Hello Essexboy,
Thanks for helping with this. The first time I ran OTL.exe the computer locked up. I think Avast AV was the problem so I disabled it and ran OTL again successfully. By post I think you meant to copy and paste the logs, right? Here they are then:___________________________________________________________
OTL logfile created on: 7/19/2012 10:23:48 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Barb\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.64% Memory free
3.85 Gb Paging File | 3.49 Gb Available in Paging File | 90.60% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.21 Gb Total Space | 21.01 Gb Free Space | 31.25% Space Free | Partition Type: NTFS
Computer Name: D24F9X81 | User Name: Barb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/07/19 22:02:16 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barb\Desktop\OTL.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/06/27 13:01:14 | 000,096,768 | ---- | M] (Freemake) -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/05 20:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Common Files\Nuance\dgnsvc.exe
PRC - [2010/09/13 16:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
PRC - [2010/04/05 15:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010/03/24 21:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/16 19:39:28 | 000,431,456 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/21 12:19:58 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/02/21 12:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/02/21 12:17:42 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/02/21 12:13:26 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/02/16 12:58:12 | 000,856,064 | ---- | M] (Christian Diefer) -- C:\Program Files\I8kfanGUI\I8kfanGUI.exe
PRC - [2006/11/30 19:49:06 | 000,397,312 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2005/09/01 19:24:08 | 000,684,032 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2004/09/13 12:33:20 | 000,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/08/19 10:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
========== Modules (No Company Name) ========== MOD - [2012/07/19 16:12:07 | 001,784,320 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12071902\algo.dll
MOD - [2012/07/06 19:07:21 | 018,058,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
MOD - [2012/07/06 19:04:32 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
MOD - [2012/07/06 19:04:32 | 000,148,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
MOD - [2012/07/06 19:04:26 | 001,925,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dbe597aa9c12df5d08fb2f3f9872b834\System.Web.Services.ni.dll
MOD - [2012/07/06 19:04:04 | 001,021,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/07/06 19:04:01 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
MOD - [2012/07/06 19:03:59 | 002,647,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012/07/06 18:12:19 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/07/06 18:12:11 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/07/06 18:11:52 | 007,069,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/07/06 18:11:37 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/07/06 18:10:23 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2010/04/05 15:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2007/02/21 12:13:02 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/10/17 17:13:20 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/09/01 19:24:08 | 000,684,032 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe
MOD - [2005/07/26 20:46:42 | 000,069,632 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2005/06/29 14:44:42 | 000,090,223 | ---- | M] () -- C:\Program Files\Dell\QuickSet\preflibcl.dll
========== Win32 Services (SafeList) ========== SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/27 13:01:14 | 000,096,768 | ---- | M] (Freemake) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012/04/26 11:41:37 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/06/05 20:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/09/13 16:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2010/04/05 15:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/16 19:39:28 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/08/18 00:19:24 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/02/21 12:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2007/02/14 16:23:18 | 000,538,096 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\dlcccoms.exe -- (dlcc_device)
SRV - [2006/11/30 19:49:06 | 000,397,312 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Barb\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/02/18 11:21:27 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2012/02/18 11:21:27 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2012/02/18 11:21:18 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2012/02/18 11:21:10 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2012/01/18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2012/01/18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/12/18 12:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/08/08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2008/12/16 21:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/02/05 22:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/05 22:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008/02/05 22:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/05 22:20:40 | 000,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2007/11/06 13:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/04/25 08:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 11:33:50 | 000,007,680 | ---- | M] (ArcSoft Inc.) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/21 12:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/02/16 05:05:48 | 000,014,464 | ---- | M] (Christian Diefer) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fanio.sys -- (fanio)
DRV - [2007/02/08 14:51:16 | 002,209,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/11/30 00:49:17 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/08/04 00:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/03 12:44:16 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/03/11 00:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)
DRV - [2004/11/16 11:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/06/17 22:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/05/26 15:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004/02/13 18:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywayIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page =
http://www.dell4me.com/mywayIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywayIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page =
http://www.dell4me.com/mywayIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com/...UGO&form=ZGAPHPIE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...Box&Form=IE8SRCIE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes\{54F993FF-9710-401F-9A7E-B8A8F2F6C949}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...1I7GGLL_enUS388IE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" =
http://toolbar.ask.c...rm=1&toolbar=PDIE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes\{D5042721-6DFD-85DD-AD1C-6B852F3F6275}: "URL" =
http://www.bing.com/...UGO&form=ZGAIDFIE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\..\SearchScopes\{F85997F6-44A2-4EED-9324-F9B8E227E003}: "URL" =
http://us.yhs.search...p={searchTerms}IE - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "
http://www.bing.com/...TDF&PC=BBLN&q="FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
https://www.google.com/"FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.0.722
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.8.3
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..keyword.URL: "
http://www.bing.com/...form=ZGAADF&q="FF - prefs.js..network.proxy.http: "192.168.0.1"
FF - prefs.js..network.proxy.http_port: 87
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/12/03 14:46:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/12/03 14:46:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/12 23:33:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/06/30 21:10:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/02 20:11:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/02 20:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/20 19:37:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/06/02 20:18:11 | 000,000,000 | ---D | M]
[2010/05/10 20:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Extensions
[2010/05/10 20:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/07/12 23:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\extensions
[2010/12/23 00:38:13 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/04/26 11:42:46 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2012/04/30 11:08:08 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/12/07 19:58:52 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\extensions\
[email protected][2012/05/30 09:54:03 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\extensions\
[email protected][2011/12/17 15:55:57 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\Barb\Application Data\Mozilla\Firefox\Profiles\apgasrmx.default\searchplugins\scroogle-ssl.xml
[2012/04/26 09:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/27 16:56:33 | 000,006,870 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\BARB\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\APGASRMX.DEFAULT\EXTENSIONS\{2A638E17-DE1D-48D3-A4B7-39E9670FF77A}.XPI
[2012/01/27 16:56:39 | 000,097,169 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\BARB\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\APGASRMX.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
[2004/08/04 07:00:00 | 000,004,819 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\BARB\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\APGASRMX.DEFAULT\EXTENSIONS\
[email protected][2012/06/30 21:10:05 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX
[2012/04/26 11:41:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/12/07 11:32:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/05/18 22:18:36 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2002/01/09 00:26:42 | 000,319,488 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2012/04/26 11:41:34 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/26 11:41:34 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/07/15 21:45:13 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [DLCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe (Christian Diefer)
O4 - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE (Dale Nurden)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3849711765-1259099603-1021624056-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.mi...b?1340330382609 (WUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}
http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26A0DD5F-CFCD-4925-B09A-6790316455AE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C77EC15E-8280-489D-92EB-3E58A8FBC349}: DhcpNameServer = 192.168.0.1 216.165.129.158 216.170.153.146
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 19:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/07/19 22:10:33 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Barb\Desktop\aswMBR.exe
[2012/07/19 22:02:09 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Barb\Desktop\OTL.exe
[2012/07/19 12:28:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Barb\Recent
[2012/07/17 22:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/07/16 15:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\Toshiba docs
[2012/07/15 21:50:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\GooredFix Backups
[2012/07/15 21:45:02 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/07/15 21:29:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/07/15 19:55:22 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2012/07/15 19:55:22 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2012/07/15 19:55:21 | 000,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2012/07/15 19:55:21 | 000,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2012/07/15 19:55:21 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2012/07/15 19:55:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2012/07/15 19:55:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2012/07/15 19:55:21 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2012/07/15 19:55:21 | 000,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2012/07/15 19:55:20 | 000,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2012/07/15 19:55:20 | 000,053,248 | ---- | C] (
http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2012/07/15 19:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\SmitfraudFix
[2012/07/15 19:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/07/15 19:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/07/15 18:49:45 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Barb\Desktop\GooredFix.exe
[2012/07/15 18:04:37 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Barb\Desktop\OTM.exe
[2012/07/14 15:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\Holistic Health
[2012/07/14 14:51:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2012/07/13 23:14:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/13 23:00:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/07/12 22:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012/07/12 22:42:12 | 000,203,088 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
[2012/07/12 22:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/07/12 22:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/07/12 22:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Application Data\TestApp
[2012/07/12 22:39:50 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2012/07/12 22:29:06 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/07/12 22:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/07/12 20:32:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\Dell driver updates
[2012/07/12 20:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Local Settings\Application Data\Deployment
[2012/07/12 18:47:49 | 000,000,000 | ---D | C] -- C:\Log
[2012/07/12 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Stellar Phoenix Windows Data Recovery
[2012/07/12 18:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix Windows Data Recovery
[2012/07/12 17:11:49 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/07/12 17:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\backups
[2012/07/12 10:15:10 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Barb\Desktop\tdsskiller.exe
[2012/07/11 16:53:38 | 000,000,000 | ---D | C] -- C:\Lexar jump drive data off for Hank
[2012/07/09 22:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Application Data\SUPERAntiSpyware.com
[2012/07/09 22:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/07/09 22:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/07/09 22:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/08 16:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Local Settings\Application Data\DigitalVolcano
[2012/07/06 19:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\House projects
[2012/07/06 18:36:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Desktop\Diets
[2012/06/30 21:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\My Documents\Freemake
[2012/06/30 21:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Start Menu\Programs\Freemake
[2012/06/30 21:10:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Freemake
[2012/06/30 21:10:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2012/06/30 21:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
[2012/06/30 17:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2012/06/21 21:50:13 | 000,000,000 | ---D | C] -- C:\861753d54eb6cf20a2299eac38e96b
[2012/06/21 21:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Desktop Restore
[2012/06/21 21:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barb\Start Menu\Programs\Desktop Restore
[2012/06/21 18:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Benjamin Moore
[2012/06/21 15:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\Benjamin Moore
========== Files - Modified Within 30 Days ========== [2012/07/19 22:20:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/19 22:17:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/19 22:10:43 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Barb\Desktop\aswMBR.exe
[2012/07/19 22:02:16 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barb\Desktop\OTL.exe
[2012/07/19 16:34:14 | 004,604,607 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Honda Generator Parts Catalog.pdf
[2012/07/19 13:36:15 | 000,020,618 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\FIRST LUTHERAN CHURCHA congregation of the Evangelical Lutheran.wpd
[2012/07/19 09:58:48 | 000,004,097 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Examples of redirect URLs.rtf
[2012/07/19 09:39:03 | 002,682,763 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Examples of redirect.rtf
[2012/07/17 23:33:05 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/16 16:18:22 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Host files.rtf
[2012/07/15 21:45:13 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/07/15 21:31:45 | 000,001,980 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Microsoft Office Excel Viewer 2003.lnk
[2012/07/15 19:53:19 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\NTREGOPT.lnk
[2012/07/15 19:53:19 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\ERUNT.lnk
[2012/07/15 18:49:46 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Barb\Desktop\GooredFix.exe
[2012/07/15 18:43:13 | 001,872,472 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\SmitfraudFix.exe
[2012/07/15 18:04:41 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barb\Desktop\OTM.exe
[2012/07/15 08:58:24 | 000,004,912 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Redirect Remover.rtf
[2012/07/14 16:56:52 | 000,001,577 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Robert Spencer book review.rtf
[2012/07/14 15:36:32 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\Barb\My Documents\cc_20120714_153629.reg
[2012/07/14 14:50:29 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/07/14 14:50:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2012/07/14 14:50:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2012/07/14 10:10:37 | 006,518,637 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Ginnie's liberal comments.rtf
[2012/07/13 23:14:57 | 000,008,204 | ---- | M] () -- C:\Documents and Settings\Barb\My Documents\cc_20120713_231454.reg
[2012/07/13 23:00:55 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/07/13 22:11:04 | 006,050,044 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Redirect.rtf
[2012/07/12 23:33:49 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/12 22:42:36 | 000,667,349 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2012/07/12 22:39:50 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2012/07/12 21:15:17 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2012/07/12 21:12:24 | 000,001,682 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/07/12 21:12:24 | 000,000,056 | RHS- | M] () -- C:\WINDOWS\System32\830D2AE099.sys
[2012/07/12 18:48:10 | 000,000,068 | ---- | M] () -- C:\WINDOWS\spwdra.INI
[2012/07/12 17:10:20 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Barb\Local Settings\Application Data\housecall.guid.cache
[2012/07/12 10:15:24 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Barb\Desktop\tdsskiller.exe
[2012/07/09 21:44:37 | 002,224,668 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Malware Programs.rtf
[2012/07/09 14:36:42 | 001,730,588 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Insulated Glass.pdf
[2012/07/08 15:53:33 | 001,699,807 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Bad Pool Caller.rtf
[2012/07/08 11:09:08 | 000,002,706 | ---- | M] () -- C:\Documents and Settings\Barb\My Documents\cc_20120708_110903.reg
[2012/07/07 15:23:47 | 001,430,488 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Valerie.rtf
[2012/07/06 19:20:56 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Microsoft Office Word.lnk
[2012/07/06 18:18:56 | 000,469,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/06 18:18:56 | 000,082,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/03 12:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/07/02 22:39:33 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\Barb\My Documents\cc_20120702_223929.reg
[2012/07/02 09:17:24 | 000,191,717 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\0 charts for Barb 3.wpd
[2012/07/02 09:15:01 | 000,003,640 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Email to Junko about Politics.rtf
[2012/07/02 00:04:10 | 000,002,390 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Romney being rich.rtf
[2012/07/01 19:59:47 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Paint Shop Photo Album.lnk
[2012/07/01 15:08:40 | 000,450,617 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\0 charts for Barb 2.wpd
[2012/06/30 21:30:27 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\Barb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/30 21:10:07 | 000,000,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Freemake Video Converter.lnk
[2012/06/30 17:31:39 | 000,001,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Impression for Kodak.lnk
[2012/06/30 17:16:40 | 001,732,510 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Kodak-Zi8-User-Manual.pdf
[2012/06/30 15:18:08 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Windows Movie Maker.lnk
[2012/06/28 20:53:13 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/28 20:53:10 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/28 13:39:02 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Romney phone.rtf
[2012/06/21 15:49:39 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\Barb\Desktop\Ben Moore code.rtf
========== Files Created - No Company Name ========== [2012/07/19 16:34:13 | 004,604,607 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Honda Generator Parts Catalog.pdf
[2012/07/19 13:36:13 | 000,020,618 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\FIRST LUTHERAN CHURCHA congregation of the Evangelical Lutheran.wpd
[2012/07/19 09:58:48 | 000,004,097 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Examples of redirect URLs.rtf
[2012/07/19 09:13:19 | 002,682,763 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Examples of redirect.rtf
[2012/07/16 16:18:22 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Host files.rtf
[2012/07/15 21:46:03 | 000,252,862 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3849711765-1259099603-1021624056-1005-0.dat
[2012/07/15 21:31:45 | 000,001,980 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Microsoft Office Excel Viewer 2003.lnk
[2012/07/15 21:29:52 | 000,001,980 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Excel Viewer 2003.lnk
[2012/07/15 19:55:21 | 000,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2012/07/15 19:55:21 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2012/07/15 19:55:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2012/07/15 19:53:19 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\NTREGOPT.lnk
[2012/07/15 19:53:19 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\ERUNT.lnk
[2012/07/15 18:43:13 | 001,872,472 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\SmitfraudFix.exe
[2012/07/15 08:58:24 | 000,004,912 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Redirect Remover.rtf
[2012/07/14 16:56:52 | 000,001,577 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Robert Spencer book review.rtf
[2012/07/14 15:36:30 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\Barb\My Documents\cc_20120714_153629.reg
[2012/07/14 09:25:36 | 006,518,637 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Ginnie's liberal comments.rtf
[2012/07/13 23:14:56 | 000,008,204 | ---- | C] () -- C:\Documents and Settings\Barb\My Documents\cc_20120713_231454.reg
[2012/07/13 23:00:55 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/07/13 23:00:51 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/07/12 23:33:47 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/12 22:42:25 | 000,667,349 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2012/07/12 18:47:49 | 000,000,068 | ---- | C] () -- C:\WINDOWS\spwdra.INI
[2012/07/12 17:10:20 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Barb\Local Settings\Application Data\housecall.guid.cache
[2012/07/12 14:21:10 | 006,050,044 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Redirect.rtf
[2012/07/09 21:35:55 | 002,224,668 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Malware Programs.rtf
[2012/07/09 14:36:42 | 001,730,588 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Insulated Glass.pdf
[2012/07/08 14:26:15 | 001,699,807 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Bad Pool Caller.rtf
[2012/07/08 11:09:07 | 000,002,706 | ---- | C] () -- C:\Documents and Settings\Barb\My Documents\cc_20120708_110903.reg
[2012/07/06 20:40:08 | 001,430,488 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Valerie.rtf
[2012/07/02 22:39:31 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\Barb\My Documents\cc_20120702_223929.reg
[2012/07/02 10:44:09 | 000,252,862 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/07/02 09:17:22 | 000,191,717 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\0 charts for Barb 3.wpd
[2012/07/02 09:15:01 | 000,003,640 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Email to Junko about Politics.rtf
[2012/07/01 16:49:11 | 000,002,390 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Romney being rich.rtf
[2012/07/01 15:08:40 | 000,450,617 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\0 charts for Barb 2.wpd
[2012/06/30 21:10:07 | 000,000,973 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Freemake Video Converter.lnk
[2012/06/30 17:16:40 | 001,732,510 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Kodak-Zi8-User-Manual.pdf
[2012/06/30 15:18:08 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Windows Movie Maker.lnk
[2012/06/28 13:39:02 | 000,000,308 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Romney phone.rtf
[2012/06/21 15:49:39 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\Barb\Desktop\Ben Moore code.rtf
[2012/05/26 20:55:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/26 20:55:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/26 20:55:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/26 20:55:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/26 20:55:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/26 12:14:53 | 000,248,794 | ---- | C] () -- C:\Documents and Settings\Barb\Local Settings\Application Data\census.cache
[2012/05/26 12:14:47 | 000,232,312 | ---- | C] () -- C:\Documents and Settings\Barb\Local Settings\Application Data\ars.cache
[2012/04/22 17:36:29 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2012/04/22 17:36:29 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2012/04/22 17:36:29 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2012/04/22 17:36:29 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2012/04/22 17:36:29 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2012/04/17 18:47:35 | 000,922,184 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2012/04/17 18:47:34 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2012/04/17 18:47:33 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2012/02/15 12:29:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/03 20:58:52 | 000,003,517 | ---- | C] () -- C:\Documents and Settings\Barb\.recently-used.xbel
[2011/04/17 19:15:04 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/02/18 10:08:54 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/02/16 11:43:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/20 23:48:26 | 000,000,426 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/01/12 11:51:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/08 09:38:02 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/12/02 20:52:55 | 014,835,712 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2010/11/23 23:04:00 | 000,675,840 | ---- | C] () -- C:\Program Files\TOSHIBA Exif JPEG.jpg
[2010/09/22 23:26:18 | 000,000,110 | ---- | C] () -- C:\WINDOWS\Sansa Media Converter.INI
[2010/06/02 12:33:27 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Barb\Application Data\PFP120JPR.{PB
[2010/06/02 12:33:27 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Barb\Application Data\PFP120JCM.{PB
[2010/05/17 06:53:28 | 000,047,104 | ---- | C] () -- C:\Documents and Settings\Barb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/30 00:46:25 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
========== LOP Check ========== [2010/05/17 09:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/05/15 14:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/12/06 13:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2010/12/06 13:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2011/12/18 13:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
[2011/12/18 13:18:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/12/18 13:32:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2012/01/15 15:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2011/12/18 16:25:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/12/18 13:32:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2011/12/18 13:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2011/12/18 13:32:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012/07/15 13:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2012/01/15 15:38:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/12/18 13:32:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2011/12/18 13:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2010/11/27 09:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2012/06/30 21:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2011/01/20 17:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2012/07/12 22:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2010/05/27 23:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2012/06/02 18:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/12/12 15:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/07/19 22:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2012/02/18 11:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2012/07/17 22:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/12 15:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2005/11/30 00:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/24 17:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/07/23 14:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Abine
[2012/01/15 15:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Canon
[2011/07/03 21:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\CloneSpy
[2010/07/09 22:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Foxit Software
[2012/01/03 21:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\gtk-2.0
[2010/05/17 07:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Leadertech
[2012/06/02 18:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Nuance
[2010/09/21 22:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\SanDisk
[2010/12/02 20:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\SystemRequirementsLab
[2011/12/13 15:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\TeamViewer
[2012/07/12 22:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\TestApp
[2010/05/10 20:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Thunderbird
[2012/06/18 10:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barb\Application Data\Windows Search
[2012/07/17 23:33:05 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SERVICES >[2004/08/04 07:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\i386\services
[2004/08/04 07:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES.CFG >[2012/04/04 01:53:54 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.CNF >[2007/05/17 00:38:54 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\My Personal Data Folder\My NtScp OE Backup\My Web Designs\My Webs\myweb\_vti_pvt\services.cnf
[2007/05/17 22:43:18 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\My Personal Data Folder\My NtScp OE Backup\My Web Designs\My Webs\myweb2\_vti_pvt\services.cnf
[2007/06/02 23:11:44 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\My Personal Data Folder\My NtScp OE Backup\My Web Designs\My Webs\myweb3\_vti_pvt\services.cnf
[2007/06/02 23:11:44 | 000,000,029 | ---- | M] () MD5=AD0055D2C4D56A5D9FC36A633606D39E -- C:\My Personal Data Folder\My NtScp OE Backup\My Web Designs\My Webs\_vti_pvt\services.cnf
< MD5 for: SERVICES.CSS >[2004/06/22 15:47:52 | 000,014,222 | ---- | M] () MD5=EEB4B04593F8A413DA1830931D6533BC -- C:\Program Files\Intuit\QuickBooks 2005\Components\Services\services.css
< MD5 for: SERVICES.EXE >[2009/02/06 07:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 20:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 06:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\i386\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 07:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
< MD5 for: SERVICES.LNK >[2010/05/25 17:31:56 | 000,001,602 | ---- | M] () MD5=C135EA383041029955A803B629391B27 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MSC >[2004/08/04 07:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\i386\services.msc
[2004/08/04 07:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SVCHOST.EXE >[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >[HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache\LAN]
"AutodiscoveryFlags" = -2147483648
"DetectedInterfaceIpCount" = 1
"LastDetectHighDateTime" = 0
"LastDetectLowDateTime" = 0
"LastDetectTime" = 01/01/1601, 00:00:00 UTC
"DetectedInterfaceIps" = 192.168.0.7;
"LastDetectUrl" =
========== Alternate Data Streams ========== @Alternate Data Stream - 235 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0FF263E8
< End of report>
__________________________________________________________
OTL Extras logfile created on: 7/19/2012 10:23:48 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Barb\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.64% Memory free
3.85 Gb Paging File | 3.49 Gb Available in Paging File | 90.60% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.21 Gb Total Space | 21.01 Gb Free Space | 31.25% Space Free | Partition Type: NTFS
Computer Name: D24F9X81 | User Name: Barb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-3849711765-1259099603-1021624056-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Barb\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Documents and Settings\Barb\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x86\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{192C6FB8-40B8-4910-BE8C-5EE77FACF08D}" = Hallmark Card Studio 2006
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7.2
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{228CEA74-6DD1-40B9-B95F-77273F4316B5}" = Desktop Restore
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26346FB6-4F69-453D-95CE-B6BA3A5382F8}" = Broderbund Media Manager
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 22
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking
"{4B4E8814-F682-4197-8F4B-E9FFC6F08977}" = System Requirements Lab for Intel
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.5
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}" = 924PLC32
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB4D07D-3754-1CD4-1E25-0C1AF3355921}" = Personal Color Viewer
"{9B260944-746E-4966-8918-0F9636930456}" = ArcSoft MediaImpression for Kodak
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B1914265-0D07-48E0-A937-F20A76D0032D}" = Acronis True Image Home
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FB26EA24-AE01-4C86-BEBC-424D5B81E66E}" = The Print Shop
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"BenjaminMoore.PCV3.USEN.EDC653D570C2AEC0ED05A14996D862CA553BDF51.1" = Personal Color Viewer
"Canon MG5200 series User Registration" = Canon MG5200 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CloneSpy" = CloneSpy 2.61
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"Defraggler" = Defraggler
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Photo AIO Printer 924" = Dell Photo AIO Printer 924
"Duplicate Cleaner" = Duplicate Cleaner 2.0.6
"Duplicate Cleaner Free" = Duplicate Cleaner Free 3.0.0
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.1 Home Edition
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ERUNT_is1" = ERUNT 1.1j
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.2
"HitmanPro36" = HitmanPro 3.6
"I8kfanGUI" = I8kfanGUI V3.1
"ie8" = Windows Internet Explorer 8
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"lvdrivers_11.90" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MjM Free Photo Recovery Software1.0" = MjM Free Photo Recovery Software
"MoffFreeCalc_is1" = Moffsoft FreeCalc
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"Mozilla Thunderbird 13.0.1 (x86 en-US)" = Mozilla Thunderbird 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"PC Pitstop Optimize3_is1" = PC Pitstop Optimize3 3.0
"Picasa 3" = Picasa 3
"ProInst" = Intel® PROSet/Wireless Software
"RealPlayer 6.0" = RealPlayer Basic
"Recuva" = Recuva
"Shockwave" = Shockwave
"SnagIt5" = SnagIt 5
"Stellar Phoenix Windows Data Recovery_is1" = Stellar Phoenix Windows Data Recovery
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SysInfo" = Creative System Information
"TClockEx_is1" = TClockEx
"TeamViewer 7" = TeamViewer 7
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"ZENcast Organizer" = ZENcast Organizer
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3849711765-1259099603-1021624056-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/6/2012 6:20:42 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 11711
Description = Product: Microsoft .NET Framework 4 Extended -- Error 1711. An error
occurred while writing installation information to disk. Check to make sure enough
disk space is available, and click Retry, or Cancel to end the install.
Error - 7/6/2012 6:20:42 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 11711
Description = Product: Microsoft .NET Framework 4 Extended -- Error 1711. An error
occurred while writing installation information to disk. Check to make sure enough
disk space is available, and click Retry, or Cancel to end the install.
Error - 7/6/2012 6:20:42 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 11711
Description = Product: Microsoft .NET Framework 4 Extended -- Error 1711. An error
occurred while writing installation information to disk. Check to make sure enough
disk space is available, and click Retry, or Cancel to end the install.
Error - 7/6/2012 6:20:42 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 11711
Description = Product: Microsoft .NET Framework 4 Extended -- Error 1711. An error
occurred while writing installation information to disk. Check to make sure enough
disk space is available, and click Retry, or Cancel to end the install.
Error - 7/6/2012 6:20:43 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 11719
Description = Product: Microsoft .NET Framework 4 Extended -- Error 1719. The Windows
Installer Service could not be accessed. This can occur if you are running Windows
in safe mode, or if the Windows Installer is not correctly installed. Contact your
support personnel for assistance.
Error - 7/6/2012 6:20:43 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 1020
Description = Product: Microsoft .NET Framework 4 Extended - Update 'KB2533523'
could not be removed. Error code 1603. Additional information is available in the
log file C:\DOCUME~1\Barb\LOCALS~1\Temp\KB2533523_20120706_180916296-Microsoft
.NET Framework 4 Client Profile-MSP1.txt.
Error - 7/12/2012 10:55:09 PM | Computer Name = D24F9X81 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/12/2012 10:55:09 PM | Computer Name = D24F9X81 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/12/2012 11:15:56 PM | Computer Name = D24F9X81 | Source = MsiInstaller | ID = 11706
Description = Product: Desktop Restore -- Error 1706. An installation package for
the product Desktop Restore cannot be found. Try the installation again using a
valid copy of the installation package 'DeskInstU.msi'.
Error - 7/12/2012 11:20:51 PM | Computer Name = D24F9X81 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 12.0.0.4493, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 7/16/2012 8:01:14 PM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/16/2012 8:46:10 PM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/16/2012 9:56:22 PM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/18/2012 8:20:29 AM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/18/2012 10:40:02 AM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/18/2012 12:32:04 PM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/18/2012 4:54:44 PM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/18/2012 9:17:52 PM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/19/2012 7:53:19 AM | Computer Name = D24F9X81 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 7/19/2012 10:20:10 PM | Computer Name = D24F9X81 | Source = Service Control Manager | ID = 7022
Description = The Freemake Improver service hung on starting.
< End of report >
__________________________________________________________
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-19 22:37:24
-----------------------------
22:37:24.656 OS Version: Windows 5.1.2600 Service Pack 3
22:37:24.656 Number of processors: 1 586 0xD08
22:37:24.656 ComputerName: D24F9X81 UserName: Barb
22:37:25.343 Initialize success
22:37:28.796 AVAST engine defs: 12071902
22:38:02.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:38:02.703 Disk 0 Vendor: ST980815A 3.ADE Size: 76319MB BusType: 3
22:38:02.828 Disk 0 MBR read successfully
22:38:02.828 Disk 0 MBR scan
22:38:02.828 Disk 0 unknown MBR code
22:38:02.953 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 125 MB offset 63
22:38:03.031 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 68825 MB offset 257040
22:38:03.093 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 7310 MB offset 141323805
22:38:03.140 Disk 0 scanning sectors +156296385
22:38:03.312 Disk 0 scanning C:\WINDOWS\system32\drivers
22:38:18.546 Service scanning
22:38:45.906 Modules scanning
22:38:54.671 Disk 0 trace - called modules:
22:38:55.250 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:38:55.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8abcaab8]
22:38:55.250 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8abdd940]
22:38:55.843 AVAST engine scan C:\WINDOWS
22:39:00.078 AVAST engine scan C:\WINDOWS\system32
22:42:00.375 AVAST engine scan C:\WINDOWS\system32\drivers
22:42:24.859 AVAST engine scan C:\Documents and Settings\Barb
22:54:50.953 AVAST engine scan C:\Documents and Settings\All Users
22:58:01.625 Scan finished successfully
23:00:19.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Barb\Desktop\MBR.dat"
23:00:19.609 The log file has been saved successfully to "C:\Documents and Settings\Barb\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-19 22:37:24
-----------------------------
22:37:24.656 OS Version: Windows 5.1.2600 Service Pack 3
22:37:24.656 Number of processors: 1 586 0xD08
22:37:24.656 ComputerName: D24F9X81 UserName: Barb
22:37:25.343 Initialize success
22:37:28.796 AVAST engine defs: 12071902
22:38:02.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:38:02.703 Disk 0 Vendor: ST980815A 3.ADE Size: 76319MB BusType: 3
22:38:02.828 Disk 0 MBR read successfully
22:38:02.828 Disk 0 MBR scan
22:38:02.828 Disk 0 unknown MBR code
22:38:02.953 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 125 MB offset 63
22:38:03.031 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 68825 MB offset 257040
22:38:03.093 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 7310 MB offset 141323805
22:38:03.140 Disk 0 scanning sectors +156296385
22:38:03.312 Disk 0 scanning C:\WINDOWS\system32\drivers
22:38:18.546 Service scanning
22:38:45.906 Modules scanning
22:38:54.671 Disk 0 trace - called modules:
22:38:55.250 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:38:55.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8abcaab8]
22:38:55.250 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8abdd940]
22:38:55.843 AVAST engine scan C:\WINDOWS
22:39:00.078 AVAST engine scan C:\WINDOWS\system32
22:42:00.375 AVAST engine scan C:\WINDOWS\system32\drivers
22:42:24.859 AVAST engine scan C:\Documents and Settings\Barb
22:54:50.953 AVAST engine scan C:\Documents and Settings\All Users
22:58:01.625 Scan finished successfully
23:00:19.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Barb\Desktop\MBR.dat"
23:00:19.609 The log file has been saved successfully to "C:\Documents and Settings\Barb\Desktop\aswMBR.txt"
23:00:39.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Barb\Desktop\MBR.dat"
23:00:39.562 The log file has been saved successfully to "C:\Documents and Settings\Barb\Desktop\aswMBR.txt"
_______________________________________________________
Hope I did this right. This is a first for me.
Thanks.