Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP SP3 Hangs, Freezes [Solved]


  • This topic is locked This topic is locked

#1
dc4580

dc4580

    Member

  • Member
  • PipPip
  • 38 posts
I am experiencing hangs ( freezes ) when I browse, use email, create docs, in other words, no matter what I am doing. The hang has no pattern, can be of short duration or can be longer. These hangs may be accompanied by high CPU utilization and/or high memory utilization. The high memory users can be IE 8, Norton 360 programs, Realtek Audio exe, and sometimes one of the 6 svchost.exe running at any given time.

OTL.txt:

OTL logfile created on: 2/13/2012 9:19:17 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\david cox\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.23 Mb Total Physical Memory | 177.86 Mb Available Physical Memory | 39.77% Memory free
1.18 Gb Paging File | 0.35 Gb Available in Paging File | 29.72% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 103.51 Gb Total Space | 77.38 Gb Free Space | 74.76% Space Free | Partition Type: NTFS

Computer Name: DAVE-Q08ESS7TBC | User Name: david cox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/13 21:01:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\david cox\Desktop\OTL.exe
PRC - [2012/01/14 18:39:07 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\java.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccsvchst.exe
PRC - [2010/11/11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2009/09/12 23:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 23:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/24 14:52:42 | 000,240,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
PRC - [2007/08/24 14:52:02 | 000,018,928 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
PRC - [2007/08/14 02:44:38 | 000,113,136 | ---- | M] () -- C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe


========== Modules (No Company Name) ==========

MOD - [2008/12/12 17:11:26 | 000,148,480 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MOD - [2008/12/12 17:11:26 | 000,097,280 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
MOD - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
MOD - [2008/11/13 13:43:49 | 000,081,920 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\lib\wrapper.dll
MOD - [2007/08/24 14:53:10 | 005,462,512 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\roxipp52.dll
MOD - [2007/08/14 02:44:38 | 000,113,136 | ---- | M] () -- C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Symantec RemoteAssist)
SRV - File not found [Disabled | Stopped] -- -- (SessionLauncher)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2010/11/11 13:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/11/11 13:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2010/11/11 13:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/11/11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2010/08/19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2007/08/24 14:53:16 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2007/08/24 14:53:14 | 000,072,176 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2007/08/24 14:52:48 | 000,309,744 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/08/24 14:52:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/08/24 14:52:38 | 001,083,888 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)


========== Driver Services (SafeList) ==========

DRV - [2012/02/07 00:36:39 | 000,024,064 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2012/02/03 20:43:21 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/03 20:43:20 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/23 21:50:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2012/01/22 00:10:55 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120213.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/22 00:10:54 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120213.002\NAVENG.SYS -- (NAVENG)
DRV - [2012/01/20 07:26:04 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/12/23 22:17:32 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120207.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/12/15 17:33:22 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120210.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/12/13 18:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/20 19:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0502000.00D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/30 21:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0502000.00D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 21:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 20:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 00:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/26 23:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\Ironx86.SYS -- (SymIRON)
DRV - [2010/11/11 13:32:10 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2010/11/11 13:32:08 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2010/11/11 13:30:34 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010/11/11 13:29:30 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010/11/11 13:29:26 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010/11/11 12:31:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2010/11/11 10:04:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/08/19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009/09/08 18:13:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/02/25 16:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/12/12 17:05:20 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 17:05:18 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2007/10/26 09:55:46 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2007/10/26 09:55:44 | 000,162,344 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2007/08/18 02:09:04 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2004/12/15 14:18:32 | 000,220,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 14:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 14:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/08/03 23:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/01/31 04:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_2 [2012/02/13 07:57:45 | 000,000,000 | ---D | M]

[2011/09/01 22:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/13 21:00:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

O1 HOSTS File: ([2012/01/10 23:45:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O16 - DPF: {037790A6-1576-11D6-903D-00105AABADD3} https://myportal.uss...om sglw2hcm.ocx (Seagull Web-to-Host Control Module v4)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1212120081468 (MUCatalogWebControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1208918393375 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1208921940093 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myportal.uss...SetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98F51424-7F98-4109-9E22-2025B352A261}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\david cox\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\david cox\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/13 21:01:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\david cox\Desktop\OTL.exe
[2012/02/06 22:35:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2012/02/04 20:09:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Application Data\Ahead
[2012/02/04 19:34:51 | 000,155,648 | R--- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2012/02/04 19:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2012/02/04 19:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2012/02/04 19:28:26 | 000,038,912 | R--- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2012/02/04 19:28:24 | 000,544,768 | R--- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\imagx5.dll
[2012/02/04 19:28:23 | 000,569,344 | R--- | C] (Pegasus Software,LLC) -- C:\WINDOWS\System32\imagr5.dll
[2012/02/04 19:28:19 | 000,283,920 | R--- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\ImagXpr5.dll
[2012/02/04 19:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2012/02/04 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2012/01/31 02:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Local Settings\Application Data\Webroot
[2012/01/30 22:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WRData
[2012/01/30 22:36:41 | 000,647,184 | ---- | C] (Webroot) -- C:\Documents and Settings\david cox\Desktop\wsainstall.exe
[2012/01/30 20:45:37 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symtdiv.sys
[2012/01/30 20:45:36 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symtdi.sys
[2012/01/30 20:45:36 | 000,299,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnets.sys
[2012/01/30 20:45:35 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.sys
[2012/01/30 20:45:35 | 000,516,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.sys
[2012/01/30 20:45:35 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.sys
[2012/01/30 20:45:35 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.sys
[2012/01/30 20:45:34 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\ironx86.sys
[2012/01/30 20:44:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0502000.00D
[2012/01/30 06:57:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2012/01/30 06:51:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/01/26 22:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/01/26 00:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/26 00:17:02 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/26 00:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/25 07:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/01/24 09:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Local Settings\Application Data\Besiex
[2012/01/24 09:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\DriverGuide
[2012/01/23 07:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/01/23 07:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Local Settings\Application Data\PC_Drivers_Headquarters
[2012/01/23 07:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2012/01/23 07:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2012/01/23 06:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012/01/20 07:26:04 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/20 07:26:04 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/20 07:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/01/20 07:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/01/20 07:24:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2012/01/20 07:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2012/01/20 07:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2012/01/20 07:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/01/18 21:59:50 | 162,161,616 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\david cox\Desktop\kav2012_12.0.0.374-2487en_us.exe
[2010/05/17 20:53:10 | 000,942,960 | ---- | C] (McAfee Inc.) -- C:\Documents and Settings\david cox\Local Settings\Application Data\MvtApp.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/13 21:26:39 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/13 21:01:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\david cox\Desktop\OTL.exe
[2012/02/13 20:54:15 | 000,013,738 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/13 14:25:04 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/13 12:06:35 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
[2012/02/13 07:55:50 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{18A67AB4-86CC-47A1-B51A-C739DECF0A30}.job
[2012/02/13 07:54:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/11 22:32:23 | 000,000,280 | ---- | M] () -- C:\{75C3C589-B9CC-4243-AA70-B008B52828B6}
[2012/02/11 16:14:09 | 000,000,280 | ---- | M] () -- C:\{CD8405D6-7EF4-4423-8DFB-E9C4FE3623E8}
[2012/02/11 10:11:43 | 000,000,280 | ---- | M] () -- C:\{E1F36C5B-2FA7-437C-8F6D-AE1C8983EA35}
[2012/02/11 04:21:55 | 000,001,704 | ---- | M] () -- C:\{0A45D602-5F1E-4920-AD0A-9A6CAB0F6FFE}
[2012/02/11 01:16:54 | 000,002,560 | ---- | M] () -- C:\{4F259113-DC64-402A-A344-B3FB40A63787}
[2012/02/07 00:36:39 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/02/04 20:04:28 | 000,065,015 | ---- | M] () -- C:\Documents and Settings\david cox\Desktop\memtest86+-4.20.zip
[2012/02/04 19:40:57 | 000,001,257 | ---- | M] () -- C:\Documents and Settings\david cox\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2012/02/04 19:40:57 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2012/02/04 00:35:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 04:45:36 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/01/31 04:44:14 | 000,886,668 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB
[2012/01/30 22:36:43 | 000,647,184 | ---- | M] (Webroot) -- C:\Documents and Settings\david cox\Desktop\wsainstall.exe
[2012/01/27 23:27:32 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\isolate.ini
[2012/01/27 21:27:14 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/26 22:47:34 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/26 00:12:22 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2012/01/25 21:49:15 | 000,015,773 | ---- | M] () -- C:\WINDOWS\cscmondump.bin
[2012/01/23 21:50:52 | 000,073,728 | ---- | M] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012/01/23 07:13:28 | 000,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2012/01/23 07:06:45 | 001,182,576 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Documents and Settings\david cox\Desktop\DriverDetective.exe
[2012/01/21 19:20:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/20 07:26:04 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/20 07:26:04 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/20 07:26:04 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/20 07:26:04 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/20 07:22:06 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\david cox\Desktop\Norton Installation Files.lnk
[2012/01/18 22:40:28 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\WebpageIcons.db
[2012/01/18 22:00:49 | 162,161,616 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\david cox\Desktop\kav2012_12.0.0.374-2487en_us.exe
[2012/01/15 23:41:44 | 000,002,221 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/01/15 23:40:53 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/11 22:32:22 | 000,000,280 | ---- | C] () -- C:\{75C3C589-B9CC-4243-AA70-B008B52828B6}
[2012/02/11 16:14:09 | 000,000,280 | ---- | C] () -- C:\{CD8405D6-7EF4-4423-8DFB-E9C4FE3623E8}
[2012/02/11 10:11:43 | 000,000,280 | ---- | C] () -- C:\{E1F36C5B-2FA7-437C-8F6D-AE1C8983EA35}
[2012/02/11 04:21:55 | 000,001,704 | ---- | C] () -- C:\{0A45D602-5F1E-4920-AD0A-9A6CAB0F6FFE}
[2012/02/11 01:16:54 | 000,002,560 | ---- | C] () -- C:\{4F259113-DC64-402A-A344-B3FB40A63787}
[2012/02/07 00:36:39 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/02/06 00:14:19 | 001,837,056 | ---- | C] () -- C:\Documents and Settings\david cox\Desktop\memtest.iso
[2012/02/04 20:09:28 | 000,164,504 | ---- | C] () -- C:\Documents and Settings\david cox\Desktop\memtest.bin
[2012/02/04 20:03:58 | 000,065,015 | ---- | C] () -- C:\Documents and Settings\david cox\Desktop\memtest86+-4.20.zip
[2012/02/04 19:43:16 | 000,050,779 | ---- | C] () -- C:\WINDOWS\UNNMP.cfg
[2012/02/04 19:40:57 | 000,001,257 | ---- | C] () -- C:\Documents and Settings\david cox\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2012/02/04 19:40:57 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2012/02/04 19:30:53 | 000,103,866 | ---- | C] () -- C:\WINDOWS\UNNeroVision.cfg
[2012/01/31 04:43:40 | 000,886,668 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB
[2012/01/30 20:45:36 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnetv.cat
[2012/01/30 20:45:36 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnet.cat
[2012/01/30 20:45:36 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnetv.inf
[2012/01/30 20:45:36 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnet.inf
[2012/01/30 20:45:35 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.cat
[2012/01/30 20:45:35 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.cat
[2012/01/30 20:45:35 | 000,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.inf
[2012/01/30 20:45:35 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.inf
[2012/01/30 20:45:35 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.inf
[2012/01/30 20:45:35 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.inf
[2012/01/30 20:45:34 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\iron.cat
[2012/01/30 20:45:34 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.cat
[2012/01/30 20:45:34 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\iron.inf
[2012/01/30 20:44:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.cat
[2012/01/30 20:44:28 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\isolate.ini
[2012/01/26 22:47:26 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/26 22:47:18 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/26 00:18:05 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/25 21:49:14 | 000,015,773 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2012/01/25 21:49:00 | 000,144,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/01/23 21:57:40 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012/01/23 21:51:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012/01/23 07:13:26 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2012/01/20 07:26:04 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/20 07:26:04 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/20 07:25:48 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/01/18 22:39:33 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\WebpageIcons.db
[2012/01/08 22:10:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/08 22:10:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/08 22:10:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/08 22:10:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/08 22:10:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/07/10 23:23:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/07/02 22:53:34 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/02 22:53:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/08/27 21:26:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/19 21:33:11 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/10 20:28:13 | 000,001,155 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2009/02/14 16:07:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/08 21:44:12 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\fusioncache.dat
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/07 21:00:11 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/05/07 20:38:36 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/04/23 23:29:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/04/22 23:25:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/04/22 23:12:02 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/04/22 21:19:18 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/20 21:26:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/20 21:21:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/20 16:12:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/20 16:10:15 | 000,262,232 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/02/25 20:41:28 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/02/25 20:41:28 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/02/25 20:41:28 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/02/14 11:35:13 | 000,182,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/10/26 19:00:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- C:\WINDOWS\System32\unicows.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/29 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/29 06:00:00 | 000,536,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/29 06:00:00 | 000,100,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/29 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/09/14 22:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2010/02/27 00:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/02/23 23:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010/02/27 00:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2008/06/03 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/08/25 22:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2008/05/04 21:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/02/13 07:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/06/05 23:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2012/01/23 07:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/01/31 03:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WRData
[2009/09/17 23:37:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{35ACA973-70F0-495F-9092-74A130711865}
[2009/10/06 20:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/28 21:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/22 22:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\DMS
[2011/08/25 23:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\ElevatedDiagnostics
[2012/01/25 20:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\FixCleaner
[2010/02/27 00:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\ICAClient
[2009/02/23 23:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\ICQ
[2011/01/19 00:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\InfraRecorder
[2011/08/14 00:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Juniper Networks
[2011/07/10 23:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Opera
[2011/08/30 22:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Sammsoft
[2010/02/28 23:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Seagull Software
[2011/03/12 23:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\SecondLife
[2011/12/07 00:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Tific
[2008/06/03 20:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\WinBatch
[2012/01/14 19:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Windows Desktop Search
[2011/12/28 07:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Windows Search
[2012/02/13 12:06:35 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\FixCleaner Scan.job
[2012/02/13 07:55:50 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{18A67AB4-86CC-47A1-B51A-C739DECF0A30}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\david cox\Desktop\LsDiagnosticUtility_1.14.16.1.exe:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\david cox\My Documents\Amazing Grace on Pipes.wav:Roxio EMC Stream

< End of report >


Extras.txt:

OTL Extras logfile created on: 2/13/2012 9:19:17 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\david cox\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.23 Mb Total Physical Memory | 177.86 Mb Available Physical Memory | 39.77% Memory free
1.18 Gb Paging File | 0.35 Gb Available in Paging File | 29.72% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 103.51 Gb Total Space | 77.38 Gb Free Space | 74.76% Space Free | Partition Type: NTFS

Computer Name: DAVE-Q08ESS7TBC | User Name: david cox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
"C:\Program Files\VMware\VMware Player\vmware-authd.exe" = C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\Program Files\VMware\VMware Player\vmware-authd.exe" = C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Documents and Settings\david cox\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\david cox\Application Data\Spotify\spotify.exe:*:Enabled:Spotify
"C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" = C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service -- (Cisco Systems, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{1506CE23-3FB8-E0DA-3B07-D68669C33CD7}" = ccc-core-preinstall
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{190601AF-7BE4-046E-CEBF-14EE74434250}" = AMD Catalyst Install Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink PowerStarter
"{1FD7A431-CFA5-EDB0-830B-9FADA4847E94}" = Catalyst Control Center Graphics Full Existing
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java™ 7 Update 1
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{2D85CB00-4FF0-26A5-D07F-3548AE418506}" = Skins
"{302EF6FB-3EE7-407D-2DDE-2C021A1A0918}" = ccc-utility
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
"{404FDA15-6384-4B83-9E1A-A6047447660F}" = LightScribe System Software 1.14.16.1
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5D8A40E9-8E59-3761-98DE-2C9F7303FA17}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A239A2D-92B3-3AC3-484D-2E487F87F0E0}" = Catalyst Control Center Graphics Light
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{8183EF47-6E87-E9F8-47ED-2FE07F85F656}" = Catalyst Control Center Graphics Previews Common
"{83FF62E8-EAE3-B5DA-7A63-A2ADD3499671}" = Catalyst Control Center Graphics Full New
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92682D65-E96D-83B0-AB2B-547F32FDCB8C}" = CCC Help English
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9A1828-31D1-4590-A99F-022B7237AFAE}" = Roxio MediaShare
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}" = Linksys EasyLink Advisor
"{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Easy Media Creator 10 Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CAB14F80-C2F5-9A26-4B65-81EDBB7D8F7F}" = Catalyst Control Center Core Implementation
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2A7D92-D766-30A9-B195-C4772EE2695F}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D6EB268F-E74C-4C75-B021-A980551F5730}" = LightScribe Diagnostic Utility
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F5B4D736-CE2B-4A7E-ADEC-236C546D2183}" = FixCleaner
"{F6E8A267-465A-59EC-7720-84EA1DB2D579}" = ccc-core-static
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"00545FB71C8C0CA8EB58826AB184228A91CFC091" = Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (04/27/2007 5.7.0427.0)
"4DFDCEFC24545A9DE98551DA0E63416199352710" = Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.12
"ATI Display Driver" = ATI Display Driver
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink PowerStarter
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"InstallShield_{7FE3214C-283E-40C6-A8D5-CB773110090C}" = Linksys EasyLink Advisor
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton 360
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"PC Pitstop Optimize3_is1" = PC Pitstop Optimize3 3.0
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"VMware_Player" = VMware Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

[ System Events ]
Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2012 9:57:29 AM | Computer Name = DAVE-Q08ESS7TBC | Source = VMnetDHCP | ID = 2
Description = Can't open C:\Documents and Settings\All Users\Application Data\VMware\vmnetdhcp.conf:
The system cannot find the file specified. / The system cannot find the file specified

Error - 2/13/2012 9:59:15 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the VMware Authorization
Service service to connect.

Error - 2/13/2012 9:59:15 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7000
Description = The VMware Authorization Service service failed to start due to the
following error: %%1053

Error - 2/13/2012 10:00:41 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 2/13/2012 10:00:41 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 2/13/2012 10:01:16 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.


< End of report >


Thanks for any help in getting to the root of these freezes
  • 0

Advertisements


#2
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
  • Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
  • Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
  • Please reply within 3 days to be fair to other people asking for help.
  • Please tell me if you have your original Windows CD/DVD available
  • When in doubt, please stop and ask first. There's no harm in asking questions!

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

I think your problem is not malware related and your CD/DVD drive causes these issues. But anyway we can check it for possible malware activity. Do the following please:

  • Please download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it.

    Posted Image
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.
  • Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here

How to add an attachment to a new topic or reply
  • 0

#3
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Thanks for your reply. I will be adding the MBR files later on tonight.
  • 0

#4
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK
  • 0

#5
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Thanks for your patience. Response on my PC is bad. Here is the MBR text file:

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-19 23:02:28
-----------------------------
23:02:28.223 OS Version: Windows 5.1.2600 Service Pack 3
23:02:28.223 Number of processors: 1 586 0x605
23:02:28.239 ComputerName: DAVE-Q08ESS7TBC UserName: david cox
23:02:36.754 Initialize success
23:05:43.254 AVAST engine defs: 12021802
23:05:56.207 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:05:56.254 Disk 0 Vendor: ST3120213AS 3.AHL Size: 114473MB BusType: 3
23:05:56.301 Disk 0 MBR read successfully
23:05:56.301 Disk 0 MBR scan
23:05:56.520 Disk 0 Windows XP default MBR code
23:05:56.535 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 105999 MB offset 63
23:05:56.567 Disk 0 scanning sectors +217086345
23:05:57.379 Disk 0 scanning C:\WINDOWS\system32\drivers
23:07:30.520 Service scanning
23:09:58.629 Modules scanning
23:11:34.645 Disk 0 trace - called modules:
23:11:34.660 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
23:11:34.676 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84fdb470]
23:11:34.723 3 CLASSPNP.SYS[f76b6fd7] -> nt!IofCallDriver -> \Device\00000079[0x84f342b8]
23:11:34.723 5 ACPI.sys[f754d620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x84f61d98]
23:11:37.520 AVAST engine scan C:\WINDOWS
23:12:14.676 AVAST engine scan C:\WINDOWS\system32
23:31:06.910 AVAST engine scan C:\WINDOWS\system32\drivers
23:32:21.567 AVAST engine scan C:\Documents and Settings\david cox
23:47:11.004 AVAST engine scan C:\Documents and Settings\All Users
23:52:23.239 Scan finished successfully
02:02:51.567 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\david cox\Desktop\MBR.dat"
02:02:52.192 The log file has been saved successfully to "C:\Documents and Settings\david cox\Desktop\aswMBR.txt"


I have also attached the zipped dat file.

Attached File  MBR.dat.zip   534bytes   37 downloads

Thanks again for your assistance.
  • 0

#6
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download Virus Removal Tool (VRT) from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)
Posted Image

Allow VRT to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun VRT and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#7
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
First part of Kaspersky scan running. I will pick up the analysis when I get home.
  • 0

#8
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK.
  • 0

#9
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
16 hours later, I am at 32% complete with 214627 objects scanned. This is the automatic scan. I will let it go overnight, but doubt seriously that it will be complete in the morning. Seems like molasses.
  • 0

#10
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. Patience please. ;)
  • 0

Advertisements


#11
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Ok, sounds fine to me. Was just a little concerned with the length of time. Progress report: 40% at 239,000 objects after 23 hrs and change. I will give you a progress report tonight, probably 8 or 9 PM Central. Thanks again for your help. I appreciate it.
  • 0

#12
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Looks like old-timer :happy: How old is this machine?
  • 0

#13
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Around four years old. Bought it with Vista pre-installed. Fought that for about 8 months, then wiped that and went to XP SP3.
  • 0

#14
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Well... It shouldn't take so long for 26GB data scan. Maybe it's hardware related issue.
  • 0

#15
dc4580

dc4580

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Just finished an hour ago with no errors found. Where would you like to go from here?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP