Seeking some expertise and help with removal of malware and an unwanted modification issue. It's interfering with the Windows Update, it won't allow me to download the proper updates for the OS.
The two instances appear via the Malwarebytes full scan:
-Trojan. Vundo
-PUM.Disabled.SecurityCenter
I have seen other ones pop up as well, but then after Malwarebytes removes it, it disappears. I have a feeling if I were to scan again, they would appear.
I'm working off of XP. Would appreciate any help on this issue!! THANKS!
__________________________________________________________________________________
Here is the OTL report:
OTL logfile created on: 6/20/2012 2:08:06 PM - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\Janet\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.10 Mb Total Physical Memory | 807.09 Mb Available Physical Memory | 79.67% Memory free
2.39 Gb Paging File | 2.32 Gb Available in Paging File | 97.10% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 84.76 Gb Free Space | 36.41% Space Free | Partition Type: NTFS
Computer Name: NEW | User Name: Janet | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/20 14:05:57 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet\Desktop\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2099/01/01 12:00:00 | 000,065,627 | -HS- | M] () -- C:\WINDOWS\system32\nodedeje.dll
MOD - [2009/01/20 16:49:30 | 000,133,428 | -HS- | M] () -- C:\WINDOWS\system32\wlziju.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2007/07/23 09:23:46 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/07/23 09:23:46 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/07/23 09:23:44 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/06/13 22:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/08/18 15:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 15:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 15:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 15:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 15:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 15:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 15:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 15:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 12:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 12:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080121
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080121
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080121
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://maps.google.com/"
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.0.104
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.3
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohPlayer: C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/20 10:52:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008/11/20 13:53:52 | 000,000,000 | ---D | M]
[2008/08/29 15:38:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Janet\Application Data\Mozilla\Extensions
[2012/06/19 21:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\extensions
[2008/09/13 20:08:37 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2008/10/07 20:32:04 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/06/11 07:52:33 | 000,000,000 | ---D | M] (United States English Dictionary) -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\extensions\[email protected]
[2008/10/20 20:44:41 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\extensions\[email protected]
[2008/05/29 19:41:21 | 000,001,162 | ---- | M] () -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\searchplugins\dictionarycom.xml
[2008/04/03 21:04:49 | 000,001,899 | ---- | M] () -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\searchplugins\flickr-tags.xml
[2008/06/20 18:51:28 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\searchplugins\imdb.xml
[2008/06/20 18:51:28 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\searchplugins\wikipedia-en.xml
[2008/08/23 08:56:21 | 000,001,032 | ---- | M] () -- C:\Documents and Settings\Janet\Application Data\Mozilla\Firefox\Profiles\dkm0l9ys.default\searchplugins\wikipedia-eng.xml
[2009/07/17 22:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2008/06/30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2006/01/18 12:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {6fb2b4ed-7bd4-468a-b9a5-dd6d12918c85} - C:\WINDOWS\system32\jazijase.dll (SoftComplete Development)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Reg Error: Value error.) - {8c221bef-5175-4ab9-9211-f5917159c06e} - C:\WINDOWS\system32\wlziju.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [muhenatete] Rundll32.exe "C:\WINDOWS\system32\holuyibi.dll",s File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
F3 - HKCU WinNT: Load - (C:\WINDOWS\system32\Janet.vbs) - C:\WINDOWS\system32\Janet.vbs ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 129
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1340201093734 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED2C2B8D-6687-4FFB-8877-534F4B8873B7}: DhcpNameServer = 75.75.75.75 75.75.76.76
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (wlziju.dll) - C:\WINDOWS\System32\wlziju.dll ()
O20 - AppInit_DLLs: (C:\WINDOWS\system32\nodedeje.dll) - C:\WINDOWS\system32\nodedeje.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Janet\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Janet\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 14:59:26 | 000,000,221 | -HS- | M] () - C:\AutoRun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/04 08:22:58 | 000,002,772 | ---- | M] () - C:\AutoRun.PNF -- [ NTFS ]
O33 - MountPoints2\{b2a25580-9213-11dd-a3eb-001d09803468}\Shell - "" = AutoRun
O33 - MountPoints2\{b2a25580-9213-11dd-a3eb-001d09803468}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b2a25580-9213-11dd-a3eb-001d09803468}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\{d909e25a-760e-11dd-a3b3-001d09803468}\Shell - "" = AutoRun
O33 - MountPoints2\{d909e25a-760e-11dd-a3b3-001d09803468}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d909e25a-760e-11dd-a3b3-001d09803468}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe
O33 - MountPoints2\{ed85576a-b914-11dd-a441-001d09803468}\Shell - "" = AutoRun
O33 - MountPoints2\{eef35e68-202a-11dd-a2f3-001d09803468}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2099/01/01 12:00:00 | 000,133,428 | -HS- | C] (SoftComplete Development) -- C:\WINDOWS\System32\zanaruma.dll
[2099/01/01 12:00:00 | 000,097,584 | -HS- | C] (ESET) -- C:\WINDOWS\System32\mijunope.dll
[2099/01/01 12:00:00 | 000,084,649 | -HS- | C] (ESET) -- C:\WINDOWS\System32\danipowu.dll
[2099/01/01 12:00:00 | 000,065,627 | -HS- | C] (SoftComplete Development) -- C:\WINDOWS\System32\lobuzosi.dll
[2099/01/01 12:00:00 | 000,065,627 | -HS- | C] (SoftComplete Development) -- C:\WINDOWS\System32\jazijase.dll
[2099/01/01 12:00:00 | 000,061,083 | -HS- | C] (ESET) -- C:\WINDOWS\System32\gesudofi.dll
[2012/06/20 14:05:57 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Janet\Desktop\OTL.exe
[2012/06/20 12:46:46 | 000,173,456 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Janet\Desktop\FixVundo.exe
[2012/06/20 11:11:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet\Application Data\Malwarebytes
[2012/06/20 11:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/20 11:11:21 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/20 11:11:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/20 11:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/06/20 11:10:58 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Janet\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/20 10:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet\Application Data\ElevatedDiagnostics
[2012/06/20 10:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/06/20 10:36:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Janet\Desktop\*.tmp files -> C:\Documents and Settings\Janet\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2099/01/01 12:00:00 | 000,065,627 | -HS- | M] (SoftComplete Development) -- C:\WINDOWS\System32\jazijase.dll
[2099/01/01 12:00:00 | 000,065,627 | -HS- | M] () -- C:\WINDOWS\System32\nodedeje.dll
[2012/06/20 14:07:36 | 000,006,456 | -H-- | M] () -- C:\WINDOWS\System32\keyozodu
[2012/06/20 14:07:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/20 14:05:57 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet\Desktop\OTL.exe
[2012/06/20 12:46:47 | 000,173,456 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Janet\Desktop\FixVundo.exe
[2012/06/20 11:11:22 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/20 11:11:04 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Janet\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/20 11:03:55 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2012/06/20 11:02:58 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\Janet\Desktop\repair.bat
[2012/06/20 11:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2012/06/20 10:34:57 | 000,405,640 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/20 10:34:57 | 000,064,064 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/20 10:27:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/20 10:03:54 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2012/06/20 10:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2012/06/20 09:57:58 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Janet\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/20 09:55:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/20 09:48:32 | 000,000,039 | -HS- | M] () -- C:\WINDOWS\System32\Janet.ini
[2012/06/19 21:03:54 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2012/06/19 21:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Janet\Desktop\*.tmp files -> C:\Documents and Settings\Janet\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2099/01/01 12:00:00 | 000,065,627 | -HS- | C] () -- C:\WINDOWS\System32\nodedeje.dll
[2012/06/20 11:11:22 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/20 11:02:58 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\Janet\Desktop\repair.bat
========== LOP Check ==========
[2008/01/21 14:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/10/14 13:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/06/20 10:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janet\Application Data\ElevatedDiagnostics
[2008/11/25 18:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janet\Application Data\gtk-2.0
[2008/01/27 18:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janet\Application Data\Launchy
[2008/04/19 23:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janet\Application Data\Snapfish
[2008/08/09 18:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janet\Application Data\Template
[2009/05/17 00:40:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/01/04 10:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2012/06/20 10:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2012/06/20 11:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2009/09/07 12:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/12/16 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/12/16 15:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/01/05 16:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/12/23 17:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/12/23 18:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/12/23 19:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2009/05/17 01:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/01/05 20:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/01/05 21:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2012/06/19 21:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2011/01/04 23:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/01/10 00:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2009/05/17 00:35:16 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2009/05/17 01:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2008/12/27 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2008/12/27 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2008/11/28 05:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2008/12/27 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2008/11/27 06:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2009/06/30 06:03:33 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2008/11/27 08:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2011/01/04 09:03:38 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2011/01/04 10:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2012/06/20 10:03:54 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2012/06/20 11:03:55 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2010/01/05 15:50:34 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2010/12/16 14:03:35 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2010/12/16 15:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2008/12/27 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/01/05 16:03:33 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2010/12/23 17:03:35 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2010/12/23 18:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2010/12/23 19:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2010/01/05 20:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2010/01/05 21:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2012/06/19 21:03:54 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2011/01/04 23:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2010/01/10 00:00:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2008/11/28 05:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2008/11/27 06:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2009/06/30 06:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2008/11/27 08:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/01/04 09:00:02 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
========== Purity Check ==========
< End of report >
_________________________________________________________________________
the "extras" file:
OTL Extras logfile created on: 6/20/2012 2:08:06 PM - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\Janet\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.10 Mb Total Physical Memory | 807.09 Mb Available Physical Memory | 79.67% Memory free
2.39 Gb Paging File | 2.32 Gb Available in Paging File | 97.10% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 84.76 Gb Free Space | 36.41% Space Free | Partition Type: NTFS
Computer Name: NEW | User Name: Janet | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client -- (Veoh Networks)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\WINDOWS\system32\userinit.exe" = C:\WINDOWS\system32\userinit.exe:*:Enabled:userinit -- (Microsoft Corporation)
"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" = C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe:*:Enabled:jusched -- (Sun Microsystems, Inc.)
"C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" = C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe:*:Enabled:DrgToDsc -- (Roxio)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\dwwin.exe" = C:\WINDOWS\system32\dwwin.exe:*:Enabled:dwwin -- (Microsoft Corporation)
"C:\Program Files\Launchy\Launchy.exe" = C:\Program Files\Launchy\Launchy.exe:*:Enabled:Launchy -- ()
"C:\WINDOWS\system32\AhqNnbvR.exe" = C:\WINDOWS\system32\AhqNnbvR.exe:*:Enabled:AhqNnbvR
"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe" = C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe:*:Enabled:CPSHelpRunner -- (Sonic Solutions)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.8.0
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"hp deskjet 840c series" = hp deskjet 840c series (Remove only)
"hp deskjet 840c series_Driver" = hp deskjet 840c series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"Launchy_21344213_is1" = Launchy 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.4)" = Mozilla Firefox (3.0.4)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa2" = Picasa 2
"ULTIMATER" = Microsoft Office Ultimate 2007
"Verizon High Speed Internet_is1" = Verizon High Speed Internet
"VobSub" = VobSub v2.23 (Remove Only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.4.4
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/7/2008 10:48:50 PM | Computer Name = NEW | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20080.62306, faulting
module firefox.exe, version 1.8.20080.62306, fault address 0x0018f15e.
Error - 7/14/2008 5:19:09 PM | Computer Name = NEW | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20080.62306, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 7/14/2008 5:19:46 PM | Computer Name = NEW | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20080.62306, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 8/7/2008 1:16:43 PM | Computer Name = NEW | Source = Application Error | ID = 1000
Description = Faulting application softwareupdate.exe, version 2.0.2.92, faulting
module scriptingobjectmodel.dll, version 2.1.1.116, fault address 0x00005476.
Error - 8/7/2008 1:16:48 PM | Computer Name = NEW | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 8/16/2008 9:52:05 AM | Computer Name = NEW | Source = Microsoft Works 8 | ID = 1000
Description =
Error - 8/16/2008 9:56:36 AM | Computer Name = NEW | Source = Application Hang | ID = 1002
Description = Hanging application soffice.bin, version 2.3.9307.500, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ OSession Events ]
Error - 10/30/2008 1:10:48 PM | Computer Name = NEW | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/3/2008 11:49:37 PM | Computer Name = NEW | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/20/2012 1:12:45 PM | Computer Name = NEW | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.
Error - 6/20/2012 1:12:48 PM | Computer Name = NEW | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
iaStor
Error - 6/20/2012 1:13:01 PM | Computer Name = NEW | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 6/20/2012 1:13:03 PM | Computer Name = NEW | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 6/20/2012 1:14:59 PM | Computer Name = NEW | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 6/20/2012 1:16:21 PM | Computer Name = NEW | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm
Error - 6/20/2012 2:06:40 PM | Computer Name = NEW | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 6/20/2012 2:07:41 PM | Computer Name = NEW | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.
Error - 6/20/2012 2:07:47 PM | Computer Name = NEW | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 6/20/2012 2:09:09 PM | Computer Name = NEW | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips iaStor intelppm
< End of report >
_________________________________________________________________________________________