Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

IE Script Error Virus?

Started by Django2009 , Jun 03 2012 08:58 AM

  • Please log in to reply

#1
Django2009
Posted 03 June 2012 - 08:58 AM

Django2009

    Member

  • Member
  • PipPip
  • 56 posts
Been getting this pop-up message for a few weeks now, tried the obvious root of tick the boxes via Internet Options, Advanced
Tab etc. But i still keep getting this pop-up. Plus i have noticed a slight lag in performance. Any help to fix this little problem would be much appreciated.

OTL results below.

OTL logfile created on: 03/06/2012 15:47:20 - Run 1
OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\3R\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.42% Memory free
3.02 Gb Paging File | 1.30 Gb Available in Paging File | 43.12% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 10.24 Gb Free Space | 27.48% Space Free | Partition Type: NTFS
Drive E: | 111.76 Gb Total Space | 37.06 Gb Free Space | 33.16% Space Free | Partition Type: FAT32

Computer Name: 3R-07CDD3E2B945 | User Name: 3R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/03 15:44:27 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\3R\Desktop\OTL.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/11 14:44:44 | 000,112,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
PRC - [2010/07/29 08:50:16 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/09/20 02:26:32 | 000,189,752 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn3\ytbb.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/03/01 02:10:18 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/03 08:13:53 | 001,765,376 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12060300\algo.dll
MOD - [2011/11/03 16:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\3R\Local Settings\temp\{ED7E063A-7A48-4F0A-A69C-2E90D185BE8B}\NMSAccessU.exe -- (NMSAccessU)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/05/11 19:00:58 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 17:55:47 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/24 14:26:28 | 000,261,952 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe -- (CSUService)
SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/11 14:44:44 | 000,112,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service) Intel®
SRV - [2010/07/29 08:50:16 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/06/25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/29 20:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 01:12:35 | 000,089,600 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/14 01:12:34 | 000,141,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/14 01:12:33 | 000,095,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/14 01:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/14 01:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/14 01:12:25 | 000,032,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 01:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/14 01:12:14 | 000,005,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/14 01:12:11 | 000,129,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/14 01:12:08 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/14 01:12:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/14 01:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/14 01:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/14 01:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 01:11:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 01:11:50 | 000,077,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 01:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/08/09 08:27:52 | 000,073,728 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/10/18 20:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006/05/03 17:43:46 | 000,413,696 | ---- | M] (ATI Technologies Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2006/05/03 11:57:00 | 000,520,192 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2006/03/01 02:10:18 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
SRV - [2006/02/28 13:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2005/08/08 06:54:00 | 000,167,936 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002/12/17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER)
SRV - [2002/12/17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -- (SQLSERVERAGENT)
SRV - [2002/12/17 18:23:30 | 000,066,112 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\svstream.sys -- (DCamUSBSvis)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2012/05/18 17:31:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/03/07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/06/25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010/06/14 01:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010/04/27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/10/10 18:09:30 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 19:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 19:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 19:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/06/01 13:52:10 | 000,357,344 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PRISMA02.sys -- (DELL_A02)
DRV - [2006/05/03 17:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/02/28 13:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006/02/28 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2006/02/28 13:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006/01/10 03:47:27 | 000,031,846 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX)
DRV - [2003/04/30 15:59:40 | 000,259,528 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Nuvision.sys -- (NuVision) Hauppauge WinTV USB Pro (PAL I FM)
DRV - [2002/01/11 00:22:10 | 000,295,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [1997/04/22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{11111111-22222-3333-4444-5555555}: "URL" = http://www.talktalk....y={searchTerms}
IE - HKCU\..\SearchScopes\{19C850F5-BFF1-463E-AE49-BB29DAB4FA1D}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60076
IE - HKCU\..\SearchScopes\{2EE4BA62-E6F6-48B9-900B-56748DC0F95A}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{4A89756F-05D7-40BC-A8E4-3291B839F19E}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{50D3D5E4-3A9C-43E8-8ACE-A8E9F8A56AF1}: "URL" = http://uk.search.yah...f-8&fr=chr-yie8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GCNV_en
IE - HKCU\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.pageden.c...=t&rls=ieyxnFCR
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2645238
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...c=IM3DJUN09IESB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "GoogIe"
FF - prefs.js..browser.startup.homepage: "http://www.igoogle.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.03.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..keyword.URL: "http://www.pageden.c...ls=ieyxnFCR&q="
FF - prefs.js..network.proxy.http: "80.228.29.90"
FF - prefs.js..network.proxy.http_port: 3128

FF - user.js..browser.search.selectedEngine: "GoogIe"
FF - user.js..keyword.URL: "http://www.pageden.c...ls=ieyxnFCR&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\3R\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/04/27 18:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/03/13 13:43:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/25 17:55:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/26 19:17:29 | 000,000,000 | ---D | M]

[2008/09/05 13:45:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\3R\Application Data\Mozilla\Extensions
[2012/05/31 17:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\3R\Application Data\Mozilla\Firefox\Profiles\4a78mpz4.default\extensions
[2012/05/31 17:22:23 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\3R\Application Data\Mozilla\Firefox\Profiles\4a78mpz4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/03/29 18:29:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\3R\Application Data\Mozilla\Firefox\Profiles\4a78mpz4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/11/03 13:33:50 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\3R\Application Data\Mozilla\Firefox\Profiles\4a78mpz4.default\searchplugins\conduit.xml
[2009/09/22 22:18:56 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\3R\Application Data\Mozilla\Firefox\Profiles\4a78mpz4.default\searchplugins\MyStart Search.xml
[2012/02/11 00:47:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/27 12:39:46 | 000,336,363 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\3R\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4A78MPZ4.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012/01/05 23:10:24 | 000,634,964 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\3R\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4A78MPZ4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/02/12 00:35:19 | 000,709,293 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\3R\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4A78MPZ4.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012/04/25 17:55:46 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/08 18:12:58 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/08 18:12:58 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2010/09/26 15:01:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{422EA8AB-69EB-45E9-8DE0-A4EF19D6BD6B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3FCEA63-050F-4FF7-957B-AE27FABA637A}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\3R\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\3R\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/17 14:16:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/16 23:02:26 | 000,000,224 | -HS- | M] () - E:\AUTOEXEC.DOS -- [ FAT32 ]
O32 - AutoRun File - [2006/06/22 17:40:52 | 000,000,356 | -H-- | M] () - E:\AUTOEXEC.003 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/03 15:44:24 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\3R\Desktop\OTL.exe
[2012/05/22 18:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\COMODO
[2012/05/22 18:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/05/18 17:31:01 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/05/16 19:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\3R\Local Settings\Application Data\PicMarkr
[2012/05/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\3R\My Documents\My Videos
[2010/08/01 17:41:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\3R\Application Data\pcouffin.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/03 15:53:46 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-527237240-682003330-1003.job
[2012/06/03 15:53:45 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-527237240-682003330-1003.job
[2012/06/03 15:44:27 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\3R\Desktop\OTL.exe
[2012/06/03 15:22:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/03 15:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/03 12:11:20 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\3R\Desktop\avast! Free Antivirus.lnk
[2012/06/03 12:01:27 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/03 12:00:45 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/03 12:00:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/01 18:36:15 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\CSU Updater.job
[2012/05/31 17:08:59 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 5.lnk
[2012/05/27 17:10:14 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\3R\Desktop\Paint Shop Pro 7.lnk
[2012/05/22 18:36:31 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO System Utilities.lnk
[2012/05/18 17:31:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/05/18 17:03:43 | 000,000,194 | -HS- | M] () -- C:\boot.ini
[2012/05/11 17:59:36 | 000,129,389 | ---- | M] () -- C:\Documents and Settings\3R\My Documents\lfc96.jpg
[2012/05/11 14:18:55 | 000,098,724 | ---- | M] () -- C:\Documents and Settings\3R\My Documents\May.2012.rar
[2012/05/09 22:02:44 | 000,181,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/09 19:34:41 | 000,471,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/09 19:34:41 | 000,086,650 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/09 18:45:24 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/03 12:11:20 | 000,001,712 | ---- | C] () -- C:\Documents and Settings\3R\Desktop\avast! Free Antivirus.lnk
[2012/05/22 19:00:55 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-527237240-682003330-1003.job
[2012/05/22 19:00:55 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-527237240-682003330-1003.job
[2012/05/22 18:36:45 | 000,000,456 | ---- | C] () -- C:\WINDOWS\tasks\CSU Updater.job
[2012/05/22 18:36:31 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO System Utilities.lnk
[2012/05/11 17:59:35 | 000,129,389 | ---- | C] () -- C:\Documents and Settings\3R\My Documents\lfc96.jpg
[2012/05/11 14:18:55 | 000,098,724 | ---- | C] () -- C:\Documents and Settings\3R\My Documents\May.2012.rar
[2012/05/09 18:41:04 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash
[2012/02/16 00:22:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/06 13:34:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011/10/30 12:19:17 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/11 15:03:39 | 000,002,388 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2011/05/06 18:22:55 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\3R\Local Settings\Application Data\fusioncache.dat
[2011/05/06 18:18:35 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/05/04 18:14:55 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/04 18:14:55 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/04 18:14:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/04 18:14:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/04 18:14:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/22 14:29:30 | 000,000,000 | ---- | C] () -- C:\Program Files\Common Files\Symantec Shared.fix
[2011/04/19 23:49:32 | 000,102,400 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2011/04/19 23:38:29 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\3R\Local Settings\Application Data\housecall.guid.cache
[2010/08/01 17:42:02 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\3R\Application Data\vso_ts_preview.xml
[2010/08/01 17:41:25 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\3R\Application Data\pcouffin.cat
[2010/08/01 17:41:25 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\3R\Application Data\pcouffin.inf
[2010/06/25 18:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

========== LOP Check ==========

[2008/05/31 15:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\ACD Systems
[2009/08/05 23:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Azureus
[2011/11/04 20:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\CheckPoint
[2011/09/11 18:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Complitly
[2010/06/27 18:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Facebook
[2011/07/03 15:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\GamersDigital
[2009/05/15 16:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\GrabPro
[2009/07/25 22:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\gtk-2.0
[2008/10/09 18:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\HiYo
[2009/06/28 13:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Image Zone Express
[2010/06/17 17:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\ImgBurn
[2011/11/25 15:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\IObit
[2009/10/10 18:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\klonsoft
[2009/12/12 16:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\MailWasherFree
[2011/04/07 13:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\ML
[2009/05/14 18:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Moyea
[2008/07/07 14:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\MSNInstaller
[2009/10/10 18:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\NCH Swift Sound
[2011/07/03 15:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Oberon Media
[2012/05/02 23:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Oracle
[2009/05/15 17:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Orbit
[2009/07/25 19:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Participatory Culture Foundation
[2010/01/12 18:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\PC Suite
[2008/07/09 23:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\PCToolsFirewallPlus
[2011/04/09 22:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\R-TT
[2009/10/21 17:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Research In Motion
[2010/02/20 17:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Returnil
[2010/01/12 18:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Samsung
[2012/03/31 18:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\spiral
[2011/07/11 15:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Systweak
[2011/11/04 19:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\TestApp
[2009/11/22 15:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\TuneUp Software
[2009/05/01 15:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\uniblue
[2010/08/01 17:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Vso
[2008/08/20 17:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Windows Desktop Search
[2008/10/02 13:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\3R\Application Data\Windows Search
[2010/08/27 17:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/07/25 18:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2011/11/23 23:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2011/07/03 15:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamersDigital
[2008/05/24 14:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/05/24 14:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/11/25 15:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2008/05/23 17:04:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/05/25 23:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010/04/02 23:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/01/12 18:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/13 12:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoMail
[2009/10/21 17:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/02/20 18:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Returnil
[2010/12/03 15:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/05/27 15:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/11/29 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/07/20 18:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2009/11/22 15:52:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012/06/01 18:36:15 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\CSU Updater.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBF70FA7
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F84F494D
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements

#2
Django2009
Posted 03 June 2012 - 08:59 AM

Django2009

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
OTL Extras logfile created on: 03/06/2012 15:47:20 - Run 1
OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\3R\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.42% Memory free
3.02 Gb Paging File | 1.30 Gb Available in Paging File | 43.12% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 10.24 Gb Free Space | 27.48% Space Free | Partition Type: NTFS
Drive E: | 111.76 Gb Total Space | 37.06 Gb Free Space | 33.16% Space Free | Partition Type: FAT32

Computer Name: 3R-07CDD3E2B945 | User Name: 3R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\PROGRA~1\ACDSYS~1\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"86:TCP" = 86:TCP:*:Enabled:BroadCam Video Streaming Server TCP/IP Port
"1935:TCP" = 1935:TCP:*:Enabled:BroadCam Video Streaming Server Flash Video Server
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImLc.exe" = C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44663264-E108-4938-BF9E-A767315072C9}" = Intel® Network Connections 16.3.48.0
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D612FB2-1AE7-4E46-9377-35BB2F06A787}" = Roxio Media Manager
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7DA4247-9F22-4d4a-974A-DD455CCF43B6}" = COMODO System Utilities
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEFCB74C-C49F-4327-8EDF-3A81A574AC0F}" = Serif PhotoPlus 7.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 ESD
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DD6B261B-765B-4FA9-8589-E85F286D1B4C}" = Noiseware Community Edition
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Ability Write" = Ability Write
"AC3Filter" = AC3Filter (remove only)
"AccessDiver v4.260_is1" = AccessDiver v4.260
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"IncrediMail" = IncrediMail 2.0
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoMail" = PhotoMail Maker
"RealPlayer 12.0" = RealPlayer
"R-Studio 4.2NSIS" = R-Studio 4.2
"Smart Defrag_is1" = Smart Defrag
"SpywareBlaster_is1" = SpywareBlaster 4.6
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WM Capture" = WM Capture
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/03/2012 14:37:49 | Computer Name = 3R-07CDD3E2B945 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module , version 0.0.0.0, fault address 0x00000000.

Error - 02/04/2012 18:08:06 | Computer Name = 3R-07CDD3E2B945 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.

Error - 09/04/2012 11:44:18 | Computer Name = 3R-07CDD3E2B945 | Source = Application Error | ID = 1000
Description = Faulting application psp.exe, version 7.0.0.0, faulting module psp.exe,
version 7.0.0.0, fault address 0x000fb76f.

Error - 11/04/2012 17:06:57 | Computer Name = 3R-07CDD3E2B945 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 09/05/2012 17:05:06 | Computer Name = 3R-07CDD3E2B945 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 13/05/2012 08:35:32 | Computer Name = 3R-07CDD3E2B945 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module , version 11.2.202.235, fault address 0x0047f705.

Error - 18/05/2012 12:38:12 | Computer Name = 3R-07CDD3E2B945 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module msxml6.dll, version 6.20.1103.0, fault address 0x00065a07.

Error - 19/05/2012 19:24:14 | Computer Name = 3R-07CDD3E2B945 | Source = Application Error | ID = 1000
Description = Faulting application acdsee.exe, version 3.1.0.0, faulting module
acdsee.exe, version 3.1.0.0, fault address 0x000254b9.

Error - 22/05/2012 13:40:38 | Computer Name = 3R-07CDD3E2B945 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 22/05/2012 13:40:38 | Computer Name = 3R-07CDD3E2B945 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

[ System Events ]
Error - 02/06/2012 17:25:46 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3}

Error - 02/06/2012 17:25:46 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3}

Error - 02/06/2012 17:25:46 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {3D369E3A-9EDF-46C4-B4BC-47BF3304BF7C}

Error - 02/06/2012 18:04:51 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3}

Error - 03/06/2012 07:00:23 | Computer Name = 3R-07CDD3E2B945 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00112F31FB19 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 03/06/2012 07:01:23 | Computer Name = 3R-07CDD3E2B945 | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%2

Error - 03/06/2012 07:12:37 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {3D369E3A-9EDF-46C4-B4BC-47BF3304BF7C}

Error - 03/06/2012 07:12:37 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3}

Error - 03/06/2012 07:12:37 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3}

Error - 03/06/2012 07:12:37 | Computer Name = 3R-07CDD3E2B945 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service YahooAUService
with arguments "" in order to run the server: {3D369E3A-9EDF-46C4-B4BC-47BF3304BF7C}


< End of report >
  • 0

#3
Django2009
Posted 05 June 2012 - 05:52 AM

Django2009

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
Bump
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP