Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP Antivirus 2012 Partial Fix - Windows files moved


  • Please log in to reply

#1
KurtA

KurtA

    New Member

  • Member
  • Pip
  • 2 posts
HI,

I was trying to follow directions given to others for similar problems with XP Antivirus and Google redirects. I think I was able to get rid of the XP Antivirus 2012 and the Google redirect issues so now my internet browser is fast like it used to be. However, it looks like system files were moved as part of the fix and now other things like "Help and Suppport" function off the start button and media player don't work.

To try and fix my problems I ran OTM, RKill, malwarebytes, erunt, and combofix. I could not get combofix to run completely. I let it run for a couple of hours and then shut the computer down. Combofix said it found a rootkit, but then it seem to stall. After rebooting, I could not reestablish an internet connection. I used ERUNT to reboot from a file from a couple of days ago. After ERUNT, everything seemed to working great until I found the problems above.

On my C: drive in the Windows folder, there are now about 300 uninstall folders. I am guessing this is what is cousing some thinkg not to work.

Below is the OTL log.

Thanks


OTL logfile created on: 12/21/2011 7:45:08 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\DowdenFamily\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.36 Mb Total Physical Memory | 475.64 Mb Available Physical Memory | 46.89% Memory free
2.38 Gb Paging File | 2.01 Gb Available in Paging File | 84.37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 39.28 Gb Free Space | 52.73% Space Free | Partition Type: NTFS

Computer Name: DOWDEN | User Name: DowdenFamily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/21 19:44:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DowdenFamily\Desktop\OTL.exe
PRC - [2011/06/09 12:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/05 18:30:52 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe
PRC - [2006/09/21 03:36:18 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (No Company Name) ==========

MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Unknown | Stopped] -- -- (mfevtp)
SRV - File not found [Unknown | Stopped] -- -- (McTaskManager)
SRV - File not found [Unknown | Stopped] -- -- (McShield)
SRV - File not found [Unknown | Stopped] -- -- (McAfeeFramework)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2008/11/25 19:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/01 13:33:16 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2007/03/04 20:54:54 | 000,709,632 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-msgr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?ilc=16
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\DowdenFamily\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)



Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111206193438.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey File not found
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE File not found
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\DowdenFamily\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5E03F4C-C7A5-44F2-8896-D2420D92D75E}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/12 00:22:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5cbbc478-8b1f-11de-9138-0019dbd8b8bb}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O33 - MountPoints2\{86a37250-ccad-11dd-9058-0019dbd8b8bb}\Shell - "" = AutoRun
O33 - MountPoints2\{86a37250-ccad-11dd-9058-0019dbd8b8bb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{86a37250-ccad-11dd-9058-0019dbd8b8bb}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/21 19:44:37 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DowdenFamily\Desktop\OTL.exe
[2011/12/21 18:18:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/12/21 17:48:38 | 001,832,544 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\DowdenFamily\Desktop\MCPR.exe
[2011/12/20 21:34:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\DowdenFamily\Start Menu\Programs\Administrative Tools
[2011/12/20 21:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/12/20 19:31:00 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/20 18:22:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/20 18:11:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/20 18:11:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/20 18:11:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/20 18:11:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/20 17:58:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/19 20:13:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DowdenFamily\Desktop\GooredFix Backups
[2011/12/19 19:55:58 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/12/19 19:47:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/19 19:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/12/19 19:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/12/19 19:43:02 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\DowdenFamily\Desktop\erunt-setup.exe
[2011/12/19 09:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/12/18 19:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/12/18 19:09:27 | 000,000,000 | RH-D | C] -- C:\AHCache
[2011/12/18 18:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/12/17 21:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/12/17 13:08:14 | 000,000,000 | RHSD | C] -- C:\WINDOWS\assembly
[2011/12/17 13:08:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2011/12/13 23:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/12/13 23:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/12/09 13:54:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DowdenFamily\Recent
[2011/12/09 12:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/12/09 12:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/12/06 22:17:35 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2011/12/06 19:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DowdenFamily\Application Data\McAfee
[2011/12/06 19:34:39 | 000,074,848 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\MfeOtlkAddin.dll
[2011/12/06 19:34:39 | 000,022,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\MFEOtlk.dll
[2011/12/06 19:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/12/06 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/12/06 15:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/06 14:47:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/11/29 21:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DowdenFamily\Start Menu\Programs\System Fix
[2011/11/24 15:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2 C:\Documents and Settings\DowdenFamily\My Documents\*.tmp files -> C:\Documents and Settings\DowdenFamily\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\DowdenFamily\Desktop\*.tmp files -> C:\Documents and Settings\DowdenFamily\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/21 19:44:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DowdenFamily\Desktop\OTL.exe
[2011/12/21 19:31:01 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/21 17:48:43 | 001,832,544 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\DowdenFamily\Desktop\MCPR.exe
[2011/12/21 17:41:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/21 17:41:01 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/21 17:40:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/21 17:40:09 | 010,158,080 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\ntuser.bak
[2011/12/20 18:22:59 | 000,000,328 | RHS- | M] () -- C:\boot.ini
[2011/12/20 17:56:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/19 19:45:00 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/19 19:44:42 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\Desktop\ERUNT.lnk
[2011/12/19 19:43:12 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\DowdenFamily\Desktop\erunt-setup.exe
[2011/12/18 18:54:50 | 000,400,294 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/18 18:54:50 | 000,060,580 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/17 19:43:53 | 000,017,894 | -HS- | M] () -- C:\Documents and Settings\DowdenFamily\Local Settings\Application Data\081254y2c470n742w407s0hnf7d4
[2011/12/17 19:43:53 | 000,017,894 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\081254y2c470n742w407s0hnf7d4
[2011/12/14 17:23:57 | 000,233,984 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/09 13:01:55 | 000,438,843 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111209-140629.backup
[2011/12/06 19:33:58 | 000,074,848 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\MfeOtlkAddin.dll
[2011/12/06 19:33:58 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\MFEOtlk.dll
[2011/12/06 14:35:54 | 000,709,968 | ---- | M] () -- C:\WINDOWS\is-NMA1D.exe
[2011/12/06 14:35:54 | 000,010,498 | ---- | M] () -- C:\WINDOWS\is-NMA1D.msg
[2011/12/06 14:35:54 | 000,000,338 | ---- | M] () -- C:\WINDOWS\is-NMA1D.lst
[2011/11/29 20:16:39 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/11/24 16:38:36 | 000,168,810 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\My Documents\test 001.jpg
[2011/11/24 16:38:23 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\Desktop\Scanner and Camera Wizard (2).lnk
[2011/11/24 16:37:02 | 000,292,485 | ---- | M] () -- C:\Documents and Settings\DowdenFamily\My Documents\test.jpg
[2011/11/24 16:29:17 | 000,068,268 | ---- | M] () -- C:\WINDOWS\hpoins05.dat
[2 C:\Documents and Settings\DowdenFamily\My Documents\*.tmp files -> C:\Documents and Settings\DowdenFamily\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\DowdenFamily\Desktop\*.tmp files -> C:\Documents and Settings\DowdenFamily\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/20 18:22:57 | 000,000,212 | ---- | C] () -- C:\Boot.bak
[2011/12/20 18:22:45 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/20 18:11:37 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/20 18:11:37 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/20 18:11:37 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/20 18:11:37 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/20 18:11:37 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/19 20:04:21 | 010,158,080 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\ntuser.bak
[2011/12/19 19:45:00 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/19 19:44:42 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Desktop\ERUNT.lnk
[2011/12/19 15:37:25 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\d3d9caps.dat
[2011/12/13 23:47:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/13 23:33:09 | 000,017,894 | -HS- | C] () -- C:\Documents and Settings\DowdenFamily\Local Settings\Application Data\081254y2c470n742w407s0hnf7d4
[2011/12/13 23:33:09 | 000,017,894 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\081254y2c470n742w407s0hnf7d4
[2011/12/06 19:22:24 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/06 19:22:24 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CyberLink PowerDVD.lnk
[2011/12/06 19:22:24 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/12/06 19:22:24 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/06 19:22:24 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/06 19:22:24 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2011/12/06 19:22:24 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 19:22:21 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/06 19:22:21 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/06 19:22:21 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/12/06 19:22:21 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/12/06 19:22:15 | 000,002,311 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/12/06 19:22:15 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/12/06 19:22:15 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2011/12/06 19:22:15 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/12/06 19:22:15 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat.com.lnk
[2011/12/06 14:35:54 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-NMA1D.exe
[2011/12/06 14:35:54 | 000,010,498 | ---- | C] () -- C:\WINDOWS\is-NMA1D.msg
[2011/12/06 14:35:54 | 000,000,338 | ---- | C] () -- C:\WINDOWS\is-NMA1D.lst
[2011/11/29 20:34:32 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/11/24 21:37:47 | 000,168,810 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\My Documents\test 001.jpg
[2011/11/24 21:35:02 | 000,292,485 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\My Documents\test.jpg
[2011/11/24 16:38:23 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Desktop\Scanner and Camera Wizard (2).lnk
[2011/11/24 16:26:06 | 000,068,268 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2011/11/24 16:26:06 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2010/09/16 15:42:37 | 000,000,418 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2010/09/16 15:42:05 | 000,000,624 | ---- | C] () -- C:\WINDOWS\EReg515.dat
[2009/10/13 18:26:34 | 000,054,996 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/01/11 14:01:52 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/17 20:17:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/12/15 00:24:43 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/12/13 23:07:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/12/12 00:24:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/12 00:20:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/11 21:53:06 | 000,233,984 | ---- | C] () -- C:\Documents and Settings\DowdenFamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/11 16:11:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/11 16:10:36 | 000,260,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/29 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/29 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/29 07:00:00 | 000,400,294 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/29 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/29 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/29 07:00:00 | 000,060,580 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/29 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/29 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/29 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/12/18 20:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2010/03/05 08:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/01/26 16:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/11/28 16:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/13 16:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/02/05 12:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DowdenFamily\Application Data\SuperAdBlocker.com

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
KurtA

KurtA

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Sorry, but I just found this OTL Extra log on my desktop.

Thanks again.

OTL Extras logfile created on: 12/21/2011 7:45:08 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\DowdenFamily\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.36 Mb Total Physical Memory | 475.64 Mb Available Physical Memory | 46.89% Memory free
2.38 Gb Paging File | 2.01 Gb Available in Paging File | 84.37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 39.28 Gb Free Space | 52.73% Space Free | Partition Type: NTFS

Computer Name: DOWDEN | User Name: DowdenFamily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"FirstRunDisabled" = 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 27
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}" = McAfee Agent
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5469D537-9B44-4c78-BF2D-5F9807564F74}" = HP PSC & OfficeJet 4.7
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}" = McAfee VirusScan Enterprise
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FDC8065B-80DE-4466-B90B-2581F6D77DFF}" = Image Plugin
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"ERUNT_is1" = ERUNT 1.1j
"HP Photo & Imaging" = HP Image Zone 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MDI Converter_is1" = MDIConverter 2.3
"MDI Viewer_is1" = MDIViewer 2.3
"Mickey Mouse Preschool" = Disney's Mickey Mouse Preschool
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"VIA Chrome9 HC IGP Display" = VIA/S3G Display Driver 6.14.10.0086
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/20/2011 8:14:57 PM | Computer Name = DOWDEN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/20/2011 8:19:31 PM | Computer Name = DOWDEN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 12/20/2011 8:27:25 PM | Computer Name = DOWDEN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 12/20/2011 10:01:04 PM | Computer Name = DOWDEN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 12/20/2011 10:12:05 PM | Computer Name = DOWDEN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 12/20/2011 10:12:19 PM | Computer Name = DOWDEN | Source = McLogEvent | ID = 5022
Description =

Error - 12/20/2011 10:19:43 PM | Computer Name = DOWDEN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 12/20/2011 10:19:57 PM | Computer Name = DOWDEN | Source = McLogEvent | ID = 5022
Description =

Error - 12/21/2011 6:23:10 PM | Computer Name = DOWDEN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 12/21/2011 6:24:18 PM | Computer Name = DOWDEN | Source = Application Error | ID = 1004
Description = Faulting application ping.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x01010101.

[ System Events ]
Error - 12/21/2011 6:37:43 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the TCP/IP
Protocol Driver service which failed to start because of the following error: %%1068

Error - 12/21/2011 6:38:23 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7000
Description = The IPSEC driver service failed to start due to the following error:
%%123

Error - 12/21/2011 6:38:23 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7001
Description = The TCP/IP Protocol Driver service depends on the IPSEC driver service
which failed to start because of the following error: %%123

Error - 12/21/2011 6:38:23 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the TCP/IP
Protocol Driver service which failed to start because of the following error: %%1068

Error - 12/21/2011 6:40:55 PM | Computer Name = DOWDEN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.2.6 for the Network Card with network
address 0019DBD8B8BB has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 12/21/2011 6:42:39 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7000
Description = The McAfee Framework Service service failed to start due to the following
error: %%2

Error - 12/21/2011 6:42:39 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7000
Description = The McAfee Task Manager service failed to start due to the following
error: %%3

Error - 12/21/2011 6:42:39 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7001
Description = The McAfee Validation Trust Protection Service service depends on
the McAfee Inc. mfehidk service which failed to start because of the following error:
%%31

Error - 12/21/2011 6:42:39 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7001
Description = The McAfee McShield service depends on the McAfee Validation Trust
Protection Service service which failed to start because of the following error:
%%1068

Error - 12/21/2011 6:42:39 PM | Computer Name = DOWDEN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
mfehidk mfetdi2k SABKUTIL


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP