Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Desktop: Rootkit.NoAccess - Internet won't work "message faile


  • This topic is locked This topic is locked

#1
dch1314

dch1314

    Member

  • Member
  • PipPipPip
  • 238 posts
So all of a sudden, a few days ago, my internet stopped working on my desktop. I used netgear wireless for my desktop and now it just won't connect. I ran a ComboFix scan and it detected Rootkit.NoAccess so I am thinking it's that. ComboFix did it's part but computer still with same issues. If I attempt to open Windows Firewall it gives me some crazy message about "Windows Firewall cannot be displayed because the associated service is not running"

I am doing this from my laptop, because internet service on my desktop is having issues connecting. I will post all logs into this first post.

Thanks in advance for help

OTL

OTL logfile created on: 10/27/2012 11:08:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 509.72 Mb Available Physical Memory | 53.18% Memory free
2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.45% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.69 Gb Total Space | 27.70 Gb Free Space | 26.46% Space Free | Partition Type: NTFS
Drive D: | 7.08 Gb Total Space | 0.36 Gb Free Space | 5.13% Space Free | Partition Type: FAT32
Drive F: | 3.79 Gb Total Space | 3.69 Gb Free Space | 97.28% Space Free | Partition Type: FAT32

Computer Name: FAMILY | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/11 08:19:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011/08/09 13:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011/07/28 17:06:20 | 000,297,440 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2010/12/31 15:06:35 | 003,395,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/12/31 15:06:34 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/28 22:37:24 | 002,322,501 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files\Software Informer\softinfo.exe
PRC - [2010/01/28 17:55:29 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/28 17:55:12 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/05/29 09:56:06 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/19 09:57:40 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2003/12/17 10:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (No Company Name) ==========

MOD - [2012/10/22 14:20:36 | 001,820,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12102201\algo.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/28 17:06:20 | 000,297,440 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
MOD - [2011/05/11 10:31:00 | 000,204,800 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiLib.dll
MOD - [2010/01/28 17:57:54 | 001,143,056 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
MOD - [2006/06/19 09:57:38 | 000,151,589 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwfiles.dll
MOD - [2006/06/19 09:57:38 | 000,098,339 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrExt.dll
MOD - [2006/06/19 09:57:38 | 000,061,496 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\clntutil.dll
MOD - [2005/12/15 15:33:48 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\Program\HPClientExt.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 23:16:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/09 13:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2011/07/28 17:06:20 | 000,297,440 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010/12/31 15:06:34 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/28 17:55:12 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - File not found [File_System | Boot | Stopped] -- system32\drivers\eBoost.sys -- (eBoost)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avgfwdx.sys -- (Avgfwfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avgfwdx.sys -- (Avgfwdx)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2011/08/02 18:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/12/31 15:00:18 | 000,293,968 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/12/31 14:59:23 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/12/31 14:59:11 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/12/31 14:56:49 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/12/31 14:56:29 | 000,029,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/12/31 14:56:27 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/11/30 18:06:04 | 006,261,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/09/30 20:15:00 | 001,759,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2010/02/11 12:03:07 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/01/28 17:56:11 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/01/28 17:56:10 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/11/12 17:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/09/25 18:07:00 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2007/07/13 10:44:22 | 000,043,008 | ---- | M] (D-Link ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dlkfet5b.sys -- (FETNDISB)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/03/03 16:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 16:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/08/03 16:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...ARIO&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu....q={searchTerms}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\SearchScopes\{5E1BE0B3-C7B9-49C6-A0A4-52F5BE4D42E5}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "twetvcom Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Web Search (powered by Google)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.23.0.5
FF - prefs.js..extensions.enabledAddons: [email protected]:5.1
FF - prefs.js..extensions.enabledAddons: [email protected]:1.7.0
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: [email protected]:0.85.33
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.23.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:5.1
FF - prefs.js..keyword.URL: "http://search.toolba...7a1a5fu00GO&q="
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Compaq_Owner\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/05/29 09:56:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/04 16:55:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 23:16:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/14 23:15:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected] [2011/09/18 10:26:46 | 000,000,000 | ---D | M]

[2011/09/18 11:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/06/07 18:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/07 20:19:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions
[2010/06/26 11:33:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/10/07 20:19:49 | 000,000,000 | ---D | M] ("Deals Plugin") -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
[2011/08/12 05:55:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
[2011/09/18 10:26:46 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
[2012/10/07 20:19:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]\chrome\content\extensionCode
[2012/08/18 04:10:14 | 000,084,395 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
[2012/08/18 04:10:15 | 000,702,524 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2011/01/04 16:17:39 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\bing.xml
[2011/10/28 17:18:06 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\conduit.xml
[2011/09/18 10:23:23 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\SearchResults.xml
[2010/04/06 07:16:06 | 000,001,494 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\web-search-powered-by-google.xml
[2012/10/14 23:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/14 23:15:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/04/17 09:10:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/10/14 23:16:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/09/21 17:33:50 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/18 10:23:23 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/10/14 23:16:05 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Bandoo (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\ChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Documents and Settings\Compaq_Owner\Application Data\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Bandoo = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Deals Plugin = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.20.24_0\crossrider
CHR - Extension: Deals Plugin = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.20.24_0\

O1 HOSTS File: ([2012/10/27 22:41:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: <Company name>)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe" File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk = C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: amazon.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: hulu.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: youtube.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: amazon.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: hulu.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: youtube.com ([]* in Trusted sites)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1244421581718 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E0B119-DCF2-4CD6-8DFB-7CFF1B70F7FF} https://sprint.black...ls/TOImport.cab (TeamOn Import Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: bdsripcab https://media.bdsrea...s/bdsripcab.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 01:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/27 23:07:44 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2012/10/27 23:07:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/27 22:16:26 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\HijackThis.exe
[2012/10/27 21:56:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/10/27 21:52:15 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
[2012/10/27 21:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
[2012/10/27 20:19:56 | 000,254,022 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2012/10/27 20:19:55 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscimd.sys
[2012/10/27 20:19:55 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\jswscimd.sys
[2012/10/27 19:47:41 | 001,269,854 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2012/10/27 19:47:41 | 000,426,074 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wgapi.dll
[2012/10/27 19:47:41 | 000,405,504 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2012/10/27 19:47:41 | 000,356,443 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2012/10/27 19:47:41 | 000,311,390 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2012/10/27 19:47:41 | 000,249,924 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2012/10/27 19:47:41 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2012/10/27 19:47:41 | 000,127,079 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2012/10/27 19:47:41 | 000,127,053 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2012/10/27 19:47:41 | 000,082,017 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2012/10/27 19:47:40 | 001,759,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2012/10/27 19:47:40 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2012/10/27 19:47:38 | 000,405,582 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscsup.dll
[2012/10/27 19:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGEAR WNA1100 Genie
[2012/10/27 19:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2012/10/27 19:25:08 | 026,376,640 | ---- | C] (Acresso Software Inc. ) -- C:\Documents and Settings\Compaq_Owner\Desktop\WNA1100_v2.0.0.5_Setup.exe
[2012/10/27 17:55:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2012/10/27 11:26:16 | 000,073,800 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athgina.dll
[2012/10/25 09:55:32 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvc296.rra
[2012/10/20 20:26:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/10/20 18:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Reincubate
[2012/10/14 23:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/11 21:07:31 | 010,150,457 | ---- | C] (XboxMB) -- C:\Documents and Settings\Compaq_Owner\Desktop\Horizon.exe
[2012/10/07 20:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Slender_v0_9_7
[2012/10/07 20:02:37 | 000,680,032 | ---- | C] (OptimumInstaller) -- C:\Documents and Settings\Compaq_Owner\Desktop\slender_setup.exe
[2012/10/07 20:01:27 | 000,373,432 | ---- | C] (Softonic) -- C:\Documents and Settings\Compaq_Owner\Desktop\SoftonicDownloader_for_slender-the-eight-pages.exe
[2012/10/06 22:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\TeknoGods
[2012/10/05 15:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Crack
[2012/09/30 18:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/30 18:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/09/30 18:07:12 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/09/30 18:06:00 | 000,946,352 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Compaq_Owner\Desktop\SkypeSetup.exe
[2012/09/30 13:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony
[2012/09/30 12:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2012/09/30 12:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2012/09/30 12:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2012/09/30 12:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2012/09/30 12:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\NCH Software
[2012/09/29 19:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Deals Plugin
[2012/09/29 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Deals Plugin
[2012/09/29 19:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Uncompressor
[2012/09/29 19:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Uncompressor

========== Files - Modified Within 30 Days ==========

[2012/10/27 23:17:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{16A277BB-F55B-419A-AC32-F60EB41211A8}.job
[2012/10/27 23:04:06 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/27 23:01:51 | 000,199,660 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/27 23:00:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/27 22:42:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/27 22:41:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/10/27 22:16:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\HijackThis.exe
[2012/10/27 21:37:04 | 001,580,544 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
[2012/10/27 21:30:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/27 20:19:53 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk
[2012/10/27 20:19:53 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA1100 Genie.lnk
[2012/10/27 19:51:56 | 042,730,616 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\4k8t247w.exe
[2012/10/27 17:52:59 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to ComboFix.lnk
[2012/10/25 10:06:54 | 000,528,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/25 10:06:54 | 000,097,078 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/22 21:37:22 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Microsoft Office Word 2007.lnk
[2012/10/22 14:34:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/22 13:55:12 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/20 23:53:05 | 000,019,617 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\SMS.csv
[2012/10/14 01:45:11 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/12 17:27:22 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
[2012/10/11 21:13:54 | 010,150,457 | ---- | M] (XboxMB) -- C:\Documents and Settings\Compaq_Owner\Desktop\Horizon.exe
[2012/10/11 08:20:08 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2012/10/11 08:19:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/10 20:32:11 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/10/07 20:05:25 | 065,812,970 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Slender_v0_9_7.zip
[2012/10/07 20:02:38 | 000,680,032 | ---- | M] (OptimumInstaller) -- C:\Documents and Settings\Compaq_Owner\Desktop\slender_setup.exe
[2012/10/07 20:01:31 | 000,373,432 | ---- | M] (Softonic) -- C:\Documents and Settings\Compaq_Owner\Desktop\SoftonicDownloader_for_slender-the-eight-pages.exe
[2012/10/03 12:49:01 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012/09/30 18:07:13 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/09/30 18:06:00 | 000,946,352 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Compaq_Owner\Desktop\SkypeSetup.exe
[2012/09/29 18:47:28 | 000,000,370 | ---- | M] () -- C:\WINDOWS\WININIT.INI

========== Files Created - No Company Name ==========

[2012/10/27 21:39:59 | 001,580,544 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
[2012/10/27 20:22:20 | 042,730,616 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\4k8t247w.exe
[2012/10/27 20:19:55 | 000,035,967 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.cat
[2012/10/27 20:19:55 | 000,035,538 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.cat
[2012/10/27 20:19:55 | 000,005,529 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.inf
[2012/10/27 20:19:55 | 000,002,231 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.inf
[2012/10/27 19:47:40 | 000,039,471 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2012/10/27 19:47:40 | 000,039,469 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2012/10/27 19:47:40 | 000,005,363 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2012/10/27 19:47:40 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2012/10/27 19:47:38 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2012/10/27 19:47:36 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk
[2012/10/27 19:47:36 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA1100 Genie.lnk
[2012/10/27 17:52:59 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to ComboFix.lnk
[2012/10/25 09:54:19 | 000,006,419 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ReleaseNotes_WNA3100_sw_2.0.html
[2012/10/20 23:53:05 | 000,019,617 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\SMS.csv
[2012/10/20 20:26:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/07 20:04:33 | 065,812,970 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Slender_v0_9_7.zip
[2012/09/30 18:07:13 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/09/30 12:49:13 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012/09/30 12:41:18 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoPad Video Editor.lnk
[2012/09/20 09:44:59 | 000,066,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/02/14 21:27:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/18 19:27:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\preferences.dat
[2011/01/04 15:49:51 | 000,110,602 | ---- | C] () -- C:\WINDOWS\System32\xcdsfx32.bin
[2011/01/04 14:51:40 | 000,000,160 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2011/01/04 14:37:43 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/04 14:37:24 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/04 14:37:24 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/07/23 14:28:24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2009/06/15 14:08:36 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/06/19 09:12:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/06/23 18:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/17 17:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2011/09/24 20:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2010/02/26 21:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2009/05/28 18:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2011/01/04 15:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2010/05/09 11:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gosu
[2011/10/17 13:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HumanClick
[2011/01/04 15:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\inf
[2010/05/09 11:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/12/05 12:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/10/07 12:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\.minecraft
[2010/09/19 11:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AnvSoft
[2010/10/30 22:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Any Video Converter
[2012/04/05 09:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Auslogics
[2011/01/17 17:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AutoHideIP
[2009/06/06 11:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVGTOOLBAR
[2011/09/18 10:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Bandoo
[2010/10/20 12:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Barnes & Noble
[2012/08/10 18:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/07 15:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Downloaded Installations
[2010/11/10 18:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Elluminate
[2010/05/16 19:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Facebook
[2009/06/27 12:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FrostWire
[2009/05/31 18:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2011/10/17 13:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LivepersonMFC
[2011/09/18 10:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\searchquband
[2012/10/27 23:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Software Informer
[2012/09/30 13:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony
[2011/01/04 15:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SystemRequirementsLab
[2009/06/15 17:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Thinstall
[2009/05/29 19:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinBatch
[2009/06/07 19:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Windows Desktop Search
[2009/05/31 17:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: QMGR.DLL >
[2004/08/04 06:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ERDNT\cache\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll

< MD5 for: SERVICES >
[2004/08/04 06:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >
[2004/08/03 23:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\WINDOWS\I386\SERVICES._

< MD5 for: SERVICES.EX_ >
[2004/08/03 23:00:00 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\WINDOWS\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 12:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 05:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe

< MD5 for: SERVICES.JS >
[2010/08/16 14:07:26 | 000,018,674 | ---- | M] () MD5=7209830374F12E59D7802B687A5F0542 -- C:\Program Files\Barnes & Noble\BNDesktopReader\HTML\js\services.js

< MD5 for: SERVICES.LNK >
[2005/12/05 01:50:32 | 000,001,602 | ---- | M] () MD5=088D2B3B011A1912BE137651A4BCCFEE -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MS_ >
[2004/08/03 23:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\WINDOWS\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2004/08/04 06:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2009/06/15 17:01:38 | 000,008,704 | ---- | M] () MD5=83CB01B7C2798C76834C9C58922D5EEA -- C:\Documents and Settings\Compaq_Owner\Application Data\Thinstall\CSDATA\1000000600002i\svchost.exe
[2007/05/09 17:51:07 | 000,008,704 | ---- | M] () MD5=83CB01B7C2798C76834C9C58922D5EEA -- C:\Documents and Settings\Compaq_Owner\Desktop\Adobe Photoshop CS3 Extended Portable\CSDATA\1000000600002i\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2009/04/04 20:11:53 | 000,008,704 | ---- | M] () MD5=B7CAC0B6A0DAA9F036B00D46C0D28783 -- C:\Documents and Settings\Compaq_Owner\Desktop\Adobe Photoshop CS3 Extended Portable\CSDATA\1000000800002i\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< C:\Windows\assembly\tmp\U\*.* /s >
[2004/08/04 06:00:00 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2005/12/05 02:05:36 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/05/28 19:05:36 | 000,000,436 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{16A277BB-F55B-419A-AC32-F60EB41211A8}.job
[2009/06/30 06:39:06 | 000,000,882 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/06/30 06:39:07 | 000,000,886 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 12:49:13 | 000,000,294 | ---- | C] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"Type" = 272
"Start" = 3
"ErrorControl" = 1
"ImagePath" = %SystemRoot%\system32\svchost.exe -k netsvcs -- [2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation)
"DisplayName" = BITS
"DependOnService" = RpcSs [binary data] -- [2009/02/09 07:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation)
"DependOnGroup" = [binary data]
"ObjectName" = LocalSystem
"FailureActions" = 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 E3 0C 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = %systemroot%\system32\qmgr.dll -- [2008/04/13 19:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Enum]
"0" = Root\LEGACY_BITS\0000
"Count" = 1
"NextInstance" = 1

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 5.1.3565
Copyright © 1999-2003 Microsoft Corporation.
On computer: FAMILY
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B
Volume 1 C PRESARIO NTFS Partition 105 GB Healthy System
Volume 2 D PRESARIO_RP FAT32 Partition 7265 MB Healthy
Volume 3 F FAT32 Removeable 3892 MB

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Compaq_Owner\Desktop\procexp.exe:SummaryInformation

< End of report >


Extras

OTL Extras logfile created on: 10/27/2012 11:08:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 509.72 Mb Available Physical Memory | 53.18% Memory free
2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.45% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.69 Gb Total Space | 27.70 Gb Free Space | 26.46% Space Free | Partition Type: NTFS
Drive D: | 7.08 Gb Total Space | 0.36 Gb Free Space | 5.13% Space Free | Partition Type: FAT32
Drive F: | 3.79 Gb Total Space | 3.69 Gb Free Space | 97.28% Space Free | Partition Type: FAT32

Computer Name: FAMILY | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{294BB21B-0091-492F-87D2-A9192DA3E448}" = System Requirements Lab for Intel
"{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}" = D-Link DFE-530TX+
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CEA4C7D0-ABBE-4074-A488-173BB382CDFF}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{98E3252E-3CE5-4B15-929D-D18F7BE6EED4}" = D-Link DFE-530TX+
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 N150 Wireless USB Adapter
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2890BD4-14BB-4C5D-8944-E2A23FF8B173}" = DFE-530TX Driver
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Bandoo" = Bandoo
"BN_DesktopReader" = NOOK for PC
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Internet Security
"Deals Plugin" = Deals Plugin
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HP Game Console" = HP Game Console
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Rhapsody" = HP Rhapsody
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}" = D-Link DFE-530TX+
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{98E3252E-3CE5-4B15-929D-D18F7BE6EED4}" = D-Link DFE-530TX+
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"Software Informer_is1" = Software Informer 1.0 BETA
"SystemRequirementsLab" = System Requirements Lab
"VideoPad" = VideoPad Video Editor
"VN_VUIns_Rhine_D-Link" = D-Link PCI Fast Ethernet Adapter
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Uncompressor" = Uncompressor

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 10/12/2009 5:43:18 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 11/5/2009 10:21:28 AM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 11/6/2009 9:46:12 AM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 11/7/2009 12:36:22 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 11/7/2009 10:11:43 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 11/12/2009 9:21:52 AM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 4/17/2010 1:59:01 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 4/22/2010 11:09:09 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 4/22/2010 11:09:10 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

Error - 4/28/2010 11:18:07 PM | Computer Name = CHUCKY | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 10/28/2012 12:02:59 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:03:03 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:03:03 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:03:03 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:03:11 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 10/28/2012 12:03:12 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:03:23 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:03:26 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 10/28/2012 12:03:42 AM | Computer Name = FAMILY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 10/28/2012 12:05:11 AM | Computer Name = FAMILY | Source = JavaQuickStarterService | ID = 1
Description =

[ OSession Events ]
Error - 11/21/2010 12:52:55 AM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 2, Application Name: Microsoft Office Access, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3618
seconds with 1440 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10/28/2012 12:05:42 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7000
Description = The TCP/IP Protocol Driver service failed to start due to the following
error: %%2

Error - 10/28/2012 12:05:42 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the TCP/IP
Protocol Driver service which failed to start because of the following error: %%2

Error - 10/28/2012 12:05:43 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7000
Description = The TCP/IP Protocol Driver service failed to start due to the following
error: %%2

Error - 10/28/2012 12:05:43 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the TCP/IP
Protocol Driver service which failed to start because of the following error: %%2

Error - 10/28/2012 12:09:36 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7000
Description = The TCP/IP Protocol Driver service failed to start due to the following
error: %%2

Error - 10/28/2012 12:09:36 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the TCP/IP
Protocol Driver service which failed to start because of the following error: %%2

Error - 10/28/2012 12:15:43 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7000
Description = The TCP/IP Protocol Driver service failed to start due to the following
error: %%2

Error - 10/28/2012 12:15:43 AM | Computer Name = FAMILY | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the TCP/IP
Protocol Driver service which failed to start because of the following error: %%2

Error - 10/28/2012 12:16:23 AM | Computer Name = FAMILY | Source = nvgts | ID = 262153
Description = The device, \Device\Scsi\nvgts1, did not respond within the timeout
period.

Error - 10/28/2012 12:19:53 AM | Computer Name = FAMILY | Source = nvgts | ID = 262153
Description = The device, \Device\Scsi\nvgts1, did not respond within the timeout
period.


< End of report >

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-27 23:08:56
-----------------------------
23:08:56.390 OS Version: Windows 5.1.2600 Service Pack 3
23:08:56.390 Number of processors: 1 586 0x2F02
23:08:56.390 ComputerName: FAMILY UserName:
23:08:59.703 Initialize success
23:09:00.078 AVAST engine defs: 12102201
23:09:10.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
23:09:10.093 Disk 0 Vendor: ST312021 3.AH Size: 114473MB BusType: 3
23:09:10.109 Disk 0 MBR read successfully
23:09:10.109 Disk 0 MBR scan
23:09:10.750 Disk 0 unknown MBR code
23:09:10.765 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 107198 MB offset 63
23:09:11.500 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 7264 MB offset 219557520
23:09:11.656 Disk 0 scanning sectors +234435600
23:09:12.093 Disk 0 scanning C:\WINDOWS\system32\drivers
23:09:43.390 Service scanning
23:10:36.796 Modules scanning
23:11:42.640 Disk 0 trace - called modules:
23:11:42.671 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll SCSIPORT.SYS nvgts.sys
23:11:43.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86362030]
23:11:43.187 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000073[0x86443920]
23:11:43.187 5 ACPI.sys[f7330620] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port2Path0Target0Lun0[0x86441a38]
23:12:07.125 AVAST engine scan C:\WINDOWS
23:12:21.359 AVAST engine scan C:\WINDOWS\system32
23:20:30.718 AVAST engine scan C:\WINDOWS\system32\drivers
23:21:09.312 AVAST engine scan C:\Documents and Settings\Compaq_Owner
23:28:28.453 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat"
23:28:28.453 The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.txt"


ComboFix

ComboFix 12-10-26.05 - Compaq_Owner 10/27/2012 18:17:25.5.1 - x86
Running from: F:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}\PostBuild.exe
c:\documents and settings\Compaq_Owner\My Documents\~WRL0478.tmp
c:\documents and settings\Compaq_Owner\My Documents\~WRL3484.tmp
c:\documents and settings\Compaq_Owner\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\windows\$NtUninstallKB47602$
c:\windows\$NtUninstallKB47602$\2381132831\@
c:\windows\$NtUninstallKB47602$\2381132831\Desktop.ini
c:\windows\$NtUninstallKB47602$\2381132831\L\[email protected]
c:\windows\$NtUninstallKB47602$\2381132831\L\201d3dde
c:\windows\$NtUninstallKB47602$\2381132831\L\bfhdmwap
c:\windows\$NtUninstallKB47602$\2381132831\U\[email protected]
c:\windows\$NtUninstallKB47602$\2381132831\U\[email protected]
c:\windows\$NtUninstallKB47602$\2381132831\U\[email protected]
c:\windows\$NtUninstallKB47602$\2381132831\U\[email protected]
c:\windows\$NtUninstallKB47602$\2381132831\U\[email protected]
c:\windows\$NtUninstallKB47602$\528732763
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\wt
c:\windows\wt\data.wts
c:\windows\wt\updater\wcmdmgr.exe
c:\windows\wt\updater\wcmdmgrl.exe
c:\windows\wt\updater\wt.ini
c:\windows\wt\webdriver.dll
c:\windows\wt\webdriver\4.1.1\actorobject.dll
c:\windows\wt\webdriver\4.1.1\dx5drv.dll
c:\windows\wt\webdriver\4.1.1\dx7drv.dll
c:\windows\wt\webdriver\4.1.1\objectbundle.dll
c:\windows\wt\webdriver\4.1.1\sound.dll
c:\windows\wt\webdriver\4.1.1\wdcaps.ded
c:\windows\wt\webdriver\4.1.1\wdengine.dll
c:\windows\wt\webdriver\4.1.1\webdriver.dll
c:\windows\wt\webdriver\4.1.1\wthostctl.dll
c:\windows\wt\webdriver\4.1.1\wtwmplug.ax
c:\windows\wt\webdriver\4.1.1\wtwmplug.ini
c:\windows\wt\webdriver\jdriver.dll
c:\windows\wt\webdriver\wildtangent.jar
c:\windows\wt\wt3d.dll
c:\windows\wt\wt3d.ini
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html
c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt
c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts
c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded
c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jar
c:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.ini
c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax
c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini
c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo
c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas
c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.html
c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfo
c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdas
c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dll
c:\windows\wt\wtupdates\wtupdater\appinfo.dat
c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NVSVC
-------\Service_NPF
-------\Service_NVSvc
.
.
((((((((((((((((((((((((( Files Created from 2012-09-27 to 2012-10-27 )))))))))))))))))))))))))))))))
.
.
2012-10-27 16:29 . 2009-01-30 22:13 58208 ----a-w- c:\windows\system32\drivers\wsimd.sys
2012-10-25 14:55 . 2010-02-03 16:21 413696 ----a-w- c:\windows\system32\msvc296.rra
2012-10-20 23:48 . 2012-10-21 11:22 -------- d-----w- c:\program files\Reincubate
2012-10-07 03:44 . 2012-10-07 03:44 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\TeknoGods
2012-09-30 23:07 . 2012-09-30 23:07 -------- d-----w- c:\program files\Common Files\Skype
2012-09-30 23:07 . 2012-09-30 23:08 -------- d-----r- c:\program files\Skype
2012-09-30 18:24 . 2012-09-30 18:24 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Sony
2012-09-30 17:41 . 2012-09-30 17:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software
2012-09-30 17:41 . 2012-09-30 17:41 -------- d-----w- c:\program files\NCH Software
2012-09-30 17:40 . 2012-09-30 17:40 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\NCH Software
2012-09-30 00:15 . 2012-09-30 00:15 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Deals Plugin
2012-09-30 00:14 . 2012-09-30 00:15 -------- d-----w- c:\program files\Deals Plugin
2012-09-30 00:14 . 2012-09-30 00:14 -------- d-----w- c:\program files\Uncompressor
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 15:14 . 2004-08-04 11:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2004-08-04 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2004-08-04 11:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-04 11:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-04 11:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29 . 2004-08-04 11:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-04 11:00 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-15 04:16 . 2012-10-15 04:15 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2010-06-29 2322501]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-29 198160]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-01-28 1800464]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-12-31 3395600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-16 13680640]
"nwiz"="nwiz.exe" [2009-01-16 1657376]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-17 19722344]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 19968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-16 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
.
c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\
LivePerson.lnk - c:\program files\LivePerson\hc.exe [2011-10-17 5728072]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - c:\program files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-6-19 36903]
NETGEAR WNA1100 Smart Wizard.lnk - c:\program files\NETGEAR\WNA1100\WNA1100.exe [2012-10-27 4545024]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-6-19 27136]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
path=c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
3;2 gupdate1c9e9d654dcffd4;Google Update Service (gupdate1c9e9d654dcffd4) [2009-06-10 133104]
R0 eBoost;eBoostr caching filter driver;c:\windows\system32\drivers\eBoost.sys [x]
R3 AR9271;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuw.sys [x]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [x]
R3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\NETGEAR\WNA1100\jswpsapi.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
S2 WSWNA1100;WSWNA1100;c:\program files\NETGEAR\WNA1100\WifiSvc.exe [x]
S3 JSWSCIMD;jswscimd Service;c:\windows\system32\DRIVERS\jswscimd.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 14:18]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 14:18]
.
2012-10-27 c:\windows\Tasks\User_Feed_Synchronization-{16A277BB-F55B-419A-AC32-F60EB41211A8}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
2012-10-03 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2012-09-30 17:41]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
DPF: bdsripcab - hxxps://media.bdsrealtime.com/components/bdsripcab.cab
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2927608&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search (powered by Google)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=spkyf-1.7.0&src=ab&aid=PW%2B7a1a5fu00GO&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-09-29 19:15; [email protected]; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
FF - ExtSQL: 2012-09-30 18:08; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2009-09-02 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2011-09-18 10:26; [email protected]; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKLM-Run-UpdatePDRShortCut - c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
HKLM-Run-jswtrayutil - c:\program files\NETGEAR\WNA1100\jswtrayutil.exe
SafeBoot-Wdf01000.sys
AddRemove-PokerStars.net - c:\program files\PokerStars.NET\PokerStarsUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-27 18:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3de8735c-d5e7-4150-9d7a-e14607f08cfe}]
@Denied: (Full) (Everyone)
"Model"=dword:0000014d
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):a7,85,4b,58,f7,33,e9,c4,f9,2d,da,f0,21,59,69,c0,05,55,35,ba,c7,
2c,17,d1,f6,54,28,06,2b,f9,27,18,d4,e4,83,1b,66,88,7d,af,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):11,e7,d4,a6,87,0a,dc,64,cc,2d,9f,51,91,37,3a,84,45,4e,7b,aa,bc,
be,e2,ab,22,78,9c,b0,e5,fb,43,0c,84,32,f4,c4,ba,f6,f4,08,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9f534ca0-6f87-4699-9aa0-520170d7459d}]
@Denied: (Full) (Everyone)
"Model"=dword:000000e7
"Therad"=dword:00000024
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,ab,9e,50,1b,eb,77,d1,ab,db,49,d5,a2,7a,79,16,e2,83,e0,8b,c5,07,bb,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\athgina.dll
.
- - - - - - - > 'explorer.exe'(3844)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\Software Informer\sbtn.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\LOGI_MWX.EXE
c:\windows\system32\brsvc01a.exe
c:\windows\system32\brss01a.exe
c:\windows\system32\acs.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Bandoo\Bandoo.exe
c:\windows\system32\SearchIndexer.exe
.
**************************************************************************
.
Completion time: 2012-10-27 18:52:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-27 23:52
ComboFix2.txt 2010-10-27 14:50
.
Pre-Run: 28,162,580,480 bytes free
Post-Run: 30,227,484,672 bytes free
.
- - End Of File - - 369EB2812452025E44E3FA89A7C35C73
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there this could be easy ... Or a pain in the butt to fix. So lets see what we have

CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

THEN

Download and run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

NEXT

Please download MiniToolBox, save it to your desktop and run it.

Posted Image

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#3
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Thanks for getting back to me so quick. Appreciate it!

# AdwCleaner v2.005 - Logfile created 10/28/2012 at 07:43:57
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Compaq_Owner - FAMILY
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Compaq_Owner\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Bandoo Coordinator

***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Deleted on reboot : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme
File Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\eBay.lnk
File Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
File Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\SearchResults.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Bandoo
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Bandoo
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Bandoo
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Application Data\searchquband
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Deals Plugin
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Program Files\Bandoo
Folder Deleted : C:\Program Files\Deals Plugin

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\Deals Plugin
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bandoo
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
Key Deleted : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
Key Deleted : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022462237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004637.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004637.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004637.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055465537}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066466637}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011461137}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011461137}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Deals Plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deals Plugin
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\prefs.js

C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\user.js ... Deleted !

Deleted : user_pref("CT2927608..clientLogIsEnabled", true);
Deleted : user_pref("CT2927608..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2927608..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2927608.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2927608.AppTrackingLastCheckTime", "Mon Oct 31 2011 16:08:43 GMT-0500 (Central Daylight[...]
Deleted : user_pref("CT2927608.CT2927608", "CT2927608");
Deleted : user_pref("CT2927608.CurrentServerDate", "1-11-2011");
Deleted : user_pref("CT2927608.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2927608.DialogsGetterLastCheckTime", "Sun Oct 30 2011 12:08:34 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT2927608.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2927608.FirstServerDate", "30-10-2011");
Deleted : user_pref("CT2927608.FirstTime", true);
Deleted : user_pref("CT2927608.FirstTimeFF3", true);
Deleted : user_pref("CT2927608.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2927608.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2927608.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2927608.HasUserGlobalKeys", true);
Deleted : user_pref("CT2927608.Initialize", true);
Deleted : user_pref("CT2927608.InitializeCommonPrefs", true);
Deleted : user_pref("CT2927608.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2927608.InstalledDate", "Sun Oct 30 2011 12:08:35 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2927608.InvalidateCache", false);
Deleted : user_pref("CT2927608.IsAlertDBUpdated", true);
Deleted : user_pref("CT2927608.IsGrouping", false);
Deleted : user_pref("CT2927608.IsMulticommunity", false);
Deleted : user_pref("CT2927608.IsOpenThankYouPage", true);
Deleted : user_pref("CT2927608.IsOpenUninstallPage", true);
Deleted : user_pref("CT2927608.IsProtectorsInit", true);
Deleted : user_pref("CT2927608.LanguagePackLastCheckTime", "Mon Oct 31 2011 12:08:34 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2927608.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2927608.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2927608.LastLogin_3.4.2.0", "Mon Oct 31 2011 16:08:33 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT2927608.LatestVersion", "3.5.0.12");
Deleted : user_pref("CT2927608.Locale", "en");
Deleted : user_pref("CT2927608.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2927608.MCDetectTooltipShow", false);
Deleted : user_pref("CT2927608.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT2927608.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2927608.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2927608.OriginalFirstVersion", "3.4.2.0");
Deleted : user_pref("CT2927608.RadioIsPodcast", false);
Deleted : user_pref("CT2927608.RadioLastCheckTime", "Mon Oct 31 2011 12:08:50 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2927608.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2927608.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2927608.RadioMediaID", "9909");
Deleted : user_pref("CT2927608.RadioMediaType", "Media Player");
Deleted : user_pref("CT2927608.RadioMenuSelectedID", "EBRadioMenu_CT29276089909");
Deleted : user_pref("CT2927608.RadioStationName", "WQXR-FM%20NYC%20(Classical)");
Deleted : user_pref("CT2927608.RadioStationURL", "hxxp://htc-01.media.globix.net/COMP005996MOD1/meta/wqxr_live[...]
Deleted : user_pref("CT2927608.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2927608.SearchEngineBeforeUnload", "twetvcom Customized Web Search");
Deleted : user_pref("CT2927608.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2927608.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT292[...]
Deleted : user_pref("CT2927608.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2927608.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2927608.SearchInNewTabLastCheckTime", "Mon Oct 31 2011 12:08:34 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2927608.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2927608.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2927608.SearchProtectorEnabled", true);
Deleted : user_pref("CT2927608.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2927608.ServiceMapLastCheckTime", "Mon Oct 31 2011 12:08:32 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT2927608.SettingsLastCheckTime", "Sun Oct 30 2011 12:08:31 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2927608.SettingsLastUpdate", "1319991241");
Deleted : user_pref("CT2927608.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2927608.ThirdPartyComponentsLastCheck", "Sun Oct 30 2011 12:08:31 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2927608.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2927608.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2927608");
Deleted : user_pref("CT2927608.UserID", "UN44668673990890784");
Deleted : user_pref("CT2927608.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2927608.alertChannelId", "1319492");
Deleted : user_pref("CT2927608.approveUntrustedApps", false);
Deleted : user_pref("CT2927608.components.1000082", false);
Deleted : user_pref("CT2927608.components.1000515", false);
Deleted : user_pref("CT2927608.components.129404774609337753", false);
Deleted : user_pref("CT2927608.components.129404774610431521", false);
Deleted : user_pref("CT2927608.components.129404774612619068", false);
Deleted : user_pref("CT2927608.components.129404774612775320", false);
Deleted : user_pref("CT2927608.components.129407780098569575", false);
Deleted : user_pref("CT2927608.components.129408677816575864", false);
Deleted : user_pref("CT2927608.components.129411451301544529", false);
Deleted : user_pref("CT2927608.components.129627219059233480", false);
Deleted : user_pref("CT2927608.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2927608.globalFirstTimeInfoLastCheckTime", "Mon Oct 31 2011 16:08:32 GMT-0500 (Central [...]
Deleted : user_pref("CT2927608.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2927608.initDone", true);
Deleted : user_pref("CT2927608.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2927608.myStuffEnabled", true);
Deleted : user_pref("CT2927608.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2927608.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2927608.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2927608.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2927608.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2927608.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2927608.testingCtid", "");
Deleted : user_pref("CT2927608.toolbarAppMetaDataLastCheckTime", "Mon Oct 31 2011 12:08:32 GMT-0500 (Central D[...]
Deleted : user_pref("CT2927608.toolbarContextMenuLastCheckTime", "Sun Oct 30 2011 12:08:34 GMT-0500 (Central D[...]
Deleted : user_pref("CT2927608.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "twetvcom Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1319492/1315163/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2927608", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.4.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2927608",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2927608&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Compaq_Owner\\Appl[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.4.2.0");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.toolbars.alexa.com/?ver=sp[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2927608");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2927608");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2927608");
Deleted : user_pref("CommunityToolbar.globalUserId", "4370ac63-4471-43c9-b2ef-0befaf621fb6");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2927608");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Oct 30 2011 12:08:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Oct 31 2011 12:08:45 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Oct 31 2011 12:08:33 GMT-0500 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "40f7c989-7c04-4e54-b4f2-88c860fcbbdc");
Deleted : user_pref("browser.search.defaultthis.engineName", "twetvcom Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2927608&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "Web Search (powered by Google)");
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationTime", 1348964087);
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.active", true);
Deleted : user_pref("extensions.crossriderapp4637.4637.addressbar", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.backgroundver", 7);
Deleted : user_pref("extensions.crossriderapp4637.4637.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp4637.4637.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.InstallationTime.value", "1348964087");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_aoi.value", "1348964087");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_country_code.expiration", "Mon Oct 29 2012 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_crr.value", "1351376826");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_pc_20120828.value", "1348964159762");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_product_id.value", "%221180%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_zoneid.value", "%2287821%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.dbtest.value", "1348964141339");
Deleted : user_pref("extensions.crossriderapp4637.4637.description", "Deals Plugin");
Deleted : user_pref("extensions.crossriderapp4637.4637.domain", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.group", 0);
Deleted : user_pref("extensions.crossriderapp4637.4637.homepage", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.iframe", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_appVer.value", "34");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_remote_resources.expiration", "Fri[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.name", "Deals Plugin");
Deleted : user_pref("extensions.crossriderapp4637.4637.newtab", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.opensearch", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000014.ver", 7);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000015.ver", 4);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.pluginsversion", 15);
Deleted : user_pref("extensions.crossriderapp4637.4637.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp4637.4637.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp4637.4637.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.thankyou", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp4637.4637.ver", 34);
Deleted : user_pref("extensions.crossriderapp4637.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp4637.apps", "4637");
Deleted : user_pref("extensions.crossriderapp4637.bic", "13a1487153b830124a69a4ce48e6c50a");
Deleted : user_pref("extensions.crossriderapp4637.cid", 4637);
Deleted : user_pref("extensions.crossriderapp4637.firstrun", false);
Deleted : user_pref("extensions.crossriderapp4637.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp4637.installationdate", 1348964128);
Deleted : user_pref("extensions.crossriderapp4637.lastcheck", 22522947);
Deleted : user_pref("extensions.crossriderapp4637.lastcheckitem", 22522947);
Deleted : user_pref("extensions.crossriderapp4637.modetype", "production");
Deleted : user_pref("extensions.crossriderapp4637.updating", true);
Deleted : user_pref("[email protected]", true);
Deleted : user_pref("extensions.enabledAddons", "[email protected]:1.23.0.5,[email protected]:5.1,too[...]
Deleted : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [33740 octets] - [28/10/2012 07:43:57]

########## EOF - C:\AdwCleaner[S1].txt - [33801 octets] ##########


Farbar Service Scanner Version: 27-10-2012
Ran by Compaq_Owner (administrator) on 28-10-2012 at 07:47:23
Running from "C:\Documents and Settings\Compaq_Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

netman Service is not running. Checking service configuration:
The start type of netman service is OK.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(9) Avgfwfd(8) cmdHlp(87) Gpc(6) JSWSCIMD(29) NetBT(5) PSched(7) Tcpip(3)
0x1F00000004000000010000000200000003000000570000000900000008000000560000000500000006000000070000000A0000000B0000000C0000000D0000000E0000000F000000100000001100000012000000130000001400000015000000160000001700000018000000190000001A0000001B0000001C0000001D000000
ATTENTION!=====> IpSec Tag value should be 4. ATTENTION!=====> IpSec Tag value is missing and it should be 4.

**** End of log ****

MiniToolBox by Farbar Version: 23-07-2012
Ran by Compaq_Owner (administrator) on 28-10-2012 at 07:51:18
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



An internal error occurred: The request is not supported.



Please contact Microsoft Product Support Services for further help.



Additional information: Unable to query host name.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: :

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
D-Link DFE-530TX+ PCI Fast Ethernet Adapter (rev.F) = Local Area Connection 3 (Media disconnected)
NETGEAR WNA1100 N150 Wireless USB Adapter = Wireless Network Connection 9 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip



popd
# End of interface IP configuration




Windows IP Configuration



An internal error occurred: The request is not supported.



Please contact Microsoft Product Support Services for further help.



Additional information: Unable to query host name.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Unable to contact IP driver, error code 2,

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/28/2012 07:49:18 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (10/28/2012 07:42:57 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (10/27/2012 11:05:11 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (10/27/2012 11:03:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2012 11:03:26 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (10/27/2012 11:03:23 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2012 11:03:12 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2012 11:03:11 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (10/27/2012 11:03:03 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2012 11:03:03 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (10/28/2012 07:51:44 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%2

Error: (10/28/2012 07:51:44 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service failed to start due to the following error:
%%2

Error: (10/28/2012 07:51:43 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%2

Error: (10/28/2012 07:51:43 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service failed to start due to the following error:
%%2

Error: (10/28/2012 07:51:42 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%2

Error: (10/28/2012 07:51:42 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service failed to start due to the following error:
%%2

Error: (10/28/2012 07:51:40 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%2

Error: (10/28/2012 07:51:40 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service failed to start due to the following error:
%%2

Error: (10/28/2012 07:51:36 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%2

Error: (10/28/2012 07:51:36 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (11/20/2010 11:52:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3618 seconds with 1440 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 Plugin (Version: 10.3.181.26)
Adobe Reader 9.4.2 (Version: 9.4.2)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
AMD Processor Driver (Version: 1.3.2.0053)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Auslogics Disk Defrag (Version: version 3.4)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 70.0.170.000)
CCleaner (Version: 3.10)
COMODO Internet Security (Version: 3.14.147648.588)
Compaq Connections (remove only)
Compaq Organize
CP_AtenaShokunin1Config (Version: 70.0.170.000)
CP_CalendarTemplates1 (Version: 70.0.170.000)
cp_LightScribeConfig (Version: 70.0.170.000)
cp_OnlineProjectsConfig (Version: 70.0.170.000)
CP_Package_Basic1 (Version: 70.0.170.000)
CP_Package_Variety1 (Version: 70.0.170.000)
CP_Package_Variety2 (Version: 70.0.170.000)
CP_Package_Variety3 (Version: 70.0.170.000)
CP_Panorama1Config (Version: 70.0.170.000)
cp_PosterPrintConfig (Version: 70.0.170.000)
cp_UpdateProjectsConfig (Version: 70.0.170.000)
Critical Update for Windows Media Player 11 (KB959772)
CueTour (Version: 70.0.170.000)
Customer Experience Enhancement (Version: Customer Experience Enhancement -1.0.0.1680)
D-Link DFE-530TX+ (Version: )
D-Link PCI Fast Ethernet Adapter
Destinations (Version: 70.0.170.000)
DeviceManagementQFolder (Version: 1.00.0000)
DFE-530TX Driver
Easy Internet Sign-up (Version: FE UI-4.1.0.1680)
Facebook Plug-In
FullDPAppQFolder (Version: 1.00.0000)
Google Chrome (Version: 22.0.1229.94)
Google Gears (Version: 0.5.3600)
Google Update Helper (Version: 1.3.21.123)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Boot Optimizer (Version: 3.0.0)
HP DVD Play 2.1
HP Game Console
HP Imaging Device Functions 7.0 (Version: 7.0)
HP Photosmart Premier Software 6.5 (Version: 6.5)
HP Rhapsody
HP Support Overview (Version: 1.0.0)
HP Update (Version: 5.002.008.001)
HP Web Helper
HPPhotoSmartExpress (Version: 70.0.170.000)
HpSdpAppCoreApp (Version: 3.00.0000)
InstantShareDevices (Version: 70.0.170.000)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Logitech MouseWare 9.79.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR WNA1100 N150 Wireless USB Adapter (Version: 1.0.0.133)
NOOK for PC (Version: 2.5.1.237)
NVIDIA Control Panel 260.99 (Version: 260.99)
NVIDIA Drivers (Version: 1.3)
NVIDIA Graphics Driver 260.99 (Version: 260.99)
NVIDIA Install Application (Version: 2.0.14.0)
NVIDIA nView 135.36 (Version: 135.36)
NVIDIA nView Desktop Manager (Version: 6.14.10.13065)
OptionalContentQFolder (Version: 1.00.0000)
PC-Doctor 5 for Windows (Version: 5.00.3462.03)
PhotoGallery (Version: 70.0.170.000)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
RandMap (Version: 70.0.170.000)
RealPlayer
Realtek High Definition Audio Driver (Version: 5.10.0.6257)
Respondus LockDown Browser (Version: 1.02.0001)
SkinsHP1 (Version: 70.0.170.000)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
SlideShow (Version: 70.0.170.000)
SlideShowMusic (Version: 70.0.170.000)
Software Informer 1.0 BETA
Sonic Express Labeler (Version: 2.1.0)
Sonic RecordNow Audio (Version: 2.0.6)
Sonic RecordNow Copy (Version: 2.0.6)
Sonic RecordNow Data (Version: 2.0.6)
Sonic Update Manager (Version: 3.0.0)
Sonic_PrimoSDK (Version: 70.0.170.000)
System Requirements Lab
System Requirements Lab for Intel (Version: 4.3.16.0)
Uncompressor
Unload (Version: 7.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoPad Video Editor
WebFldrs XP (Version: 9.50.7523)
WildTangent Web Driver
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.20 (32-bit) (Version: 4.20.0)

========================= Devices: ================================

Name: NETGEAR WNA1100 N150 Wireless USB Adapter - Wireless Intermediate Driver
Description: Wireless Intermediate Driver
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: WS
Service: WSIMD
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: D-Link DFE-530TX+ PCI Fast Ethernet Adapter (rev.F) #2 - Wireless Intermediate Driver
Description: Wireless Intermediate Driver
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: WS
Service: WSIMD
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 958.48 MB
Available physical RAM: 455.35 MB
Total Pagefile: 2313.51 MB
Available Pagefile: 1808.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.64 MB

========================= Partitions: =====================================

1 Drive c: (PRESARIO) (Fixed) (Total:104.69 GB) (Free:27.67 GB) NTFS
2 Drive d: (PRESARIO_RP) (Fixed) (Total:7.08 GB) (Free:0.36 GB) FAT32
4 Drive f: () (Removable) (Total:3.79 GB) (Free:3.69 GB) FAT32

========================= Users: ========================================

User accounts for \\FAMILY

Administrator ASPNET Compaq_Owner
Guest HelpAssistant SUPPORT_388945a0
SUPPORT_fddfa904

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets try this first and reset the ipsec tag

First

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]

:Reg
[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock]
[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock2]

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

After the reboot

Go to Start ==> Control Panel. Double-click Network Connections. Right-click Local Area Connection, and select Properties.
  • On the General tab, click Install a popup window opens.
  • Select Protocol from the list and then click Add.
  • A new window opens, click Have Disk....
  • In the browse... box type c:\windows\inf
  • Click OK.
  • Select Internet Protocol (TCP/IP), and then click OK.
  • Restart and check the connection.

  • 0

#5
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Wow! That's amazing. It's now working again. SO, is everything good to go or is there more to be done?
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nope I would like one final check to ensure that nothing remains... Glad it was the simple fix :lol:


  • Run OTL, there will be just one log this time .

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#7
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
There were no Extras one that popped up this time. Here is the OTL file

OTL logfile created on: 10/28/2012 9:02:28 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 433.62 Mb Available Physical Memory | 45.24% Memory free
2.26 Gb Paging File | 1.76 Gb Available in Paging File | 77.68% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.69 Gb Total Space | 30.39 Gb Free Space | 29.03% Space Free | Partition Type: NTFS
Drive D: | 7.08 Gb Total Space | 0.36 Gb Free Space | 5.13% Space Free | Partition Type: FAT32
Drive F: | 3.79 Gb Total Space | 3.69 Gb Free Space | 97.23% Space Free | Partition Type: FAT32

Computer Name: FAMILY | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/11 08:19:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011/07/28 17:06:32 | 008,247,264 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
PRC - [2011/07/28 17:06:20 | 000,297,440 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2010/12/31 15:06:35 | 003,395,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/12/31 15:06:34 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/28 22:37:24 | 002,322,501 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files\Software Informer\softinfo.exe
PRC - [2010/01/28 17:55:29 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/28 17:55:12 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/05/29 09:56:06 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/02/20 13:23:26 | 000,495,700 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/19 09:57:40 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2003/12/17 10:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (No Company Name) ==========

MOD - [2012/10/28 01:54:20 | 001,824,768 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12102800\algo.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/28 17:06:32 | 008,247,264 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
MOD - [2011/07/28 17:06:20 | 000,297,440 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
MOD - [2011/05/11 10:31:00 | 000,204,800 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiLib.dll
MOD - [2010/12/31 15:06:30 | 000,142,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll
MOD - [2010/01/28 17:57:54 | 001,143,056 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
MOD - [2009/08/28 16:50:18 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll
MOD - [2006/06/19 09:57:38 | 000,151,589 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwfiles.dll
MOD - [2006/06/19 09:57:38 | 000,098,339 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrExt.dll
MOD - [2006/06/19 09:57:38 | 000,061,496 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\clntutil.dll
MOD - [2005/12/15 15:33:48 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\Program\HPClientExt.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 23:16:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/07/28 17:06:20 | 000,297,440 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010/12/31 15:06:34 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/28 17:55:12 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/11/05 16:08:36 | 000,360,529 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/02/20 13:23:26 | 000,495,700 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - File not found [File_System | Boot | Stopped] -- system32\drivers\eBoost.sys -- (eBoost)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avgfwdx.sys -- (Avgfwfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avgfwdx.sys -- (Avgfwdx)
DRV - [2012/10/23 05:18:34 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/23 05:18:34 | 000,360,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/23 05:18:34 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/23 05:18:34 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/23 05:18:33 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/10/23 05:18:32 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/10/23 05:18:32 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/02 18:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/11/30 18:06:04 | 006,261,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/09/30 20:15:00 | 001,759,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2010/02/11 12:03:07 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/01/28 17:56:11 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/01/28 17:56:10 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/01/30 17:13:20 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008/11/12 17:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/09/25 18:07:00 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2007/07/13 10:44:22 | 000,043,008 | ---- | M] (D-Link ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dlkfet5b.sys -- (FETNDISB)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/03/03 16:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 16:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/08/03 16:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...ARIO&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\SearchScopes\{5E1BE0B3-C7B9-49C6-A0A4-52F5BE4D42E5}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.23.0.5
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.23.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:5.1
FF - prefs.js..keyword.URL: "http://search.toolba...7a1a5fu00GO&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Compaq_Owner\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/05/29 09:56:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/04 16:55:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 23:16:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/14 23:15:53 | 000,000,000 | ---D | M]

[2011/09/18 11:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/06/07 18:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/28 07:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions
[2010/06/26 11:33:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/12 05:55:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\[email protected]
[2012/08/18 04:10:15 | 000,702,524 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2011/01/04 16:17:39 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\bing.xml
[2010/04/06 07:16:06 | 000,001,494 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\b3kq2lt8.default\searchplugins\web-search-powered-by-google.xml
[2012/10/14 23:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/14 23:15:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/04/17 09:10:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/10/14 23:16:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/09/21 17:33:50 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 23:16:05 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Bandoo (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\ChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Documents and Settings\Compaq_Owner\Application Data\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\

O1 HOSTS File: ([2012/10/28 08:26:43 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: <Company name>)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe" File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk = C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O15 - HKU\.DEFAULT\..Trusted Domains: amazon.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: hulu.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: youtube.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: amazon.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: hulu.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: youtube.com ([]* in Trusted sites)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1244421581718 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E0B119-DCF2-4CD6-8DFB-7CFF1B70F7FF} https://sprint.black...ls/TOImport.cab (TeamOn Import Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: bdsripcab https://media.bdsrea...s/bdsripcab.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA586921-7BFA-48C2-8396-38F36096AD94}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 01:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/28 08:52:22 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/10/28 08:42:49 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2012/10/28 08:42:46 | 001,269,854 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2012/10/28 08:42:46 | 000,495,700 | ---- | C] (Atheros) -- C:\WINDOWS\System32\acs.exe
[2012/10/28 08:42:46 | 000,426,074 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wgapi.dll
[2012/10/28 08:42:46 | 000,405,504 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2012/10/28 08:42:46 | 000,356,443 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2012/10/28 08:42:46 | 000,311,390 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2012/10/28 08:42:46 | 000,254,022 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2012/10/28 08:42:46 | 000,249,924 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2012/10/28 08:42:46 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2012/10/28 08:42:46 | 000,127,079 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2012/10/28 08:42:46 | 000,127,053 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2012/10/28 08:42:46 | 000,082,017 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2012/10/28 08:42:45 | 001,759,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2012/10/28 08:42:45 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2012/10/28 08:42:45 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscimd.sys
[2012/10/28 08:42:45 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\jswscimd.sys
[2012/10/28 08:42:44 | 000,405,582 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscsup.dll
[2012/10/28 08:42:44 | 000,073,800 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athgina.dll
[2012/10/28 08:42:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGEAR WNA1100 Genie
[2012/10/28 08:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2012/10/28 08:41:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/10/28 08:27:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/10/28 08:26:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/28 07:43:36 | 000,751,391 | ---- | C] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\MiniToolBox.exe
[2012/10/28 07:43:32 | 000,694,375 | ---- | C] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
[2012/10/27 23:07:44 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2012/10/27 23:07:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/27 22:16:26 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\HijackThis.exe
[2012/10/27 21:56:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/10/27 21:52:15 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
[2012/10/27 21:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
[2012/10/27 19:25:08 | 026,376,640 | ---- | C] (Acresso Software Inc. ) -- C:\Documents and Settings\Compaq_Owner\Desktop\WNA1100_v2.0.0.5_Setup.exe
[2012/10/27 17:55:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2012/10/25 09:55:32 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvc296.rra
[2012/10/20 20:26:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/10/20 18:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Reincubate
[2012/10/14 23:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/11 21:07:31 | 010,150,457 | ---- | C] (XboxMB) -- C:\Documents and Settings\Compaq_Owner\Desktop\Horizon.exe
[2012/10/07 20:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Slender_v0_9_7
[2012/10/07 20:02:37 | 000,680,032 | ---- | C] (OptimumInstaller) -- C:\Documents and Settings\Compaq_Owner\Desktop\slender_setup.exe
[2012/10/07 20:01:27 | 000,373,432 | ---- | C] (Softonic) -- C:\Documents and Settings\Compaq_Owner\Desktop\SoftonicDownloader_for_slender-the-eight-pages.exe
[2012/10/06 22:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\TeknoGods
[2012/10/05 15:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Crack
[2012/09/30 18:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/30 18:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/09/30 18:07:12 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/09/30 18:06:00 | 000,946,352 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Compaq_Owner\Desktop\SkypeSetup.exe
[2012/09/30 13:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony
[2012/09/30 12:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2012/09/30 12:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2012/09/30 12:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2012/09/30 12:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2012/09/30 12:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\NCH Software
[2012/09/29 19:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Uncompressor
[2012/09/29 19:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Uncompressor

========== Files - Modified Within 30 Days ==========

[2012/10/28 09:12:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{16A277BB-F55B-419A-AC32-F60EB41211A8}.job
[2012/10/28 08:52:22 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/10/28 08:52:22 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/10/28 08:45:24 | 000,528,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/28 08:45:24 | 000,097,078 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/28 08:42:40 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk
[2012/10/28 08:42:40 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA1100 Genie.lnk
[2012/10/28 08:42:08 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/28 08:38:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/28 08:38:24 | 000,199,660 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/28 08:38:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/28 08:30:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/28 08:26:43 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/10/28 07:36:14 | 000,751,391 | ---- | M] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\MiniToolBox.exe
[2012/10/28 07:36:14 | 000,694,375 | ---- | M] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
[2012/10/28 07:35:56 | 000,538,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\adwcleaner.exe
[2012/10/27 23:28:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2012/10/27 22:16:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\HijackThis.exe
[2012/10/27 21:37:04 | 001,580,544 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
[2012/10/27 19:51:56 | 042,730,616 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\4k8t247w.exe
[2012/10/27 17:52:59 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to ComboFix.lnk
[2012/10/23 05:18:34 | 000,738,504 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/10/23 05:18:34 | 000,360,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/10/23 05:18:34 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/10/23 05:18:34 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/10/23 05:18:33 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/10/23 05:18:33 | 000,089,752 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/10/23 05:18:32 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/10/23 05:18:32 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/10/23 05:17:48 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/10/23 05:17:38 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/10/22 21:37:22 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Microsoft Office Word 2007.lnk
[2012/10/22 14:34:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/22 13:55:12 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/20 23:53:05 | 000,019,617 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\SMS.csv
[2012/10/14 01:45:11 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/12 17:27:22 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
[2012/10/11 21:13:54 | 010,150,457 | ---- | M] (XboxMB) -- C:\Documents and Settings\Compaq_Owner\Desktop\Horizon.exe
[2012/10/11 08:20:08 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2012/10/11 08:19:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/10 20:32:11 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/10/07 20:05:25 | 065,812,970 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Slender_v0_9_7.zip
[2012/10/07 20:02:38 | 000,680,032 | ---- | M] (OptimumInstaller) -- C:\Documents and Settings\Compaq_Owner\Desktop\slender_setup.exe
[2012/10/07 20:01:31 | 000,373,432 | ---- | M] (Softonic) -- C:\Documents and Settings\Compaq_Owner\Desktop\SoftonicDownloader_for_slender-the-eight-pages.exe
[2012/10/03 12:49:01 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012/09/30 18:07:13 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/09/30 18:06:00 | 000,946,352 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Compaq_Owner\Desktop\SkypeSetup.exe
[2012/09/29 18:47:28 | 000,000,370 | ---- | M] () -- C:\WINDOWS\WININIT.INI

========== Files Created - No Company Name ==========

[2012/10/28 08:52:21 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/10/28 08:42:45 | 000,039,471 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2012/10/28 08:42:45 | 000,039,469 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2012/10/28 08:42:45 | 000,035,967 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.cat
[2012/10/28 08:42:45 | 000,035,538 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.cat
[2012/10/28 08:42:45 | 000,005,529 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.inf
[2012/10/28 08:42:45 | 000,005,363 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2012/10/28 08:42:45 | 000,002,231 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.inf
[2012/10/28 08:42:45 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2012/10/28 08:42:43 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2012/10/28 08:42:40 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk
[2012/10/28 08:42:40 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA1100 Genie.lnk
[2012/10/28 07:43:34 | 000,538,941 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\adwcleaner.exe
[2012/10/27 23:28:28 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2012/10/27 21:39:59 | 001,580,544 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
[2012/10/27 20:22:20 | 042,730,616 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\4k8t247w.exe
[2012/10/27 17:52:59 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to ComboFix.lnk
[2012/10/25 09:54:19 | 000,006,419 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ReleaseNotes_WNA3100_sw_2.0.html
[2012/10/20 23:53:05 | 000,019,617 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\SMS.csv
[2012/10/20 20:26:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/07 20:04:33 | 065,812,970 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Slender_v0_9_7.zip
[2012/09/30 18:07:13 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/09/30 12:49:13 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012/09/30 12:41:18 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoPad Video Editor.lnk
[2012/09/20 09:44:59 | 000,066,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/02/14 21:27:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/18 19:27:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\preferences.dat
[2011/01/04 15:49:51 | 000,110,602 | ---- | C] () -- C:\WINDOWS\System32\xcdsfx32.bin
[2011/01/04 14:51:40 | 000,000,160 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2011/01/04 14:37:43 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/04 14:37:24 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/04 14:37:24 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/07/23 14:28:24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2009/06/15 14:08:36 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/06/19 09:12:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2008/04/13 19:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 19:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 19:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 08:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 19:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 19:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 12:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 19:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 18:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 19:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 19:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 19:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 19:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 19:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 19:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 19:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 19:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 19:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 19:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 19:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 19:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 07:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 19:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 19:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 19:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 19:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 00:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 18:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 19:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 19:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 19:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 19:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 19:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 18:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 19:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 19:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 19:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 19:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 19:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 19:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/13 19:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 19:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 01:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES >
[2004/08/04 06:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >
[2004/08/03 23:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\WINDOWS\I386\SERVICES._

< MD5 for: SERVICES.EX_ >
[2004/08/03 23:00:00 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\WINDOWS\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 12:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 05:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe

< MD5 for: SERVICES.JS >
[2010/08/16 14:07:26 | 000,018,674 | ---- | M] () MD5=7209830374F12E59D7802B687A5F0542 -- C:\Program Files\Barnes & Noble\BNDesktopReader\HTML\js\services.js

< MD5 for: SERVICES.LNK >
[2005/12/05 01:50:32 | 000,001,602 | ---- | M] () MD5=088D2B3B011A1912BE137651A4BCCFEE -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MS_ >
[2004/08/03 23:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\WINDOWS\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2004/08/04 06:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2009/06/15 17:01:38 | 000,008,704 | ---- | M] () MD5=83CB01B7C2798C76834C9C58922D5EEA -- C:\Documents and Settings\Compaq_Owner\Application Data\Thinstall\CSDATA\1000000600002i\svchost.exe
[2007/05/09 17:51:07 | 000,008,704 | ---- | M] () MD5=83CB01B7C2798C76834C9C58922D5EEA -- C:\Documents and Settings\Compaq_Owner\Desktop\Adobe Photoshop CS3 Extended Portable\CSDATA\1000000600002i\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2009/04/04 20:11:53 | 000,008,704 | ---- | M] () MD5=B7CAC0B6A0DAA9F036B00D46C0D28783 -- C:\Documents and Settings\Compaq_Owner\Desktop\Adobe Photoshop CS3 Extended Portable\CSDATA\1000000800002i\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINSOCK.DL_ >
[2004/08/03 23:00:00 | 000,001,516 | ---- | M] () MD5=DBE00AC2D306E49623D471A292EF25DC -- C:\WINDOWS\I386\WINSOCK.DL_

< MD5 for: WINSOCK.DLL >
[2004/08/04 06:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\dllcache\winsock.dll
[2004/08/04 06:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\winsock.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Compaq_Owner\Desktop\procexp.exe:SummaryInformation

< End of report >
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets get you tidied up and sent away happy

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - prefs.js..extensions.enabledItems: [email protected]:1.5.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: [email protected]:5.1
    FF - prefs.js..keyword.URL: "http://search.toolba...7a1a5fu00GO&q="
    [2009/06/07 18:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
    O3 - HKU\S-1-5-21-2643415718-809851970-2684369324-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    [2012/10/28 07:43:36 | 000,751,391 | ---- | C] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\MiniToolBox.exe
    [2012/10/28 07:43:32 | 000,694,375 | ---- | C] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
    [2012/10/27 23:07:44 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
    [2012/10/27 21:56:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2012/10/27 21:52:15 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
    [2012/10/27 21:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
    [2012/10/28 07:35:56 | 000,538,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\adwcleaner.exe
    [2012/10/27 23:28:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
    [2012/10/11 08:20:08 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#9
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Okay, will get those things done. Thanks for the help. I will report back in 24hrs (maybe more than 24hrs, because I am at school about 12+ hours M-F)
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP