[beachguppy]

I don't know when this happened; about 2 months ago. (Just found you guy's). I'm not real tech savy. Must have been when I downloaded something from internet which cleared through security. My add/remove program will not work. And there are alot of strange files in there. Some you click on and there is no remove button and alot of them you can't even highlight. After this I thought that I would use system restore and go back to an earlier date where everything was fine; but....my system restore is messed up and all restore dates are gone. Nothing works in safe mode either. Attached is OTL text. PLEASE HELP this old lady!

OTL logfile created on: 11/30/2011 7:04:35 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.48 Mb Total Physical Memory | 26.20 Mb Available Physical Memory | 5.13% Memory free
1.64 Gb Paging File | 0.78 Gb Available in Paging File | 47.47% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.71 Gb Total Space | 63.58 Gb Free Space | 60.71% Space Free | Partition Type: NTFS
Drive D: | 7.05 Gb Total Space | 0.37 Gb Free Space | 5.25% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/30 19:00:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2010/05/23 00:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
PRC - [2009/12/08 12:38:16 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7617\Webshots.scr
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/05/19 14:49:03 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe


========== Modules (No Company Name) ==========

MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2006/06/20 22:44:04 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxcvdrpp.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/05/23 00:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe -- (NSL)
SRV - [2010/01/25 16:07:02 | 000,041,272 | ---- | M] (SentryBay) [Disabled | Stopped] -- C:\Program Files\SentryBay\sbupdate.exe -- (sbupdate)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/03/18 12:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/18 19:23:42 | 000,547,352 | R--- | M] (Sana Security) [Disabled | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\Bin\SanaSafeConnectWatcher.exe -- (SanaSafeConnectWatcher)
SRV - [2007/10/18 19:23:38 | 005,218,328 | R--- | M] (Sana Security) [Disabled | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\Bin\SanaAgent.exe -- (SanaSafeConnectAgent)
SRV - [2006/06/21 10:56:58 | 000,528,384 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\lxcvcoms.exe -- (lxcv_device)
SRV - [2005/09/29 14:55:38 | 000,069,632 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\FreezeScreenSaver.exe -- (FreezeScreenSaver)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111123.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 03:33:14 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/09 03:33:13 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/09/13 20:03:53 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111130.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/09/13 20:03:53 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111130.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/22 23:17:32 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111129.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/07/18 11:39:43 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/03/30 22:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,369,784 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 21:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 01:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 00:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/07/27 04:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 04:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/12/25 18:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP)
DRV - [2008/03/21 12:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/10/18 19:24:02 | 000,160,280 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\driver\platform_XP\SafeConnectDriver.sys -- (SanaSafeConnectDriver)
DRV - [2007/10/18 19:24:02 | 000,027,312 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\driver\platform_XP\SafeConnectShim.sys -- (SanaSafeConnectShim)
DRV - [2007/10/18 19:24:00 | 000,030,232 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\driver\platform_XP\SafeConnectFilter.sys -- (SanaSafeConnectFilter)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/08/02 10:45:32 | 000,114,560 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr7910.sys -- (mr7910)
DRV - [2005/02/22 18:36:04 | 000,986,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/03 09:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/10/01 14:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.0.3799
FF - prefs.js..extensions.enabledItems: {8bc5b5eb-0ec4-46ed-a024-ace8a3032888}:4.2.3.5
FF - prefs.js..extensions.enabledItems: [email protected]:4.2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..keyword.URL: "http://search.yahoo....ch?fr=ffds1&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"


FF - HKLM\Software\MozillaPlugins\@ei.Guffins.com/Plugin: C:\Program Files\GuffinsEI\Installr\1.bin\NPu4EISB.dll (Guffins)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_3_6 [2011/11/30 10:06:56 | 000,000,000 | ---D | M]

[2009/07/26 17:02:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/07/26 17:02:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2011/02/12 12:47:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\extensions
[2009/08/02 09:44:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/06/21 09:03:41 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009/03/31 11:29:41 | 000,002,139 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\searchplugins\MyStart Search.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\COFFPLGN
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPLGN
[2009/06/09 20:01:52 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/02/06 13:31:03 | 000,000,000 | ---D | M] (Secure Browse) -- C:\PROGRAM FILES\SENTRYBAY\PHISHLOCK\FFEXT
[2010/02/06 13:31:03 | 000,000,000 | ---D | M] (Suze Orman Website Checker) -- C:\PROGRAM FILES\SENTRYBAY\PHISHLOCK\PHISHTANKSITECHECKER
[2010/02/06 13:31:02 | 000,000,000 | ---D | M] (Suze Orman) -- C:\PROGRAM FILES\SENTRYBAY\SECURE BROWSE\TOOLBAR\FFEXT
[2009/09/09 09:44:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

========== Chrome ==========

CHR - default_search_provider: Search the Web ()
CHR - default_search_provider: search_url = http://search.imgag....q={searchTerms}
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2009/07/13 10:59:41 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {C26CD490-5F01-41E3-B150-EB29F19DA056} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (Secure Browse) - {ff507020-a257-4527-a222-b6f5732e55ee} - C:\Program Files\SentryBay\PhishLock\plbho.dll (SentryBay)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Suze Orman) - {e7d4a654-4204-491a-8d4d-227d48fd3626} - C:\Program Files\SentryBay\Secure Browse\toolbar\ieext.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-95BA-ED6DB186BE32} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [LXCVCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCVtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [SpeedItUpEX] C:\Program Files\SpeedItup Free\SpeedItUp.exe -MINI File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8881395D-A056-408B-9FFA-83B9237B1CB3}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/04 18:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/30 19:00:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2011/11/30 18:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\GuffinsEI
[2011/11/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\ShopAtHome
[2008/11/18 18:20:53 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvinpa.dll
[2008/11/18 18:20:53 | 000,393,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcviesc.dll
[2008/11/18 18:20:52 | 000,983,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvusb1.dll
[2008/11/18 18:20:51 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvserv.dll
[2008/11/18 18:20:50 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvprox.dll
[2008/11/18 18:20:49 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvpmui.dll
[2008/11/18 18:20:49 | 000,528,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvlmpm.dll
[2008/11/18 18:20:49 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvpplc.dll
[2008/11/18 18:20:46 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvih.exe
[2008/11/18 18:20:45 | 000,528,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcoms.exe
[2008/11/18 18:20:44 | 000,667,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcomc.dll
[2008/11/18 18:20:44 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcomm.dll
[2008/11/18 18:20:44 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcfg.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/30 19:00:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2011/11/30 10:08:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/30 10:06:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/30 10:06:08 | 535,351,296 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/29 15:20:43 | 000,014,650 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2011/11/09 14:07:26 | 000,528,534 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/09 14:07:26 | 000,107,032 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/09 03:05:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/08 21:19:16 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Microsoft Word.lnk
[2011/11/02 12:13:31 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Webshots.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/13 13:36:08 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/14 18:49:54 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/02 08:34:15 | 000,162,047 | ---- | C] () -- C:\WINDOWS\My Medical History 2010 Free Uninstaller.exe
[2010/05/04 10:51:57 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/02/12 16:28:54 | 000,113,167 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2010/02/12 16:28:54 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2009/08/06 18:51:56 | 000,000,029 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/07/06 13:58:19 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009/03/17 07:19:25 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/12/29 09:48:27 | 000,000,207 | ---- | C] () -- C:\WINDOWS\acez3dfireplace.ini
[2008/12/27 08:58:59 | 000,000,065 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2008/11/18 18:21:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcvvs.dll
[2008/11/18 18:21:43 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\lxcvcoin.dll
[2008/11/18 18:20:54 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCVinst.dll
[2008/11/05 08:27:43 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\FreezeScreenSaver.exe
[2008/10/26 12:04:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/10/25 13:42:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/10/25 12:09:34 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2008/03/03 13:14:48 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/03/03 12:54:52 | 000,000,073 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/10/15 17:24:03 | 000,000,074 | ---- | C] () -- C:\WINDOWS\acezhauntedhouse.ini
[2007/08/10 09:20:34 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2007/08/10 09:20:17 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2007/08/10 09:19:34 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll
[2007/08/10 09:19:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll
[2007/08/10 09:19:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll
[2007/08/10 09:19:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll
[2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll
[2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll
[2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll
[2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll
[2007/08/10 09:19:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll
[2007/08/10 09:19:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll
[2007/08/10 09:19:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll
[2007/08/10 09:19:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll
[2007/08/10 09:19:34 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll
[2007/08/09 10:24:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007/07/17 11:15:43 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/11 16:42:31 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/04 18:44:04 | 000,014,650 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2006/11/26 17:51:41 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2006/11/12 12:41:29 | 000,028,672 | ---- | C] () -- C:\WINDOWS\vorbisfile.dll
[2006/11/12 12:41:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\vorbis.dll
[2006/11/12 12:41:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\ogg.dll
[2006/11/02 21:27:08 | 000,000,049 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/10/22 13:55:35 | 000,000,838 | ---- | C] () -- C:\WINDOWS\sshot.ini
[2006/10/22 13:50:18 | 000,000,123 | ---- | C] () -- C:\WINDOWS\PTMAIL.INI
[2006/10/22 13:50:18 | 000,000,069 | ---- | C] () -- C:\WINDOWS\Parsons.ini
[2006/09/30 22:25:50 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006/09/04 19:16:24 | 000,001,125 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2006/09/04 17:20:49 | 000,009,813 | ---- | C] () -- C:\WINDOWS\System32\_MSSETUP.EXE
[2006/09/04 17:20:49 | 000,005,165 | ---- | C] () -- C:\WINDOWS\System32\_BOOTSTP.EXE
[2006/09/04 17:00:05 | 000,000,640 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/09/04 15:54:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2006/09/04 15:52:13 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/09/04 15:49:48 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2006/09/04 15:49:47 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2006/05/19 15:38:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/19 15:13:29 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/05/19 15:09:06 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
[2006/05/19 15:07:54 | 000,667,896 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2006/05/19 15:07:54 | 000,001,227 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/05/19 15:07:44 | 000,012,993 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/05/19 15:07:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/05/19 15:05:14 | 000,000,166 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/05/19 15:03:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/19 14:51:33 | 000,000,109 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/05/19 14:49:52 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/05/19 14:49:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/05/19 14:44:32 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/05/19 14:43:06 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/05/19 14:24:22 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/05/19 14:20:38 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/12/04 19:05:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/12/04 18:55:08 | 000,528,534 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/12/04 18:55:08 | 000,107,032 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/12/04 18:53:22 | 000,477,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/12/04 18:50:02 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/12/04 18:48:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/01/18 15:05:36 | 000,079,320 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004/08/03 23:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/03 23:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/03 23:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/03 23:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/03 23:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/03 23:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/03 23:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/03 23:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/08/03 23:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/03 23:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/03 23:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/03 23:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/03 23:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/06/15 09:38:00 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/16 13:22:44 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2003/01/16 13:22:44 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/27 15:32:01 | 017,186,609 | ---- | C] () -- C:\WINDOWS\Key West and Florida Keys Screen Saver.dat
[2001/08/23 10:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 10:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/10/12 01:20:00 | 000,049,664 | ---- | C] () -- C:\WINDOWS\unins001.exe
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/07/12 01:13:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\HSZlib.dll

========== LOP Check ==========

[2011/02/12 12:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\275D
[2010/03/11 10:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2009/04/29 08:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2011/06/21 12:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BearShare
[2006/11/02 18:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2010/01/22 10:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/01/22 11:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2009/02/28 19:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cozi
[2010/01/18 14:38:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DataComm64
[2008/03/08 11:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/01/04 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2008/03/03 12:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2008/03/10 17:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamingSquared
[2009/03/31 10:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/03/31 10:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2010/02/03 15:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JpegSizer
[2009/09/10 07:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\old norton
[2009/09/10 06:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\old sym
[2011/08/30 14:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/07/08 08:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/08/06 18:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2007/03/22 19:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2011/08/22 13:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2010/01/04 13:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/11/01 08:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\StrataTicker
[2010/01/30 11:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/20 22:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
[2008/11/17 19:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
[2010/06/18 10:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/28 09:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE
[2009/03/14 18:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2011/06/21 12:09:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{4B337C2B-E6F0-4B28-98E9-248E1772D7EA}
[2010/03/12 10:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AGI
[2009/03/14 19:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Anabel
[2009/04/29 08:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AT&T
[2011/06/21 09:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\bearsharemediabartb
[2008/10/25 12:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Big Fish Games
[2011/08/21 19:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DriverCure
[2007/10/15 17:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\elefundesktops
[2011/08/21 19:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ElevatedDiagnostics
[2011/04/02 17:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\EmailNotifier
[2006/09/05 13:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FUJIFILM
[2007/06/23 11:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FunWebProducts
[2009/01/21 14:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo
[2006/11/15 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ICAClient
[2011/11/01 08:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
[2007/02/01 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2011/11/09 14:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MP3Rocket
[2006/09/30 09:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2010/01/06 10:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\myfreezetoolbar
[2007/02/15 18:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Opera
[2006/09/09 17:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PlayFirst
[2009/08/06 18:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PopCapv1001
[2008/02/27 09:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart
[2011/08/21 19:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpeedMaxPc
[2010/01/04 14:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpinTop
[2010/01/04 14:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpinTop Games
[2007/04/08 11:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2009/12/13 18:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Tific
[2009/03/28 21:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
[2006/10/22 12:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Webshots
[2007/07/17 10:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinBatch
[2010/01/17 20:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Windows Live Writer
[2009/05/31 02:30:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job
[2011/08/21 19:45:33 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedMaxPc Defrag.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90D89144
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F09BC2E
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69B9AAE7

< End of report >

OTL Extras logfile created on: 11/30/2011 7:04:35 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.48 Mb Total Physical Memory | 26.20 Mb Available Physical Memory | 5.13% Memory free
1.64 Gb Paging File | 0.78 Gb Available in Paging File | 47.47% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.71 Gb Total Space | 63.58 Gb Free Space | 60.71% Space Free | Partition Type: NTFS
Drive D: | 7.05 Gb Total Space | 0.37 Gb Free Space | 5.25% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"6346:TCP" = 6346:TCP:*:Enabled:gnutella
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:Earthlink
"C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\FreeRIP3\freerip3.exe" = C:\Program Files\FreeRIP3\freerip3.exe:*:Enabled:FreeRIP
"C:\WINDOWS\system32\lxcvcoms.exe" = C:\WINDOWS\system32\lxcvcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Disabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Disabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Disabled:IncrediMail
"C:\Program Files\MP3 Rocket\MP3Rocket.exe" = C:\Program Files\MP3 Rocket\MP3Rocket.exe:*:Enabled:MP3 Rocket 5.2.3 PRO -- ()
"C:\Program Files\ATT-HSI\McciBrowser.exe" = C:\Program Files\ATT-HSI\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ATT-SST" = AT&T Self Support Tool
"BearShare 2 MediaBar" = MediaBar
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"HP Photo Creations" = HP Photo Creations
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MP3 Rocket" = MP3 Rocket
"N360" = Norton 360 Premier Edition
"NST" = Norton Safe Web Lite

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer2572067)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/1/2009 11:27:35 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:35 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

Error - 6/1/2009 11:27:36 AM | Computer Name = YOUR-D0F670B45A | Source = LiveUpdate | ID = 2752568
Description =

[ System Events ]
Error - 6/1/2009 10:48:52 PM | Computer Name = YOUR-D0F670B45A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/1/2009 10:50:03 PM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips ftsata2 intelppm SPBBCDrv SRTSP SRTSPX SYMTDI

Error - 6/1/2009 11:01:55 PM | Computer Name = YOUR-D0F670B45A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/2/2009 10:41:36 AM | Computer Name = YOUR-D0F670B45A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/2/2009 10:42:10 AM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips ftsata2 intelppm SPBBCDrv SRTSP SRTSPX SYMTDI

Error - 6/2/2009 11:28:05 AM | Computer Name = YOUR-D0F670B45A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/2/2009 11:33:42 AM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 6/2/2009 12:05:09 PM | Computer Name = YOUR-D0F670B45A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/2/2009 12:06:21 PM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips ftsata2 intelppm SPBBCDrv SRTSP SRTSPX SYMTDI

Error - 6/2/2009 12:54:44 PM | Computer Name = YOUR-D0F670B45A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

Attached Files

•  OTL.Txt   80.92KB   91 downloads
•  Extras.Txt   30.49KB   103 downloads

[Advertisements]

Hi,beachguppy! My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out.

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:

• Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
• Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
• Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
• Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
• You must reply within four days failure to reply will result in the topic being closed!
• Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
• Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
  Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

Download aswMBR.exe ( 1.8mB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply



Step 2.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select All Users
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  consrv.dll
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall
  C:\Windows\assembly\tmp\U\*.* /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  CREATERESTOREPOINT
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open a notepad window. OTL.Txt . It is saved in the same location as OTL.
• Post OTL.txt log

Step 3.

Please download GetPartitions from the link below on your desktop

getpartitions.exe

Double click to run it
It will produce C:\DiskReport.txt log please post results from that log here to me.


Step 4.

Please post:

OTL.txt
DiskReport.txt
aswMBR log

Edited by CompCav, 01 December 2011 - 09:05 PM.

[CompCav]

Hi,beachguppy! My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out.

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:

• Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
• Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
• Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
• Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
• You must reply within four days failure to reply will result in the topic being closed!
• Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
• Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
  Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

Download aswMBR.exe ( 1.8mB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply



Step 2.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select All Users
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  consrv.dll
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall
  C:\Windows\assembly\tmp\U\*.* /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  CREATERESTOREPOINT
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open a notepad window. OTL.Txt . It is saved in the same location as OTL.
• Post OTL.txt log

Step 3.

Please download GetPartitions from the link below on your desktop

getpartitions.exe

Double click to run it
It will produce C:\DiskReport.txt log please post results from that log here to me.


Step 4.

Please post:

OTL.txt
DiskReport.txt
aswMBR log

Edited by CompCav, 01 December 2011 - 09:05 PM.

[beachguppy]

I have been down with the flu. I'm going to start on this maybe this afternoon; I'm feeling alittle better. I do have a question though.On step 2; Am I going to paste everything from the beginning down to where it says create restore point?

[CompCav]

I am sorry to hear you were down with the flu. The shots this year are not protecting us very well.

But I am glad you are feeling a little better.

Just paste all of this in:



netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
CREATERESTOREPOINT




CompCav

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.