Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow running Laptop running on Windows XP [Closed] [Solved]


  • This topic is locked This topic is locked

#46
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
:surrender:
  • 0

Advertisements


#47
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
I can see the OTL images and writing, but nothing happens when I put my mouse on it..

Unless Ive missed something else...I couldnt detect it on the previous one either.

when you ask for two logs....is two created with OTL alone or do obtain another log from elsewhere ?
  • 0

#48
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
I suspect that the problems had been malware related in terms of how bad the computer had been running...

and as we did find a virus, it seemed to INITIALLY be working a lot better after I removed it and looged out and in again...( But I may had spoke too soon as I just had something else seem to slow up again and adobe crashed on some page that had been open..)

IT MAY also be down to low disc space s you did suggest..I also had a message yesterday come up saying virtual memory problem...I think it referred to low space...

Im NOT really sure what the difference is between RAM or VM and disc space ( 34 Gigs I suspect is storage for files etc)... and the other is to run the machine..

It may be that I have to create more space....

As I say though overall it does seem to be running better since I deleted that virus...

-----------------------

Are you sure that your problems with computer are malware related?
  • 0

#49
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Ok,

I can now see that I produced an OTL log at the start of when I asked for help...

So I do have it as a download.

I will try to rerun it..
  • 0

#50
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
When I ran OTL initially, I thought that it only produced one log...

Is this now a different scan that the code was entered ? that produces two logs..?

the File scan selection is only the 3rd down option "Use no company white list"...

where as during the initial scan when I 1st sent a log, there were others File scan options selected.


-----------------------
Please try to provide me with this two logs:

Posted Image OTL Custom Scan

Double click on the Posted Image icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top, make sure Stadard output is selected.
Select Scan all users
Under the Extra Registry section, check Use SafeList
Check the boxes beside LOP Check and Purity Check.
Under the Custom Scans/Fixes box copy and paste this in:
  • 0

#51
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Render,

I managed to run the OTL scan and I have emailed you the two log files.

I didnt want to post the logs on the forum..

Hope this is OK

Thank you..

OTL logfile created on: 13/07/2012 02:53:21 - Run 9
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\User\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.21 Mb Total Physical Memory | 100.43 Mb Available Physical Memory | 19.68% Memory free
1.97 Gb Paging File | 1.21 Gb Available in Paging File | 61.62% Paging File free
Paging file location(s): C:\pagefile.sys 1536 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.43 Gb Total Space | 1.56 Gb Free Space | 4.55% Space Free | Partition Type: NTFS

Computer Name: DGR76K1J | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/12 04:32:31 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/07/04 00:58:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL(1).exe
PRC - [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/12/06 20:02:06 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\880\g2mstart.exe
PRC - [2011/12/06 20:02:06 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\880\g2mlauncher.exe
PRC - [2011/12/06 20:02:06 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\880\g2mcomm.exe
PRC - [2011/07/03 05:00:58 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/05/22 01:38:17 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/05/22 01:38:13 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/01/14 16:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/23 10:49:16 | 002,652,056 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2008/12/11 16:58:44 | 000,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2007/06/13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/12 05:36:09 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/01/12 07:53:30 | 000,360,448 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\ZCfgSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/19 14:54:36 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/08/15 23:08:44 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/01/28 13:57:58 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2005/04/22 08:43:58 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetPrint.dll
MOD - [2005/04/22 08:43:32 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetScan.dll
MOD - [2005/04/22 08:42:36 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetImage.dll
MOD - [2005/04/22 08:42:18 | 000,028,672 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetPDF.dll
MOD - [2005/04/22 08:42:00 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetFunc.dll
MOD - [2005/02/28 15:57:40 | 000,075,264 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\DLBTPP5C.DLL
MOD - [2004/08/04 06:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\MSDMO.DLL
MOD - [2004/03/10 16:36:24 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\ConvDIB.dll
MOD - [2004/01/09 11:10:48 | 000,212,992 | ---- | M] () -- C:\WINDOWS\SYSTEM32\C1XStngs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/19 14:54:37 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/03 05:00:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/22 01:38:17 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2008/12/18 23:05:24 | 000,120,168 | ---- | M] (stumbleupon.com) [Disabled | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2008/12/11 16:58:44 | 000,146,800 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2005/06/10 18:56:54 | 000,073,728 | ---- | M] (EMC Dantz) [Disabled | Stopped] -- C:\Program Files\Dantz\Retrospect 7.0\retrorun.exe -- (RetroLauncher)
SRV - [2005/03/03 18:11:32 | 000,466,944 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\dlbtcoms.exe -- (dlbt_device)
SRV - [2004/02/25 11:55:34 | 001,123,440 | ---- | M] (America Online, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/01/09 11:11:36 | 000,303,171 | ---- | M] (Intel Corporation ) [Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/01/09 11:10:00 | 000,122,880 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\RegSrvc.exe -- (RegSrvc)
SRV - [2003/04/29 15:29:54 | 000,139,264 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\dwshd.sys -- (dwshd)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\PETERN~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2012/07/09 02:36:56 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2011/07/03 05:01:11 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011/07/03 05:01:11 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2010/01/14 16:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\TfSysMon.sys -- (TfSysMon)
DRV - [2010/01/14 16:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\TfFsMon.sys -- (TfFsMon)
DRV - [2010/01/14 16:08:28 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\TfNetMon.sys -- (TfNetMon)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/21 10:38:32 | 000,095,640 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pctplfw.sys -- (pctplfw)
DRV - [2008/12/18 12:16:56 | 000,073,840 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2008/12/11 08:38:22 | 000,159,600 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pctgntdi.sys -- (pctgntdi)
DRV - [2008/09/22 12:29:18 | 000,097,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pctfw.sys -- (SFilter)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2005/09/07 14:32:58 | 000,024,960 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/09/07 14:29:44 | 000,044,288 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/03/16 02:07:47 | 000,014,037 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/11/16 11:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/06/30 11:39:36 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/02/13 11:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2004/01/13 03:41:46 | 002,482,176 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys -- (w70n51) Intel®
DRV - [2004/01/09 10:49:52 | 000,010,970 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys -- (s24trans)
DRV - [2003/12/08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\alcaudsl.sys -- (alcaudsl)
DRV - [2003/11/13 19:21:16 | 000,197,120 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWICH.sys -- (HSFHWICH)
DRV - [2003/11/13 19:18:36 | 000,679,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/13 19:17:00 | 001,042,816 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://finance.group...oup/dowtimings/
IE - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://finance.group...up/dowtimings/"
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.29
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.9
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.28
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.6
FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components [2012/04/12 22:41:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/04/12 22:40:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 14:54:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/11 00:06:14 | 000,000,000 | ---D | M]

[2009/02/19 04:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2009/02/19 04:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2012/06/11 00:18:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ejftmv6o.default\extensions
[2011/02/10 01:07:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ejftmv6o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/11 00:14:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ejftmv6o.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/05/11 04:01:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ejftmv6o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/06/11 00:08:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/19 13:57:30 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\DOCUMENTS AND SETTINGS\User\APPLICATION DATA\FLOCK\BROWSER\PROFILES\2YE63TKW.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}
[2009/02/19 14:00:24 | 000,000,000 | ---D | M] (Web Developer) -- C:\DOCUMENTS AND SETTINGS\User\APPLICATION DATA\FLOCK\BROWSER\PROFILES\2YE63TKW.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}
[2009/02/19 13:55:35 | 000,000,000 | ---D | M] ("SearchStatus") -- C:\DOCUMENTS AND SETTINGS\User\APPLICATION DATA\FLOCK\BROWSER\PROFILES\2YE63TKW.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}
[2009/02/19 13:51:44 | 000,000,000 | ---D | M] ("SEO For Firefox") -- C:\DOCUMENTS AND SETTINGS\User\APPLICATION DATA\FLOCK\BROWSER\PROFILES\2YE63TKW.DEFAULT\EXTENSIONS\[email protected]
[2012/06/19 14:54:45 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/08 03:24:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/19 14:54:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/19 14:54:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\NPDRMV2.DLL
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\NPWMSDRM.DLL
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2011/06/23 17:11:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DLBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006..\Run: [GoToMeeting] C:\Program Files\Citrix\GoToMeeting\880\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4027630464-2353770844-1092200819-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.t...all/xscan60.cab (HouseCall Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/b...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.ca.com/US...nfo/webscan.cab (WScanCtl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08ADF72B-5FFB-432D-8149-FD2F7E19B8EB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC031CF5-6B46-4217-9334-06573C87DBFB}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\USERINIT.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\Sebring: DllName - (C:\WINDOWS\system32\LgNotify.dll) - C:\WINDOWS\SYSTEM32\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\DELL.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\DELL.BMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/09 02:36:56 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/07/08 23:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/08 23:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/07/08 23:41:21 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/08 23:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

========== Files - Modified Within 30 Days ==========

[2012/07/13 03:39:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/13 03:14:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2012/07/13 02:03:39 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/07/13 01:16:11 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/13 01:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/07/13 01:15:37 | 535,064,576 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/12 22:10:48 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/12 22:00:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/07/11 13:04:28 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/07/09 02:36:56 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/07/08 23:41:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/07 00:36:35 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/07/01 15:08:56 | 000,002,532 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Ray Arron.rtf
[2012/06/28 21:07:42 | 000,004,982 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Job interview.rtf
[2012/06/28 04:48:56 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Traffic Titan Order June 27th 2012.bmp
[2012/06/27 18:30:40 | 000,182,189 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Alex Shelton 10Mistakes.pdf
[2012/06/24 00:33:08 | 000,002,883 | ---- | M] () -- C:\Documents and Settings\User\My Documents\New Airport Security.rtf
[2012/06/15 16:39:03 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Doctors note 11th June 2012.bmp
[2012/06/15 15:24:00 | 000,000,725 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2012/06/14 04:18:45 | 000,003,594 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Escape from Alcatraz.rtf
[2012/06/14 03:44:43 | 000,007,404 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Garage sale millionaire.rtf

========== Files Created - No Company Name ==========

[2012/07/08 23:41:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/01 15:08:56 | 000,002,532 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Ray Arron.rtf
[2012/06/28 21:07:40 | 000,004,982 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Job interview.rtf
[2012/06/28 04:48:54 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Traffic Titan Order June 27th 2012.bmp
[2012/06/27 18:30:40 | 000,182,189 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Alex Shelton 10Mistakes.pdf
[2012/06/24 00:32:10 | 000,002,883 | ---- | C] () -- C:\Documents and Settings\User\My Documents\New Airport Security.rtf
[2012/06/15 15:12:55 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Doctors note 11th June 2012.bmp
[2012/06/14 04:18:45 | 000,003,594 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Escape from Alcatraz.rtf
[2012/06/14 03:44:41 | 000,007,404 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Garage sale millionaire.rtf
[2012/01/18 19:38:14 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\User\GoToAssistDownloadHelper.exe
[2012/01/14 18:09:21 | 000,160,464 | ---- | C] () -- C:\WINDOWS\Money Detector X Uninstaller.exe
[2011/06/25 00:31:36 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\User\g2mdlhlpx.exe
[2011/05/25 15:34:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbtinsb.dll
[2011/05/25 15:34:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dlbtcub.dll
[2011/05/23 04:54:51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/05/23 04:54:42 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/04/02 23:22:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/02 23:22:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/02 23:22:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/02 23:22:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/02 23:22:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/08 13:05:27 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\housecall.guid.cache
[2010/08/08 12:55:51 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\uti2mzq1.sys
[2010/07/10 20:23:22 | 000,092,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/03/25 05:55:59 | 001,075,840 | ---- | C] () -- C:\Program Files\Google Updater.exe
[2008/08/22 18:48:22 | 000,104,416 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\Open Source Software Bundle Installer2.exe
[2006/05/11 01:22:03 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
[2005/09/12 06:17:19 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/05/14 04:55:10 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\User\Application Data\dm.ini
[2005/03/27 15:01:37 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\User\Application Data\QSPMShare

========== LOP Check ==========

[2008/05/26 17:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Channel4
[2006/02/19 03:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2005/04/24 13:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2009/03/26 22:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2005/11/27 00:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2012/07/13 01:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/03/16 02:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/12/23 21:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/02/02 08:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Any Video Converter
[2006/12/28 22:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CoffeeCup Software
[2011/04/20 23:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\eBookPro6
[2010/09/28 21:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FileZilla
[2009/02/19 04:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Flock
[2011/05/02 04:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FLV.com FLV PLayer
[2011/05/02 04:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FreeFLVConverter
[2008/04/26 04:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HouseCall 6.6
[2009/03/19 07:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\KompoZer
[2005/12/09 22:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2006/05/11 01:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NASA
[2008/06/18 03:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nvu
[2008/08/22 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OSI
[2009/03/31 08:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PCToolsFirewallPlus
[2012/01/16 03:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\redsn0w
[2009/03/12 06:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\StumbleUpon
[2005/03/27 15:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Template
[2005/05/29 21:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Tesco
[2006/02/13 14:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Thunderbird
[2009/09/23 03:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2008/05/31 19:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Viewpoint
[2012/07/13 03:14:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 12:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2007/06/13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\SYSTEM32\DLLCACHE\explorer.exe
[2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\I386\SVCHOST.EXE
[2009/03/13 12:16:20 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\erdnt\cache\SVCHOST.EXE
[2009/03/13 12:16:20 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\SYSTEM32\DLLCACHE\svchost.exe
[2009/03/13 12:16:20 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\SYSTEM32\SVCHOST.EXE

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\I386\USERINIT.EXE
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\erdnt\cache\USERINIT.EXE
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\SYSTEM32\DLLCACHE\userinit.exe
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\SYSTEM32\USERINIT.EXE
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\I386\WINLOGON.EXE
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\erdnt\cache\WINLOGON.EXE
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SYSTEM32\DLLCACHE\winlogon.exe
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SYSTEM32\WINLOGON.EXE
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe

< %systemroot%\*. /mp /s >

< %Temp%\smtmp\*.* /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2004/03/18 07:56:02 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2004/03/18 07:56:02 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2004/03/18 07:56:02 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2004/03/18 07:56:36 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/19 14:54:14 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/19 14:54:14 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/19 14:54:14 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Flock\uninstall\helper.exe" /HideShortcuts [2008/12/16 22:07:48 | 000,516,836 | ---- | M] (Flock Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Flock\uninstall\helper.exe" /ShowShortcuts [2008/12/16 22:07:48 | 000,516,836 | ---- | M] (Flock Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Flock\uninstall\helper.exe" /SetAsDefaultAppGlobal [2008/12/16 22:07:48 | 000,516,836 | ---- | M] (Flock Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\shell\open\command\\: C:\PROGRA~1\FLOCK\FLOCK.EXE [2008/12/16 22:07:46 | 000,116,024 | ---- | M] (Flock, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\shell\properties\command\\: C:\PROGRA~1\FLOCK\FLOCK.EXE -preferences [2008/12/16 22:07:46 | 000,116,024 | ---- | M] (Flock, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\shell\safemode\command\\: C:\PROGRA~1\FLOCK\FLOCK.EXE -safe-mode [2008/12/16 22:07:46 | 000,116,024 | ---- | M] (Flock, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004/08/04 06:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004/08/04 06:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004/08/04 06:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2004/08/04 06:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2004/03/18 07:56:02 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2004/03/18 07:56:02 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2004/03/18 07:56:02 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2004/03/18 07:56:36 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/19 14:54:14 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/19 14:54:14 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/19 14:54:14 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/19 14:54:40 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Flock\uninstall\helper.exe" /HideShortcuts [2008/12/16 22:07:48 | 000,516,836 | ---- | M] (Flock Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Flock\uninstall\helper.exe" /ShowShortcuts [2008/12/16 22:07:48 | 000,516,836 | ---- | M] (Flock Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Flock\uninstall\helper.exe" /SetAsDefaultAppGlobal [2008/12/16 22:07:48 | 000,516,836 | ---- | M] (Flock Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\shell\open\command\\: C:\PROGRA~1\FLOCK\FLOCK.EXE [2008/12/16 22:07:46 | 000,116,024 | ---- | M] (Flock, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\shell\properties\command\\: C:\PROGRA~1\FLOCK\FLOCK.EXE -preferences [2008/12/16 22:07:46 | 000,116,024 | ---- | M] (Flock, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FLOCK.EXE\shell\safemode\command\\: C:\PROGRA~1\FLOCK\FLOCK.EXE -safe-mode [2008/12/16 22:07:46 | 000,116,024 | ---- | M] (Flock, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004/08/04 06:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004/08/04 06:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004/08/04 06:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2004/08/04 06:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >


OTL Extras logfile created on: 13/07/2012 02:53:21 - Run 9
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\User\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.21 Mb Total Physical Memory | 100.43 Mb Available Physical Memory | 19.68% Memory free
1.97 Gb Paging File | 1.21 Gb Available in Paging File | 61.62% Paging File free
Paging file location(s): C:\pagefile.sys 1536 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.43 Gb Total Space | 1.56 Gb Free Space | 4.55% Space Free | Partition Type: NTFS

Computer Name: DGR76K1J | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-4027630464-2353770844-1092200819-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\PROGRA~1\COFFEE~1\coffee.exe" "%1" (CoffeeCup Software)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Tesco internet phone\TescoIP.exe" = C:\Program Files\Tesco internet phone\TescoIP.exe:*:Enabled:Tesco internet phone -- ()
"C:\Documents and Settings\User\Desktop\utorrent.exe" = C:\Documents and Settings\User\Desktop\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{2C351DB8-E088-41A2-9BF0-113727FBB697}" = Intel® PROSet
"{2CB511DF-AD50-4087-8934-8ACE54DE4FC1}" = BT Openworld Dell Signup
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0
"{32A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java™ SE Development Kit 6 Update 24
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM [email protected] 800-840
"{5339885F-4597-4343-BD3B-74280CC79424}" = ArcSoft VideoImpression 2
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A9AA2C0-972F-4239-AA41-E409434194D5}" = MobileMe Control Panel
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{77312684-D3DF-4E00-A583-813FF9FFB4FB}" = G15A922EN
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AFF8387B-A958-48F8-9E1C-2E9485A1985A}" = Retrospect 7.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CD9865-DE3D-4F97-8D78-525CA990E8F3}" = Lead Evolution 2.3 Elite
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CDE4CC8B-134B-421E-943C-90799E56F664}" = Dell Media Experience Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{DF821FC5-C198-452B-A0D4-82433EFEAE9B}" = OneCare Advisor (Windows Live Toolbar)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC90EAE9-0E03-44A1-BF36-0B670B8B8E19}" = CoffeeCup Direct FTP
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AdobeESD" = Adobe Download Manager 2.2 (Remove Only)
"America Online uk" = AOL UK (Choose which version to remove)
"Any Video Converter_is1" = Any Video Converter 2.7.0
"AOL Connectivity Services" = AOL Connectivity Services
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"AOLCoach uk" = AOL Coach Version 1.0(Build:20040201.2 uk)
"Audacity_is1" = Audacity 1.2.6
"AutoGK" = Auto Gordian Knot 2.45
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.9x Modem
"CoffeeCup HTML Editor 2006" = CoffeeCup HTML Editor 2006
"CoverFactory 2.10_is1" = CoverFactory 2.10
"Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922
"DellSupport" = Dell Support 5.0.0 (630)
"DT4" = Dynamic Traders Group, Inc. DT4 .69
"eBook Maestro FREE_is1" = eBook Maestro FREE 1.80
"EbooksReader_f_e.exe" = Visual Vision EbooksReader_f_e
"eCover Engineer v3.02 FREE ecovers pack_is1" = eCover Engineer v3.02 ecovers pack
"eCover Engineer_is1" = eCover Engineer v3.02
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"EsetOnlineScanner" = ESET Online Scanner
"FileZilla Client" = FileZilla Client 3.3.4.1
"Flock (2.0.3)" = Flock (2.0.3)
"FLV.com FLV Downloader_is1" = FLV Downloader V 6.96.0
"FLV.com FLV PLayer_is1" = FLV.com FLV PLayer V 1.1
"Gannalyst Professional 5.0_is1" = Gannalyst Professional 5.0
"getPlus®_ocx" = getPlus®_ocx
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money Detector X" = Money Detector X
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"Mozilla Thunderbird (1.5)" = Mozilla Thunderbird (1.5)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NASA World Wind 1.3" = NASA World Wind 1.3
"Nvu_is1" = Nvu 1.0
"Office8.0" = Microsoft Office 97, Professional Edition
"PC Tools Firewall Plus" = PC Tools Firewall Plus 5.0
"PDF Power Brand_is1" = PDF Power Brand
"Police Letters_is1" = Police Letters
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Scott's Box Shot Maker" = Scott's Box Shot Maker
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"StreetPlugin" = Learn2 Player (Uninstall Only)
"StumbleUponIEToolbar" = StumbleUpon IE Toolbar
"Tesco internet phone_is1" = Tesco internet phone
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"ViewpointMediaPlayer" = Viewpoint Media Player
"VisualVision_EbooksWriterLITE_e.exe" = Visual Vision EbooksWriterLITE_e
"VobSub" = VobSub v2.23 (Remove Only)
"Web_Edit_1.0" = 123 WysiWyg HTML Editor 2.17
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4027630464-2353770844-1092200819-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Audio/Video Conference" = Audio/Video Conference 4.1+
"f031ef6ac137efc5" = Dell Driver Download Manager
"GoToMeeting" = GoToMeeting 5.2.0.952
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19/06/2012 21:37:44 | Computer Name = DGR76K1J | Source = Application Error | ID = 1000
Description = Faulting application TFService.exe, version 4.10.1.14, faulting module
ntdll.dll, version 5.1.2600.3520, fault address 0x00010717.

Error - 20/06/2012 23:23:04 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 25/06/2012 19:11:00 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 06/07/2012 11:06:43 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 06/07/2012 19:47:21 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 06/07/2012 23:56:07 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/07/2012 16:22:21 | Computer Name = DGR76K1J | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 13.0.1.4548, faulting
module xul.dll, version 13.0.1.4548, fault address 0x009c72c0.

Error - 08/07/2012 22:24:17 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.60.0.80, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/07/2012 14:35:36 | Computer Name = DGR76K1J | Source = Application Hang | ID = 1002
Description = Hanging application TescoIP.exe, version 1.1.4.3722, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/07/2012 19:15:36 | Computer Name = DGR76K1J | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

[ System Events ]
Error - 12/07/2012 20:03:29 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 12/07/2012 20:03:29 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/07/2012 20:03:38 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).

Error - 12/07/2012 20:17:59 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%2

Error - 12/07/2012 20:20:47 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 12/07/2012 20:20:47 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 12/07/2012 20:21:22 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 12/07/2012 20:21:54 | Computer Name = DGR76K1J | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service iPod Service
with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error - 12/07/2012 20:21:58 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the iPod Service service
to connect.

Error - 12/07/2012 20:21:58 | Computer Name = DGR76K1J | Source = Service Control Manager | ID = 7000
Description = The iPod Service service failed to start due to the following error:
%%1053


< End of report >
  • 0

#52
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

I sent you an email. Please check it and reply.
  • 0

#53
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Hi Render,

I just replied by email...

If you have already removed them...then ok post it, but id ask if it can be removed if some still show up to it has been amended..

I Just leave "P" instead of the name saves writing user each time..

Otherwise I will repost new amended logs...

thank you
  • 0

#54
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OTL logs shows nothing malicious. There are some programs which I recommend you to remove like a Napster (still using it?), Spybot - Search & Destroy (is obsolete and you are using Malwarebytes Antimalware which is much better).

We will try to speed up your machine with so called clean boot. Please follow the steps below:

To start Windows XP with a clean boot, follow these steps:

Step 1

  • Click Start, click Run, type msconfig, and then click OK.
  • The System Configuration Utility dialog box is displayed.
Step 2

  • In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
  • Click to clear the Process SYSTEM.INI File check box.
  • Click to clear the Process WIN.INI File check box.
  • Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
  • Click the Services tab.
  • Click to select the Hide All Microsoft Services check box.
  • Click Disable All, and then click OK.
  • When you are prompted, click Restart to restart the computer.

Now test your computer and tell me if there is any improvement in performance.
  • 0

#55
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Hi Render,

That seems very good if you found nothing malicious :thumbsup:

I will follow your next steps..hopefully shortly...

The one thing that Im not sure about is the Virtual memory or RAM space...and
if my disc is too full that maybe its not allowing things to operate as they should.

I keep getting regular crashes on adobe flash for something that run on video or java....

Hopefully we did get rid of that virus yesterday...and my machine was running better... but today its had patches of running poorly at times...

sometimes it may be doing things like updating files somewhere and maybe this slows the computer down at times..with so many things on the machine maybe this is why it cannot handle it..

Hope to do the next step soon..
  • 0

Advertisements


#56
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Hi Render,

When I do the next step, when you suggest step to clear load start up items..

Is this to stop certain processes upon starting my machine ?

I do have certain things that do pop up that I would certainly be happy if I could prevent them such as I have two wizard boxes open up for some reason that
I do not know how they came about...they can at times take a long time to open up.. and I have to wait for them to do so before cancelling them to continue loading the machine up...

I get several update icons also appear on start up..


----------------------------------------------
We will try to speed up your machine with so called clean boot. Please follow the steps below:

To start Windows XP with a clean boot, follow these steps:

Step 1

Click Start, click Run, type msconfig, and then click OK.
The System Configuration Utility dialog box is displayed.


Step 2

In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
Click to clear the Process SYSTEM.INI File check box.
Click to clear the Process WIN.INI File check box.
Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
Click the Services tab.
Click to select the Hide All Microsoft Services check box.
Click Disable All, and then click OK.
When you are prompted, click Restart to restart the computer.
  • 0

#57
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Can I just try and check that I understand some of the instructions below.

A diagram would help if I could/should post it..

Im not sure If Im clicking to tick some of the boxes or to untick ( or uncheck ) some....

I say this as some are already ticked and some are not..

Im not sure if I am CLEAR-ing the ticks in the boxes...or ticking them within the check boxes to clear the process from taking place....

Ill have to try carefully to fully understand...I may post an attachment.

-----------------



Step 2

In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
Click to clear the Process SYSTEM.INI File check box.
Click to clear the Process WIN.INI File check box.
Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
Click the Services tab.
Click to select the Hide All Microsoft Services check box.
Click Disable All, and then click OK.
When you are prompted, click Restart to restart the computer.
  • 0

#58
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Im attaching a image GIF that shows what happens if I click certain boxes.

Im not sure exactly which I click or TICK or UNTICK to either enable / activate processes or IF showing NO TICK disables a process...or allows it to activate..

On the services tab...if I click the box indicated "Hide all Microsoft Services"

it GREYS OUT the other option to disable...

IF I do not tick that box I seem to be able to click the disable box option.

At the same time some of the boxes inside the boxes already ticked and some are not..

sorry If I am confused....but Im not sure if I miss a box tick or untick somewhere I may mess up the process...

my interpretation to understand may be wrong...
  • 0

#59
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
If check is in box besides service then service is enabled. If not service is disabled. Sounds logical.:whistling:
  • 0

#60
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 490 posts
Posted Image

so on step 2 in the details shown below am i ticking to enable or disable...

do I place a tick in all 4 boxes...or just box 1,2 and 4

my logic is having some mental block at the moment im affraid :blink:


If check is in box besides service then service is enabled. If not service is disabled. Sounds logical


In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
Click to clear the Process SYSTEM.INI File check box.
Click to clear the Process WIN.INI File check box.
Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP