- | M] () -- C:\Program Files\Upromise__RemindU\uprom.dll
MOD - [2007/05/22 12:49:56 | 000,263,712 | ---- | M] () -- C:\Program Files\Upromise__RemindU\UpromiseRemindUv.exe
MOD - [2004/07/18 11:44:18 | 000,008,192 | ---- | M] () -- C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\fm30xmf.dll
MOD - [2003/08/29 20:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
MOD - [2003/08/29 12:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
MOD - [2003/08/03 00:24:01 | 000,192,512 | R--- | M] () -- C:\Program Files\SpywareGuard\dlprotect.dll
MOD - [2003/08/03 00:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll
MOD - [2001/10/11 18:34:50 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll
MOD - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\Nhksrv.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/06 03:55:14 | 004,220,376 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2011/09/06 03:55:10 | 000,207,936 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\OAcat.exe -- (OAcat)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/07/08 13:21:52 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/07/06 14:32:04 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/04 15:49:18 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2001/08/10 13:14:14 | 000,192,512 | ---- | M] (Roxio Inc.) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\ImapiRox.exe -- (ImapiService)
SRV - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Nhksrv.exe -- (Nhksrv)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 03:55:48 | 000,040,296 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\oahlp32.sys -- (oahlpXX)
DRV - [2011/09/06 03:55:28 | 000,029,464 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OAnet.sys -- (OAnet)
DRV - [2011/09/06 03:55:28 | 000,025,192 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OAmon.sys -- (OAmon)
DRV - [2011/09/06 03:55:26 | 000,205,864 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OADriver.sys -- (OADevice)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/01/08 13:40:19 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/05 12:00:44 | 000,632,576 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcmwlhigh5.sys -- (BCMH43XX)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/11/07 04:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\npf.sys -- (NPF)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2005/02/22 23:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2003/03/04 04:50:00 | 000,073,134 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/03/04 04:50:00 | 000,053,870 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys -- (L8042pr2)
DRV - [2002/08/29 00:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\an983.sys -- (AN983)
DRV - [2002/04/18 21:15:26 | 000,055,216 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/04/18 21:15:26 | 000,022,713 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2001/11/06 07:06:28 | 000,015,399 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\netmotcm.sys -- (ndiscm)
DRV - [2001/11/06 00:00:00 | 000,087,018 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel®
DRV - [2001/11/06 00:00:00 | 000,013,654 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001/09/10 10:43:46 | 000,205,824 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2001/09/04 16:37:08 | 000,233,344 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2001/09/04 15:39:50 | 000,017,990 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2001/09/04 15:39:40 | 000,019,702 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2001/09/04 15:39:28 | 000,078,454 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2K)
DRV - [2001/08/31 00:40:30 | 000,282,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtaa.sys -- (ati2mtaa)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 13:52:24 | 000,038,144 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\hpt3xx.sys -- (hpt3xx)
DRV - [2001/08/17 13:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 12:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4.SYS -- (nv4)
DRV - [2001/08/17 12:48:52 | 000,281,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mpaa.sys -- (ati2mpaa)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2001/08/09 21:03:00 | 000,070,084 | ---- | M] (MK Systems CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EPLPDX02.SYS -- (Eplpdx02)
DRV - [2001/07/25 17:58:28 | 000,584,336 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hsf_cnxt.sys -- (winachsf)
DRV - [2001/07/18 19:06:40 | 000,426,783 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\k56nt.sys -- (K56)
DRV - [2001/07/18 19:06:12 | 000,127,405 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\fsksnt.sys -- (Fsks)
DRV - [2001/07/18 19:05:26 | 000,217,019 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\faxnt.sys -- (SoftFax)
DRV - [2001/07/18 19:04:26 | 000,056,607 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tonesnt.sys -- (Tones)
DRV - [2001/07/18 19:04:04 | 000,310,899 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\fallback.sys -- (Fallback)
DRV - [2001/07/18 19:01:56 | 000,077,426 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\basic2.sys -- (basic2)
DRV - [2001/07/18 19:01:38 | 000,067,654 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\rksample.sys -- (Rksample)
DRV - [2001/07/18 19:01:20 | 000,534,125 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\v124nt.sys -- (V124)
DRV - [2000/10/03 15:18:24 | 000,006,942 | ---- | M] (Netropa Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Msikbd2k.sys -- (Msikbd2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Data = C3 17 11 E0 B2 A4 AC 29 3E F1 D7 B3 41 49 19 66 EF FE DE 71 3C 18 BA 0A F9 AA 17 17 FE 78 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.r21.mchsi.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = sas.r21.mchsi.com:8000

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\Teresa L\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Teresa L\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/06/25 21:15:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/02 17:33:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/02 17:33:04 | 000,000,000 | ---D | M]

[2010/06/25 20:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Teresa L\Application Data\Mozilla\Extensions
[2010/06/25 20:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Teresa L\Application Data\Mozilla\Extensions\[email protected]

O1 HOSTS File: ([2010/08/02 11:31:38 | 000,415,577 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14347 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files\GameBox\gamebox_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files\GameBox\gamebox_toolbar.dll ()
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [uprom] C:\Program Files\Upromise__RemindU\UpromiseRemindUv.exe ()
O4 - HKCU..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe File not found
O4 - HKCU..\Run: [pdfSaver3] C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S File not found
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1 File not found
O4 - HKCU..\Run: [WinTOTAL Scheduler] C:\WIN2000\guru.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
O4 - Startup: C:\Documents and Settings\Teresa L\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Teresa L\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: RemindU - C:\Documents and Settings\Teresa L\Application Data\Upromise__RemindU\uprot\uproC5.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: MLXchange.com ([]* is out of zone range - 5)
O15 - HKCU\..Trusted Ranges: me ([*] in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp...ads/sysinfo.cab (SysData Class)
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} http://iow.mlxchange...ectComboBox.cab (Interealty MultiSelect)
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} http://a1540.g.akama...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1149624254156 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1168371201343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoft...free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7846.7826041667 (Reg Error: Key error.)
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} http://spherion.cent...aDownloader.cab (CentraDownloaderCtl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} http://geodallas.co....s/acgm/Acgm.cab (ActiveCGM Control)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2292F091-F720-4C6E-93DC-2A38AA4FF041}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1A0C2D0-E549-496C-9B35-591E382433D5}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\gameboxchrome {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Program Files\GameBox\gamebox_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Teresa L\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Teresa L\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/11/15 07:31:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/09/23 05:20:27 | 000,863,012 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/09/23 05:21:55 | 000,862,237 | R--- | M] () - E:\autorun_min.inf -- [ CDFS ]
O32 - AutoRun File - [2010/07/29 00:52:30 | 000,000,035 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0b4e89aa-6112-11df-bc64-000c4125dba6}\Shell - "" = AutoRun
O33 - MountPoints2\{0b4e89aa-6112-11df-bc64-000c4125dba6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0b4e89aa-6112-11df-bc64-000c4125dba6}\Shell\AutoRun\command - "" = G:\PhotoViewerAP_V6.0.1.exe
O33 - MountPoints2\{33541346-e994-11dd-991b-000c4125dba6}\Shell - "" = AutoRun
O33 - MountPoints2\{33541346-e994-11dd-991b-000c4125dba6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{33541346-e994-11dd-991b-000c4125dba6}\Shell\AutoRun\command - "" = I:\MI.exe
O33 - MountPoints2\{c12fae16-e064-11e0-bcb1-000c4125dba6}\Shell\AutoRun\command - "" = RunClubSanDisk.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/21 20:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Teresa L\Application Data\OnlineArmor
[2011/09/21 20:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2011/09/21 20:11:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Online Armor
[2011/09/21 20:11:23 | 000,029,464 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2011/09/21 20:11:23 | 000,025,192 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2011/09/21 20:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Online Armor
[2011/09/21 13:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/09/21 13:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2011/09/21 13:25:31 | 012,585,160 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Teresa L\My Documents\SUPERAntiSpyware.exe
[2011/09/21 13:18:33 | 003,194,296 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\Teresa L\My Documents\spywareblastersetup44.exe
[2007/01/09 15:13:34 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\HijackThis.exe
[2004/12/16 10:33:00 | 000,040,960 | ---- | C] ( ) -- C:\WINDOWS\System32\alaLIB.dll
[2004/10/20 16:39:54 | 000,110,592 | ---- | C] ( ) -- C:\WINDOWS\System32\alaUploader.exe
[2004/07/28 12:46:06 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\AutoLicense.dll
[2002/07/16 18:12:58 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\AutoPAX.dll
[2002/04/29 12:04:40 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/22 09:48:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/09/22 09:01:01 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/22 08:22:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-917563655-2163411867-2876842818-1006.job
[2011/09/22 08:06:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/22 08:06:45 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/21 22:19:30 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/09/21 20:11:50 | 000,436,488 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/09/21 20:11:50 | 000,069,616 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/09/21 13:55:09 | 000,003,163 | ---- | M] () -- C:\WINDOWS\ALAMODE.INI
[2011/09/21 13:38:06 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/21 13:25:31 | 012,585,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Teresa L\My Documents\SUPERAntiSpyware.exe
[2011/09/21 13:18:43 | 003,194,296 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\Teresa L\My Documents\spywareblastersetup44.exe
[2011/09/21 12:07:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-917563655-2163411867-2876842818-1006.job
[2011/09/06 03:55:48 | 000,040,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2011/09/06 03:55:28 | 000,029,464 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2011/09/06 03:55:28 | 000,025,192 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2011/09/06 03:55:26 | 000,205,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/21 22:19:29 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/09/21 20:11:23 | 000,205,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2011/09/21 20:11:23 | 000,040,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2011/09/21 13:38:06 | 000,001,712 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/02 17:14:03 | 000,206,433 | ---- | C] () -- C:\WINDOWS\hpwins28.dat.temp
[2011/05/02 17:14:03 | 000,000,418 | ---- | C] () -- C:\WINDOWS\hpwmdl28.dat.temp
[2011/05/02 13:57:19 | 000,207,298 | ---- | C] () -- C:\WINDOWS\hpwins28.dat
[2011/05/02 13:57:19 | 000,000,418 | ---- | C] () -- C:\WINDOWS\hpwmdl28.dat
[2010/08/01 19:27:53 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/08/30 16:34:57 | 000,000,035 | ---- | C] () -- C:\WINDOWS\mercury.ini
[2008/03/27 12:46:08 | 000,021,312 | ---- | C] () -- C:\WINDOWS\choice.exe
[2007/11/14 13:45:36 | 000,003,163 | ---- | C] () -- C:\WINDOWS\ALAMODE.INI
[2007/07/27 14:50:58 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/07/27 14:43:58 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/02/19 14:07:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/02/19 13:55:11 | 000,071,127 | ---- | C] () -- C:\WINDOWS\hpqins01.dat
[2007/02/07 15:03:44 | 000,070,789 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2007/01/14 11:37:54 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/01/09 15:44:31 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Teresa L\Local Settings\Application Data\fusioncache.dat
[2007/01/09 15:35:11 | 000,112,897 | ---- | C] () -- C:\WINDOWS\hpoins07.dat.temp
[2007/01/09 15:35:10 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat.temp
[2007/01/09 13:30:04 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2006/06/19 09:09:56 | 000,112,346 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2006/06/19 09:09:56 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2005/05/11 15:25:32 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\alaMapi.dll
[2004/11/17 18:27:52 | 000,000,559 | ---- | C] () -- C:\WINDOWS\System32\alaUploader.exe.config
[2004/09/27 17:27:38 | 000,000,045 | ---- | C] () -- C:\WINDOWS\FBCMJONP.ini
[2004/09/27 09:43:37 | 000,004,732 | ---- | C] () -- C:\WINDOWS\Dzugtnie.ini
[2004/09/06 10:58:28 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2004/08/11 09:07:00 | 000,003,522 | ---- | C] () -- C:\WINDOWS\TECHHELP.INI
[2004/06/24 22:25:48 | 001,159,168 | ---- | C] () -- C:\WINDOWS\System32\alaMFC2.dll
[2004/04/28 06:14:58 | 000,000,131 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/02/16 14:47:40 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2003/12/11 18:05:40 | 000,401,408 | ---- | C] () -- C:\WINDOWS\System32\AXF_AXS.dll
[2003/10/09 08:18:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\missouri.dll
[2003/08/13 21:04:06 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/01/31 11:34:32 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Teresa L\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/01/28 12:24:38 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\hlinkprx.dll
[2003/01/28 12:24:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2003/01/23 15:55:16 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\fmt_xmf.dll
[2003/01/23 15:55:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\fmt_xcx.dll
[2003/01/22 19:29:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\fmt_jb2.dll
[2002/12/02 14:51:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2002/09/17 16:21:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2002/07/16 18:15:02 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\PAXMeta.dll
[2002/07/12 08:39:24 | 000,000,473 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2002/07/12 08:35:51 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPSC80.ini
[2002/07/09 11:49:22 | 000,000,081 | ---- | C] () -- C:\WINDOWS\DDETEST.ini
[2002/06/17 11:07:32 | 000,000,351 | ---- | C] () -- C:\WINDOWS\SKETCHER.INI
[2002/06/17 10:57:24 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\vskt2.ini
[2002/06/17 10:57:09 | 000,003,583 | ---- | C] () -- C:\WINDOWS\System32\AXWDDA1.DAT
[2002/05/08 21:05:02 | 000,000,204 | ---- | C] () -- C:\WINDOWS\TECHUSER.INI
[2002/04/29 12:05:06 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\TX32.dll
[2002/04/29 12:05:00 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\Postiex.dll
[2002/04/29 12:04:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P2kDesk.dll
[2002/04/29 12:04:41 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFfpx7.dll
[2002/04/29 12:04:41 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKodak.dll
[2002/04/29 12:04:40 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini
[2002/04/29 12:04:28 | 000,204,864 | ---- | C] () -- C:\WINDOWS\System32\AtxWrap.dll
[2002/04/29 12:04:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\alaIE.dll
[2002/04/29 12:04:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ala32.dll
[2002/04/29 09:13:52 | 000,000,082 | ---- | C] () -- C:\WINDOWS\eFaxView.ini
[2002/04/26 13:03:04 | 000,000,020 | ---- | C] () -- C:\WINDOWS\InfModM.ini
[2002/04/18 21:21:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/04/18 21:17:07 | 000,000,312 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2002/04/18 21:17:07 | 000,000,269 | ---- | C] () -- C:\WINDOWS\MSIOSD.INI
[2002/04/18 21:17:06 | 000,000,049 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2002/04/18 21:17:05 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2002/04/18 21:16:50 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wgedit.ini
[2002/04/18 21:16:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\uninstBVRP.dll
[2002/04/18 21:15:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\uneng.exe
[2002/04/18 21:11:40 | 000,000,899 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/04/18 21:10:57 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/04/18 21:06:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2002/04/18 21:03:58 | 000,306,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/04/18 19:41:16 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/03/12 11:16:04 | 004,781,852 | ---- | C] () -- C:\Program Files\Word 2002 Support Template.cab
[2002/03/12 11:15:52 | 000,001,474 | ---- | C] () -- C:\Program Files\Setup.lst
[2001/11/15 08:19:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2001/11/15 07:39:06 | 000,436,488 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2001/11/15 07:39:06 | 000,069,616 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2001/11/15 07:31:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/11/15 07:28:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001/08/23 15:07:14 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2001/08/23 15:07:02 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2001/08/18 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2001/08/18 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2001/08/18 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2001/08/18 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2001/08/18 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2001/08/18 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/10 13:14:16 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ImapiRoxPS.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/09/13 21:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[1999/09/15 15:03:48 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DP2kFrms.dll
[1999/08/17 09:50:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\DeskSkt.dll
[1980/01/01 00:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\Nhksrv.exe

========== LOP Check ==========

[2010/02/08 17:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/02/02 17:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2011/01/18 18:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/09/21 22:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2002/04/18 21:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Imaging
[2011/09/21 13:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2011/09/21 13:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/04/06 11:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Upromise__RemindU
[2004/09/27 20:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/09/18 20:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Amazon
[2010/06/01 09:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Facebook
[2010/07/29 10:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\GameBox
[2011/03/24 22:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Image Zone Express
[2002/04/29 12:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\InterTrust
[2011/01/18 17:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Leadertech
[2011/01/19 08:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Memeo
[2010/07/23 18:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\mjusbsp
[2007/04/13 22:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\NCH Swift Sound
[2011/09/21 20:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\OnlineArmor
[2004/01/29 16:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\QcBar
[2011/01/18 18:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Seagate
[2004/09/12 16:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\STOPzilla!
[2010/06/07 19:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Titanium Gears
[2007/04/25 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Uniblue
[2011/09/22 08:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Teresa L\Application Data\Upromise__RemindU
[2003/06/07 09:43:39 | 000,000,160 | ---- | M] () -- C:\WINDOWS\Tasks\.job
[2011/09/22 09:01:01 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

Edited by realapp, 22 September 2011 - 08:56 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP