Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

'bout to go to the mental hospital(literally)

Started by AmandaSue82 , Dec 19 2012 02:07 PM

  • Please log in to reply

#1
AmandaSue82
Posted 19 December 2012 - 02:07 PM

AmandaSue82

    New Member

  • Member
  • Pip
  • 8 posts
OMG, Could anyone please help!!!

All I can say is, I just completely reinstalled xp on my computer 3 days ago and, well look!!!
What is going on, please I'm so stupid I can't distinguish whether Im stupid or going crazy.
OTL logfile created on: 12/19/2012 11:41:14 AM - Run 1

OTL logfile created on: 12/19/2012 12:05:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Amanda\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 82.06% Memory free
4.83 Gb Paging File | 4.39 Gb Available in Paging File | 90.83% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 294.49 Gb Free Space | 98.79% Space Free | Partition Type: NTFS
Drive F: | 3.76 Gb Total Space | 2.47 Gb Free Space | 65.81% Space Free | Partition Type: FAT32
Drive G: | 7.39 Gb Total Space | 2.30 Gb Free Space | 31.12% Space Free | Partition Type: FAT32
Drive H: | 1.84 Gb Total Space | 0.20 Gb Free Space | 10.92% Space Free | Partition Type: FAT32

Computer Name: DAVETAYLOR | User Name: Amanda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/19 11:23:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amanda\My Documents\Downloads\OTL.exe
PRC - [2012/11/29 00:27:34 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006/02/28 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/28 04:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpabaln.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/18 19:58:55 | 014,586,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/11/29 00:27:37 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2006/02/28 04:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/12/18 19:58:55 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/29 00:27:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2006/02/28 04:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2006/02/28 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/02/28 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/02/28 04:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/03 22:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm






IE - HKU\S-1-5-21-1409082233-412668190-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-1409082233-412668190-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/18 19:39:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/12/18 19:39:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Amanda\Application Data\Mozilla\Extensions
[2012/12/18 19:39:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/29 00:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/29 00:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/29 00:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/04 02:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [UIUCU] C:\Documents and Settings\Dave\Local Settings\Temp\UIUCU.EXE (Conexant Systems, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-412668190-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8628B82-6FB0-4223-89B7-C46AE11046B4}: DhcpNameServer = 192.168.0.1 205.171.2.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/12/17 03:14:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/18 20:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Macromedia
[2012/12/18 20:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Adobe
[2012/12/18 19:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/12/18 19:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\My Documents\Downloads
[2012/12/18 19:39:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\Mozilla
[2012/12/18 19:39:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Mozilla
[2012/12/18 19:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/12/18 19:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/12/18 19:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/18 18:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Identities
[2012/12/18 18:35:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\My Documents\My Pictures
[2012/12/18 18:35:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\My Documents\My Music
[2012/12/18 18:35:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Amanda\Application Data\Microsoft
[2012/12/18 18:35:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Amanda\Cookies
[2012/12/18 18:35:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Amanda\SendTo
[2012/12/18 18:35:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Amanda\Recent
[2012/12/18 18:35:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Amanda\Application Data
[2012/12/18 18:35:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu\Programs\Startup
[2012/12/18 18:35:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu
[2012/12/18 18:35:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\My Documents
[2012/12/18 18:35:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Favorites
[2012/12/18 18:35:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu\Programs\Accessories
[2012/12/18 18:35:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\Templates
[2012/12/18 18:35:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\PrintHood
[2012/12/18 18:35:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\NetHood
[2012/12/18 18:35:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\Local Settings
[2012/12/18 18:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\Microsoft
[2012/12/18 18:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Desktop
[2012/12/18 07:03:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/12/18 07:02:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/12/18 07:02:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/12/18 07:02:34 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/12/18 07:01:52 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/12/18 06:05:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2012/12/18 05:26:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012/12/18 05:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/12/18 04:57:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/12/18 04:50:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Support Tools
[2012/12/18 04:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\Support Tools
[2012/12/18 03:27:24 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2012/12/18 03:27:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2012/12/18 03:27:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2012/12/18 03:24:09 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/12/18 03:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2012/12/18 03:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/12/18 01:06:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/12/17 03:18:41 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012/12/17 03:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/12/17 03:17:01 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012/12/17 03:17:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/12/17 03:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/12/17 03:16:32 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/12/17 03:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/12/17 03:14:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/12/17 03:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/12/17 03:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/12/17 03:14:33 | 000,000,000 | ---D | C] -- C:\DELL
[2012/12/17 03:14:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012/12/17 03:13:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012/12/17 03:13:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/12/17 03:13:24 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/12/17 03:13:16 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/12/17 03:12:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012/12/17 03:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/12/17 03:12:05 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012/12/17 03:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/12/17 03:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012/12/17 03:11:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012/12/17 03:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/12/17 03:11:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012/12/17 03:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012/12/17 03:11:21 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012/12/17 03:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/12/17 03:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/12/17 03:11:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/12/17 03:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/12/17 03:10:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/12/17 03:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012/12/17 03:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/12/17 03:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/12/17 03:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/12/17 03:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2012/12/17 03:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/12/17 03:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012/12/17 03:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2012/12/17 03:09:30 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012/12/17 03:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/12/17 03:09:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012/12/17 03:09:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012/12/17 03:08:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2012/12/16 19:02:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012/12/16 19:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/12/16 19:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/12/16 19:02:14 | 000,000,000 | R--D | C] -- C:\Program Files
[2012/12/16 19:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/12/16 19:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/12/16 19:01:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/12/16 19:01:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/12/16 19:01:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/12/16 19:01:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2012/12/16 19:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/12/16 19:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2012/12/16 19:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/12/16 19:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012/12/16 19:01:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/12/16 19:01:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/12/16 19:00:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/12/16 19:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012/12/16 18:52:35 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012/12/16 18:52:35 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/12/16 18:52:35 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012/12/16 18:52:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012/12/16 18:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/19 11:19:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/19 10:08:24 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/12/19 10:07:51 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Amanda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/19 08:54:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/19 08:16:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/18 19:39:10 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/18 19:39:10 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/12/18 18:57:49 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/18 18:35:40 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/18 18:35:39 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/12/18 08:27:21 | 000,004,757 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/12/18 08:27:20 | 000,380,680 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/18 08:27:20 | 000,052,968 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/18 07:03:29 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/18 07:02:59 | 000,015,998 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/12/18 07:01:23 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/12/18 07:01:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/12/18 07:01:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/12/18 07:01:17 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/12/18 07:00:27 | 000,023,348 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/12/18 06:59:09 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/12/18 06:24:46 | 000,588,573 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012/12/18 04:28:18 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2012/12/18 01:02:21 | 000,000,534 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\quest.lnk
[2012/12/17 03:16:35 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/12/17 03:14:13 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/12/17 03:14:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/12/17 03:14:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/12/17 03:14:13 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/12/17 03:14:13 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/11/20 12:35:54 | 000,000,017 | ---- | M] () -- C:\Documents and Settings\Amanda\My Documents\ORDER.NJB
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/19 10:27:39 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\Amanda\My Documents\ORDER.NJB
[2012/12/19 10:08:24 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/12/19 10:07:50 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Amanda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/18 20:12:25 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/18 19:58:56 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/18 19:39:10 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/18 19:39:10 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/18 19:39:10 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/12/18 18:35:39 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/12/18 18:35:35 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Outlook Express.lnk
[2012/12/18 18:35:34 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/18 18:35:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Internet Explorer.lnk
[2012/12/18 18:35:31 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Remote Assistance.lnk
[2012/12/18 18:35:31 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Windows Media Player.lnk
[2012/12/18 07:02:30 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/12/18 07:02:20 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/12/18 07:02:15 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/12/18 07:02:14 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/12/18 07:02:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/12/18 07:02:07 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/12/18 07:02:04 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/12/18 07:02:01 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/12/18 07:01:54 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/12/18 06:56:10 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/12/18 06:56:10 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/12/18 06:56:10 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/12/18 06:56:10 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/12/18 06:56:10 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/12/18 06:56:10 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/12/18 06:56:09 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/12/18 06:56:09 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012/12/18 06:56:09 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/12/18 06:56:09 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/12/18 06:56:09 | 000,384,906 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/12/18 06:56:09 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/12/18 06:56:09 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/12/18 06:56:09 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/12/18 06:56:09 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/12/18 06:56:09 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/12/18 04:28:18 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2012/12/18 01:02:21 | 000,000,534 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\quest.lnk
[2012/12/17 03:16:35 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/12/17 03:15:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/12/17 03:14:13 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/12/17 03:14:13 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/12/17 03:14:13 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/12/17 03:14:13 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012/12/17 03:14:13 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012/12/17 03:14:11 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/12/17 03:14:11 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/12/17 03:14:10 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012/12/17 03:13:16 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/12/17 03:13:05 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012/12/17 03:12:23 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012/12/17 03:12:23 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012/12/17 03:12:12 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012/12/17 03:11:53 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012/12/17 03:11:36 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012/12/17 03:11:08 | 000,023,348 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/12/17 03:10:35 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/12/17 03:10:04 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2012/12/17 03:10:03 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2012/12/17 03:10:03 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2012/12/17 03:10:03 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2012/12/17 03:10:03 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2012/12/17 03:10:03 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012/12/17 03:10:03 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2012/12/17 03:10:03 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2012/12/17 03:10:02 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2012/12/17 03:10:02 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2012/12/17 03:10:02 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2012/12/17 03:09:57 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012/12/17 03:09:57 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012/12/17 03:09:55 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012/12/17 03:09:47 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2012/12/16 19:02:20 | 000,004,757 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/12/16 19:02:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/12/16 19:02:16 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012/12/16 19:02:16 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012/12/16 19:02:16 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012/12/16 19:02:15 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012/12/16 19:01:50 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/12/16 19:01:41 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/12/16 19:01:24 | 000,588,573 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2012/12/16 19:00:57 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/16 18:59:58 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012/12/16 18:59:55 | 000,015,998 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== ZeroAccess Check ==========

[2012/12/18 03:27:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006/02/28 04:00:00 | 001,492,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/04 02:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 02:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========


========== Purity Check ==========



< End of report >

Attached Files


  • 0

Advertisements

#2
RKinner
Posted 20 December 2012 - 12:15 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
What exactly is the problem? Your OTL log looks fairly clean.

Ron
  • 0

#3
AmandaSue82
Posted 20 December 2012 - 12:51 AM

AmandaSue82

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Really, because I don't recognize half the stuff on there and i know i wasn't online at 3 this morning I didn't get up till around 7ish. Can u tell if there is a remote computer able to change stuff I change??? Because my BF, claims ignorance to all the computer [bleep], but seems there is always something changing. and i can't quite put my finger on it. :unsure: :(
  • 0

#4
RKinner
Posted 20 December 2012 - 01:22 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Could just be that Windows Updates did something like night. I'm also not sure if the OTL log uses your local time zone or not.

No sign of any remote control but also no sign of an antivirus. I suggest you get the free version of Avast:

http://www.avast.com...ivirus-download

Download, Save, and Run.

Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It will normally take hours tho yours might be a bit quicker since it's a new install.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?
Text version of the report is usually at:
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\aswBoot.txt tho it tells you when it starts where to look. If it finds anything please copy and paste the text into a reply.

Some people object to Avast's voice notification of updates. To turn it off, click on the Avast ball then on Settings. Then on Sounds and uncheck Automatic Updates OK. (It will still update it just won't tell you about in a loud voice in the middle of the night.)

They have also started using their info popup to try and get you to upgrade so I go into Settings, Popups and change the first two to 1 second.

The registration is good for 12-14 months then you will need to register again. They will, of course, try to talk you into buying the product but you can always register again for another year free.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP