Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

old timer otl [Closed]

Started by gailrannekara , Jun 28 2012 02:14 PM

  • This topic is locked This topic is locked

#1
gailrannekara
Posted 28 June 2012 - 02:14 PM

gailrannekara

    New Member

  • Member
  • Pip
  • 2 posts
what do i do with the otl log plz?
need help in analyzing the log
thank you very much,
gail
  • 0

Advertisements

#2
Essexboy
Posted 28 June 2012 - 02:55 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi Gail

If you could post the log here along with the symptoms you are experiencing I will help
  • 0

#3
gailrannekara
Posted 29 June 2012 - 02:04 AM

gailrannekara

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
that would be wonderful

my computer seems to just shut down all by itself, whenever it chooses 2 any & all help would b much appreciated tyvm ")

TL logfile created on: 6/28/2012 12:47:02 PM - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\Gail Rothert\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.42 Mb Total Physical Memory | 270.07 Mb Available Physical Memory | 52.81% Memory free
1.25 Gb Paging File | 0.92 Gb Available in Paging File | 74.04% Paging File free
Paging file location(s): C:\pagefile.sys 798 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 7.70 Gb Free Space | 20.66% Space Free | Partition Type: NTFS

Computer Name: GAIL | User Name: Gail Rothert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/28 12:46:32 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gail Rothert\My Documents\Downloads\OTL.exe
PRC - [2012/06/05 00:48:04 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/06 04:49:49 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/05 00:48:04 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
MOD - [2012/03/06 04:49:48 | 000,429,040 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppgooglenaclpluginchrome.dll
MOD - [2012/03/06 04:49:46 | 003,772,912 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
MOD - [2012/03/06 04:48:22 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\avutil-51.dll
MOD - [2012/03/06 04:48:20 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\avformat-53.dll
MOD - [2012/03/06 04:48:19 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\avcodec-53.dll
MOD - [2012/03/06 01:25:19 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2008/06/13 15:17:30 | 000,049,152 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WlanDll.dll
MOD - [2007/09/14 10:27:14 | 000,024,576 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\CheckSessions.dll
MOD - [2006/12/15 11:30:38 | 000,966,765 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/05/04 13:41:22 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2001/08/17 15:36:54 | 000,086,016 | ---- | M] (PCtel, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Internet Explorer\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCTBD.sys -- (PCTBD)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (NDISRD)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\GAILRO~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2012/04/28 13:17:26 | 000,016,208 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012/04/28 13:17:22 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/01/05 18:07:40 | 000,246,816 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2010/11/26 18:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/07/31 07:12:18 | 000,341,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2008/04/13 11:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 11:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/12/05 14:53:44 | 000,110,848 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uts_mdm.sys -- (uts_mdm)
DRV - [2007/12/05 14:53:44 | 000,090,880 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uts_serd.sys -- (uts_serd) UTStarcom USB Diagnostic Serial Port (WDM)
DRV - [2007/12/05 14:53:44 | 000,084,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uts_bus.sys -- (uts_bus) UTStarcom USB Composite Device driver (WDM)
DRV - [2007/12/05 14:53:44 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uts_mdfl.sys -- (uts_mdfl)
DRV - [2004/08/04 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 15:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 15:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 15:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 15:29:46 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 15:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 15:29:46 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 15:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 15:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 15:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 15:29:42 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 15:29:40 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 15:29:40 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 15:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 15:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 15:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 15:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2003/12/03 17:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2002/10/15 00:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\IdeChnDr.sys -- (IdeChnDr) Intel®
DRV - [2002/10/15 00:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001/09/26 21:32:38 | 000,285,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2001/09/26 20:23:00 | 000,032,592 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2001/09/26 20:22:40 | 000,011,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2001/09/26 20:22:34 | 000,011,280 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2001/09/26 20:21:00 | 000,065,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2001/09/26 20:20:06 | 000,032,336 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2001/08/17 06:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vpctcom.sys -- (Vpctcom)
DRV - [2001/08/17 06:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vvoice.sys -- (Vvoice)
DRV - [2001/08/17 06:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmodem.sys -- (Vmodem)
DRV - [2001/08/17 06:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 8E D1 53 29 55 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {05F75895-2F7B-49E5-AF33-909345AA226E}
IE - HKCU\..\SearchScopes\{05F75895-2F7B-49E5-AF33-909345AA226E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/18 06:07:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/19 15:51:00 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: DocuCom PDF Plus (Enabled) = C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/06/28 11:18:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3B419EE1-1FA8-47B9-9AEC-6B60AC2E3FCA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - Startup: C:\Documents and Settings\Gail Rothert\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard [2010/02/11 16:01:33 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windows] http in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Reader's%20Digest%20Word%20Power/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1340474753390 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340474739156 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A564D4CF-92F7-44D5-8628-BEF680320203}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/18 07:44:40 | 000,000,002 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/03/14 00:15:04 | 000,000,061 | ---- | M] () - C:\autoexec.plu -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/28 11:38:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/28 10:45:07 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/06/28 10:04:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/06/28 10:00:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/06/28 10:00:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/06/28 10:00:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/06/28 10:00:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/06/28 09:59:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/28 09:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/06/28 09:59:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/06/28 04:56:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gail Rothert\Recent
[2012/06/28 03:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/28 03:54:45 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/23 02:51:55 | 000,000,000 | ---D | C] -- C:\126b70dd889726b6571fe8
[2012/06/15 18:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Powertoys for Windows XP
[2012/06/14 22:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gail Rothert\My Documents\mark
[2012/06/14 22:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gail Rothert\My Documents\hospice
[2012/06/14 22:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gail Rothert\My Documents\Mercy Me the hurt and the Healer 5-2012
[2012/06/14 04:53:28 | 000,000,000 | ---D | C] -- C:\f2c3d69e727e1daecbfffa
[2012/06/08 08:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Live Add-in
[2012/06/08 08:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/06/08 06:48:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/06/08 06:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gail Rothert\Application Data\FLEXnet
[2012/06/01 16:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/24 21:05:42 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008/10/05 17:15:33 | 000,382,352 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/28 12:50:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{240F3079-5B1E-470B-BE42-4F043A8D9862}.job
[2012/06/28 11:33:41 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2012/06/28 11:33:38 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1078145449-725345543-1004.job
[2012/06/28 11:33:35 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\Google Chrome.job
[2012/06/28 11:33:28 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/28 11:18:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/28 11:18:16 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/28 10:04:59 | 000,000,332 | RHS- | M] () -- C:\boot.ini
[2012/06/28 05:54:15 | 000,597,807 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Desktop\Treating Wounds and Reducing Wound Pain.mht
[2012/06/28 03:54:48 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/26 15:48:35 | 000,536,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/26 15:48:35 | 000,110,082 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/25 14:58:29 | 000,014,080 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Desktop\aunt Grace & John turning 90 GOD bless her xoxo.jpg
[2012/06/23 10:13:19 | 000,000,216 | ---- | M] () -- C:\Boot.bak
[2012/06/18 15:45:26 | 000,026,813 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Desktop\hot air balloon.jpg
[2012/06/18 01:18:52 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1078145449-725345543-1004.job
[2012/06/17 13:41:45 | 008,781,794 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\My Documents\The Hurt and The Healer-Mercy Me.mp3
[2012/06/16 06:39:41 | 000,000,082 | ---- | M] () -- C:\WINDOWS\MPLAYER.INI
[2012/06/15 16:34:54 | 000,243,862 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Desktop\form.pdf
[2012/06/15 09:22:47 | 008,845,079 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _You're Beautiful_ (Live).mp3
[2012/06/15 09:21:41 | 009,371,159 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _The Hurt & The Healer_ Official Music Video.mp3
[2012/06/15 09:10:20 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/15 09:04:00 | 011,835,577 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _You're Beautiful_ (Live).flv
[2012/06/15 09:01:27 | 012,896,949 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _The Hurt & The Healer_ Official Music Video.flv
[2012/06/14 21:08:12 | 000,073,260 | ---- | M] () -- C:\WINDOWS\System32\perfmon.msc
[2012/06/14 18:45:00 | 000,000,126 | ---- | M] () -- C:\WINDOWS\System32\mmc.exe.config
[2012/06/14 12:58:57 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/14 12:02:40 | 000,393,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/08 06:05:01 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2012/06/07 01:12:31 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2012/06/01 16:33:57 | 003,249,810 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\My Documents\pup pup.mov
[2012/05/31 12:32:32 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\Gail Rothert\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/28 10:04:58 | 000,000,216 | ---- | C] () -- C:\Boot.bak
[2012/06/28 10:04:51 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/06/28 10:00:23 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/28 10:00:23 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/28 10:00:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/06/28 10:00:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/06/28 10:00:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/06/28 05:54:12 | 000,597,807 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Desktop\Treating Wounds and Reducing Wound Pain.mht
[2012/06/28 03:54:48 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/25 14:58:57 | 000,014,080 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Desktop\aunt Grace & John turning 90 GOD bless her xoxo.jpg
[2012/06/18 15:45:47 | 000,026,813 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Desktop\hot air balloon.jpg
[2012/06/17 13:40:32 | 008,781,794 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\My Documents\The Hurt and The Healer-Mercy Me.mp3
[2012/06/17 13:30:22 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1078145449-725345543-1004.job
[2012/06/17 13:30:21 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1078145449-725345543-1004.job
[2012/06/15 18:51:56 | 000,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2012/06/15 16:40:29 | 000,243,862 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Desktop\form.pdf
[2012/06/15 09:14:58 | 008,845,079 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _You're Beautiful_ (Live).mp3
[2012/06/15 09:13:45 | 009,371,159 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _The Hurt & The Healer_ Official Music Video.mp3
[2012/06/15 09:00:46 | 011,835,577 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _You're Beautiful_ (Live).flv
[2012/06/15 08:58:01 | 012,896,949 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\My Documents\MercyMe - _The Hurt & The Healer_ Official Music Video.flv
[2012/06/14 18:45:00 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config
[2012/06/14 12:58:57 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/14 12:58:57 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Start Menu\Programs\Internet Explorer.lnk
[2012/06/10 16:50:51 | 000,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib
[2012/06/10 16:50:51 | 000,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib
[2012/06/10 16:50:51 | 000,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib
[2012/06/10 16:50:51 | 000,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib
[2012/06/10 16:50:51 | 000,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib
[2012/06/10 16:50:51 | 000,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib
[2012/06/10 16:50:50 | 000,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib
[2012/06/10 16:50:50 | 000,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib
[2012/06/10 16:50:50 | 000,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib
[2012/06/10 16:50:50 | 000,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib
[2012/06/10 16:50:50 | 000,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib
[2012/06/10 16:50:50 | 000,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib
[2012/06/10 16:50:50 | 000,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib
[2012/06/10 16:50:50 | 000,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib
[2012/06/10 16:50:50 | 000,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib
[2012/06/10 16:50:50 | 000,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib
[2012/06/10 16:50:49 | 000,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib
[2012/06/08 07:45:37 | 000,000,436 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{240F3079-5B1E-470B-BE42-4F043A8D9862}.job
[2012/06/08 06:05:06 | 000,000,326 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2012/06/08 06:01:03 | 003,249,810 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\My Documents\pup pup.mov
[2012/06/07 01:12:31 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2012/06/05 05:39:19 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\Google Chrome.job
[2012/03/26 06:20:42 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2012/02/20 00:24:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/14 20:32:30 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Application Data\mcs.rma
[2011/11/08 03:00:11 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll1137.old
[2011/09/11 19:23:02 | 000,000,017 | ---- | C] () -- C:\WINDOWS\System32\shortcut_ex.dat
[2011/06/07 06:43:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\tony
[2011/01/30 02:19:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\existcheck
[2011/01/24 20:40:47 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Application Data\ViewerApp.dat
[2010/06/06 05:23:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\prvlcl.dat
[2009/10/28 09:09:04 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\CommandDispatchers.xml
[2009/10/28 09:09:00 | 000,001,368 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\cleaner-config.xml
[2009/07/28 03:10:22 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Application Data\burnaware.ini
[2009/06/14 04:27:19 | 010,444,800 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2009/01/31 23:34:29 | 000,006,994 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\updater.html
[2008/10/11 19:57:49 | 004,584,376 | ---- | C] () -- C:\Program Files\Shockwave_Installer_Slim.exe.backup_file
[2008/10/05 18:31:49 | 004,584,376 | ---- | C] () -- C:\Program Files\Shockwave_Installer_Slim.exe
[2008/10/05 18:17:12 | 003,060,121 | ---- | C] () -- C:\Program Files\OOo_2.4.1_Win32Intel_install_wJRE_en-US.exe
[2008/10/04 19:11:27 | 000,000,095 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Application Data\sversion.ini
[2008/09/22 19:04:39 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Gail Rothert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009/01/03 22:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\15222
[2009/01/03 22:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\82FD
[2010/09/26 13:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/02/12 12:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Artificial Dynamics
[2008/09/27 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2009/10/30 21:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2011/03/01 09:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/02/06 06:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009/03/14 22:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2011/07/19 19:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2009/01/26 01:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY
[2009/01/26 01:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software(2)
[2008/09/19 12:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/11/15 06:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/09/25 02:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Escape From Paradise
[2009/09/05 07:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008/10/07 11:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend
[2010/03/15 13:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2008/10/09 14:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2011/10/30 03:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2012/03/14 06:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/09/04 15:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2011/11/10 01:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2009/03/01 23:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Joyboost
[2012/02/06 06:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/08/30 15:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/02/12 00:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2010/05/21 03:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2009/01/01 23:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/07/11 01:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/06/29 03:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2009/01/09 03:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2009/07/02 20:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Softland
[2011/11/07 09:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2008/09/25 02:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2009/07/16 01:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sync App Settings
[2011/04/09 23:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/08/23 05:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/08/26 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2009/06/23 00:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2012/04/14 00:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2012/06/15 08:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter
[2008/09/26 01:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/11/15 05:42:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/04/20 02:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/08/02 23:48:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2008/09/27 16:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Ashampoo
[2011/04/20 08:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Avanquest
[2011/11/08 01:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\AVG
[2010/11/15 06:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\AVG10
[2011/04/20 08:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Azureus
[2009/02/09 02:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\BizFormBar
[2008/10/16 17:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Canneverbe_Limited
[2009/11/01 02:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\CasinoOnNet
[2009/08/13 19:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Clipdiary
[2008/12/29 08:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/04/30 09:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Daoisoft
[2008/10/10 12:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Deskperience
[2009/07/02 01:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\EA
[2011/02/28 16:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\FreeBurner
[2010/01/18 02:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\funkitron
[2008/10/07 11:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\GameBlend
[2011/01/29 17:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\GameHouse
[2011/06/29 04:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\GetRightToGo
[2012/06/08 06:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\GlarySoft
[2009/03/31 00:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\GrabPro
[2009/05/31 15:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Hallmark
[2009/08/16 19:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\HTML Executable
[2009/11/01 02:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\IEPro
[2012/01/16 03:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\IObit
[2011/05/10 10:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\iWin
[2008/09/23 23:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Leadertech
[2009/11/01 02:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\LimeWire
[2009/07/20 20:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\MiniDm
[2011/04/09 21:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Mysteryville2
[2012/06/28 09:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Nuance
[2009/11/01 02:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Orbit
[2011/11/08 03:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\PCTools
[2008/09/23 06:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\pixelStorm
[2009/11/01 02:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\PlayFirst
[2009/08/30 19:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Playrix Entertainment
[2009/03/14 00:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\RapidTyping
[2009/06/16 22:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Readonweb
[2010/08/16 00:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Registry Mechanic
[2009/06/06 15:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Seven Zip
[2009/02/22 23:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Skip-Bo
[2011/04/20 08:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Smith Micro
[2011/11/08 13:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\SoftGrid Client
[2009/07/02 20:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Softland
[2009/08/25 11:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Software Informer
[2009/10/24 02:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\SpinTop
[2009/11/01 02:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\StumbleUpon
[2011/11/07 06:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\TestApp
[2009/11/17 04:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Tific
[2009/10/24 02:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Titanium Gears
[2011/07/13 00:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\TP
[2010/11/15 05:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\TuneUp Software
[2009/06/08 19:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Ubisoft
[2010/08/16 00:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Uniblue
[2009/06/08 05:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\VCOMAntiSpam
[2009/08/13 09:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Wildfire
[2009/07/06 02:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\XnView
[2009/03/08 02:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Yatec Games
[2012/03/26 17:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gail Rothert\Application Data\Zeon
[2012/06/28 11:33:41 | 000,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2012/06/28 12:15:05 | 000,032,638 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2012/06/28 12:55:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{240F3079-5B1E-470B-BE42-4F043A8D9862}.job

========== Purity Check ==========



< End of report >
er is chooses
  • 0

#4
Essexboy
Posted 29 June 2012 - 06:35 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a lot showing at this level.. What is the Antivirus that you are using ?

When the system restarts is it at any particular time ? I.e. after the system has been running for 30 minutes or when you use a specific programme

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3B419EE1-1FA8-47B9-9AEC-6B60AC2E3FCA} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
    [2009/01/03 22:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\15222
    [2009/01/03 22:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\82FD
    [2010/09/26 13:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2011/03/01 09:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
    [2012/02/06 06:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
Essexboy
Posted 02 July 2012 - 10:44 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP