Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lag & High CPU


  • Please log in to reply

#16
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
This should be the last thing that you asked for.

Attached Files


  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Run the Norton Removal tool.

Reboot

Download the McAfee Removal tool
http://download.mcaf...atches/MCPR.exe

Run the tool. Reboot.

Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe

Run the tool. Reboot.

Download the Avast removal tool
http://files.avast.c...5x/aswclear.exe
Run the tool. Reboot.



Start, Run, services.msc , OK then scroll down and find:
ewido anti-spyware 4.0 guard
Right click on it and select Properties then change the Startup Type to Disabled. OK

Repeat for

Google Updater
Application Management
Human Interface Device Access
Norton Internet Security or maybe it says Norton AntiVirus. (Shouldn't be anything left but you never know.)
LiveUpdate (Should be removed by the Norton tool)


We need to look for some missing files:
Copy the text in the code box:

/md5start
intelppm.sys
LCODCCMP.DLL
usbaapl.sys
ZDPSp50.sys
/md5stop

Run OTL

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

then Run Scan.

You should get one log. please copy and paste.
  • 0

#18
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
OTL logfile created on: 7/8/2013 12:50:22 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 675.73 Mb Available Physical Memory | 70.50% Memory free
2.26 Gb Paging File | 2.08 Gb Available in Paging File | 91.91% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.48 Gb Total Space | 14.86 Gb Free Space | 14.22% Space Free | Partition Type: NTFS
Drive D: | 7.29 Gb Total Space | 0.57 Gb Free Space | 7.82% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/04 09:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2013/06/27 10:37:00 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2007/09/28 16:32:26 | 000,344,064 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 17:05:22 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp2std.exe
PRC - [2006/02/14 15:19:28 | 001,531,904 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
PRC - [2004/12/14 12:07:44 | 000,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
PRC - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
MOD - [2013/01/15 18:47:02 | 000,143,168 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll
MOD - [2011/06/18 21:35:38 | 000,090,592 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll
MOD - [2008/08/05 22:26:28 | 000,110,304 | ---- | M] () -- C:\Program Files\Ace Utilities\wipext.dll
MOD - [2007/05/10 17:05:22 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp2std.exe
MOD - [2006/02/14 15:16:12 | 000,106,496 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\blkwcapi.dll
MOD - [2006/02/13 16:49:34 | 000,167,936 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\BelkinwcuiDLL.dll
MOD - [2006/02/13 16:49:32 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\BelkinHWStatus.dll
MOD - [2006/01/24 22:15:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2005/08/10 16:36:52 | 000,045,056 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\Security.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.exe -- (ewido anti-spyware 4.0 guard)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/27 10:37:00 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/15 09:35:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2011/06/18 21:35:27 | 001,036,104 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.sys -- (ewido anti-spyware 4.0 driver)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AWRTPD.sys -- (AdWatchDrv)
DRV - [2009/04/27 21:35:17 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/09/05 13:48:24 | 012,212,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2006/03/08 16:27:12 | 004,246,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/03/03 17:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 14:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 14:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/11/24 20:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/11/10 14:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)
DRV - [2005/06/29 20:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2005/06/18 03:48:46 | 000,019,968 | ---- | M] (WikiTek Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ss.sys -- (StreamSurge)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/02 14:47:54 | 000,015,872 | ---- | M] (Gemtek Technology Co.) [Kernel | On_Demand | Running] -- C:\Program Files\Belkin\F5D9050\BKNDIS5.sys -- (BKNDIS5)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 10:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{92B4B7F0-F2AD-4A79-9913-E8F1AD59856D}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8081

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=800236"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..keyword.URL: "http://search.yahoo....type=800236&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/25 11:48:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/25 11:48:34 | 000,000,000 | ---D | M]

[2010/02/20 20:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2013/07/06 11:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions
[2008/08/14 17:22:51 | 000,000,000 | ---D | M] (Coupon Manager) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{0C7E3F01-99E9-4095-9BDC-F84724960B57}
[2013/07/06 11:38:23 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\[email protected]
[2013/01/16 13:47:29 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/06/15 13:37:27 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\searchplugins\yahoo.xml
[2013/06/25 11:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/25 11:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/25 11:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF
[2013/01/04 23:45:48 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/25 20:22:51 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/02/25 20:22:51 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2006/01/18 12:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2009/09/11 15:36:42 | 000,067,072 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npWebSentinelHelper.dll

O1 HOSTS File: ([2013/07/06 12:09:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97DA57EB-F12A-4A3A-A37B-94252252CD58}: DhcpNameServer = 192.168.2.1 24.25.5.61 24.25.5.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB51BA5C-F6F4-4E13-B2A5-5A4842ABA078}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 02:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/08 11:57:25 | 003,191,888 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\MCPR.exe
[2013/07/08 11:57:22 | 001,090,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Compaq_Owner\Desktop\avg_remover_stf_x86_2011_1184.exe
[2013/07/08 11:57:17 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswclear.exe
[2013/07/07 10:31:43 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/07/07 10:30:12 | 005,126,104 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Compaq_Owner\Desktop\spsetup122.exe
[2013/07/06 12:26:53 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2013/07/06 11:49:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/07/06 11:39:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/07/06 11:39:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/07/06 11:39:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/07/06 11:39:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/07/06 11:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/07/06 11:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 6
[2013/07/06 11:34:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/07/06 11:34:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/07/06 11:31:02 | 005,086,173 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2013/07/06 10:57:29 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2013/07/06 10:57:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/04 10:06:29 | 002,756,800 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Compaq_Owner\Desktop\procexp.exe
[2013/07/04 09:46:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/27 10:37:21 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/27 10:37:21 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/27 10:37:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/27 10:37:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/27 10:37:16 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/27 10:13:55 | 001,858,464 | ---- | C] (Coupons.com Incorporated) -- C:\Documents and Settings\Compaq_Owner\Desktop\couponprinter.exe
[2013/06/27 10:09:21 | 000,903,080 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Compaq_Owner\Desktop\jxpiinstall(1).exe
[2013/06/27 09:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Sun
[2013/06/25 22:59:19 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.75.0.1300(1).exe
[2013/06/25 12:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2013/06/25 12:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\WinDirStat
[2013/06/25 12:34:44 | 000,645,729 | ---- | C] (WDS Team) -- C:\Documents and Settings\Compaq_Owner\Desktop\windirstat1_1_2_setup.exe
[2013/06/25 11:48:47 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/25 11:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/15 09:35:28 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/15 09:35:28 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2013/06/11 12:15:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013/06/11 12:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\AppData
[2013/06/11 12:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013/06/11 12:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2013/06/11 12:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2013/06/11 12:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013/06/11 12:12:26 | 000,889,480 | ---- | C] (CNET Download.com) -- C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-cbsi109-IObit_Malware_Fighter-BP-10967594.exe
[2013/06/11 12:10:08 | 062,359,328 | ---- | C] (IObit ) -- C:\Documents and Settings\Compaq_Owner\Desktop\asc-ultimate-setup.exe
[2013/06/10 12:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2013/06/10 10:43:57 | 041,404,760 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\QuickTimeInstaller(1).exe
[2013/06/09 19:15:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2013/06/09 19:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2013/06/09 19:12:38 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/09 19:12:38 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/09 19:07:39 | 000,903,072 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Compaq_Owner\Desktop\jxpiinstall.exe
[2013/06/09 18:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\HiJackThis
[2013/06/09 18:37:34 | 000,000,000 | ---D | C] -- C:\HJT
[2013/06/09 16:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2013/06/09 16:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\BrowserPlus
[2013/06/09 16:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2013/06/09 16:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Belkin Wireless Network Utility
[2013/06/09 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2013/06/09 16:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/06/09 16:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/06/09 16:40:59 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2007/12/06 01:33:46 | 002,826,275 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\zoo.exe
[2007/12/06 01:33:46 | 001,112,504 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\dwdebug.exe
[2007/12/06 01:33:46 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\SETUPENU.DLL
[2007/12/06 01:33:46 | 000,471,098 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\UNINSTAL.EXE
[2007/12/06 01:33:46 | 000,466,997 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\lang0.dll
[2007/12/06 01:33:46 | 000,161,184 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\dw.exe
[2007/12/06 01:33:46 | 000,118,784 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\res0.dll
[2007/12/06 01:33:45 | 000,053,300 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\EBUEula.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiResJpn.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiResEnu.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiRes.dll
[2007/07/25 17:24:28 | 002,826,275 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\zoo.exe
[2007/07/25 17:24:28 | 001,112,504 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dwdebug.exe
[2007/07/25 17:24:28 | 000,471,098 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNINSTAL.EXE
[2007/07/25 17:24:27 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SETUPENU.DLL
[2007/07/25 17:24:27 | 000,466,997 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\lang0.dll
[2007/07/25 17:24:27 | 000,118,784 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\res0.dll
[2007/07/25 17:24:27 | 000,053,300 | ---- | C] (Microsoft Corporation) -- C:\Program Files\EBUEula.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiResJpn.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiResEnu.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiRes.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/08 12:55:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A9870B1F-49B9-4EB1-AAE0-82C936D2C093}.job
[2013/07/08 12:34:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/08 12:29:16 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/07/08 12:29:15 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/07/08 12:29:15 | 000,000,039 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/07/08 12:29:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/08 12:29:07 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/08 12:27:54 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/07/08 11:57:31 | 003,191,888 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\MCPR.exe
[2013/07/08 11:57:28 | 001,090,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Compaq_Owner\Desktop\avg_remover_stf_x86_2011_1184.exe
[2013/07/08 11:57:24 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswclear.exe
[2013/07/08 11:56:11 | 000,866,592 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Norton_Removal_Tool.exe
[2013/07/08 10:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/07/08 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/07/07 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/07/07 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/07/07 10:31:48 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/07/07 10:30:33 | 005,126,104 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Compaq_Owner\Desktop\spsetup122.exe
[2013/07/06 21:35:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/07/06 12:54:36 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Compaq_Owner\Desktop\VEW.exe
[2013/07/06 12:46:34 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\application log.evt
[2013/07/06 12:45:57 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\system log.evt
[2013/07/06 12:27:11 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2013/07/06 12:09:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/07/06 11:49:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/07/06 11:38:13 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Uninstaller.lnk
[2013/07/06 11:38:13 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 6.lnk
[2013/07/06 11:38:13 | 000,000,875 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 6.lnk
[2013/07/06 11:32:59 | 005,086,173 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2013/07/06 11:28:01 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2013/07/06 10:57:39 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2013/07/04 10:06:31 | 002,756,800 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Compaq_Owner\Desktop\procexp.exe
[2013/07/04 09:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/07/03 18:39:44 | 000,283,635 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Blackmon Residence(Liz).pdf
[2013/07/03 18:38:45 | 000,001,362 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2013/07/01 10:19:54 | 000,119,139 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\401262_496775543696240_758378301_n.jpg
[2013/07/01 10:18:30 | 000,142,355 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\197943_501785559861905_199076935_n.jpg
[2013/07/01 10:18:17 | 000,150,299 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\69484_502056993168095_1732405421_n.jpg
[2013/07/01 10:18:00 | 000,206,947 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\225807_503495533024241_2005367362_n.jpg
[2013/07/01 10:17:46 | 000,074,196 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\64005_505238699516591_1559339700_n.jpg
[2013/07/01 10:17:12 | 000,141,223 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\33871_512617792112015_1547791522_n.jpg
[2013/07/01 10:14:55 | 000,082,539 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\19306_522766884430439_2135944798_n.jpg
[2013/07/01 10:14:02 | 000,149,603 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\529853_533194143387713_110433115_n.jpg
[2013/06/30 18:29:41 | 000,064,454 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\tumblr_mcs2drk8XL1qcyrsio1_500.jpg
[2013/06/27 10:37:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/27 10:36:59 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/27 10:36:59 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/27 10:36:59 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/27 10:36:58 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/27 10:36:58 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/27 10:36:58 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/27 10:14:01 | 001,858,464 | ---- | M] (Coupons.com Incorporated) -- C:\Documents and Settings\Compaq_Owner\Desktop\couponprinter.exe
[2013/06/27 10:09:32 | 000,903,080 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Compaq_Owner\Desktop\jxpiinstall(1).exe
[2013/06/25 22:59:40 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.75.0.1300(1).exe
[2013/06/25 18:02:07 | 000,020,753 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1011736_10201473401227390_1224720998_n.jpg
[2013/06/25 12:34:50 | 000,645,729 | ---- | M] (WDS Team) -- C:\Documents and Settings\Compaq_Owner\Desktop\windirstat1_1_2_setup.exe
[2013/06/25 11:48:53 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/24 12:22:10 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2013/06/23 12:03:58 | 000,002,395 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2013/06/20 08:18:40 | 000,232,236 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7227.JPG
[2013/06/20 08:15:36 | 000,110,232 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7226.JPG
[2013/06/20 08:15:24 | 000,112,847 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7225.JPG
[2013/06/20 08:15:04 | 000,143,246 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7224.JPG
[2013/06/20 08:14:46 | 000,110,591 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7223.JPG
[2013/06/15 09:35:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/15 09:35:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/14 16:07:18 | 000,046,351 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\TS103456621.dotx
[2013/06/14 16:06:57 | 000,049,612 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\TS102919188.dotx
[2013/06/14 13:56:06 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/12 17:20:15 | 001,378,923 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\KEB Deck.pdf
[2013/06/11 12:12:31 | 000,889,480 | ---- | M] (CNET Download.com) -- C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-cbsi109-IObit_Malware_Fighter-BP-10967594.exe
[2013/06/11 12:11:52 | 062,359,328 | ---- | M] (IObit ) -- C:\Documents and Settings\Compaq_Owner\Desktop\asc-ultimate-setup.exe
[2013/06/10 10:44:53 | 041,404,760 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\QuickTimeInstaller(1).exe
[2013/06/09 19:22:03 | 000,126,714 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20130609_192153.reg
[2013/06/09 19:07:39 | 000,903,072 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Compaq_Owner\Desktop\jxpiinstall.exe
[2013/06/09 18:56:26 | 000,000,219 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Document.rtf
[2013/06/09 18:41:38 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.msi
[2013/06/09 18:21:39 | 000,095,460 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ShapedRates.pdf
[2013/06/09 17:02:21 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 16:46:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/08 19:46:26 | 002,094,994 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Deck Plans.bmp
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/08 11:55:59 | 000,866,592 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Norton_Removal_Tool.exe
[2013/07/07 10:31:47 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/07/06 12:54:36 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Compaq_Owner\Desktop\VEW.exe
[2013/07/06 12:46:31 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\application log.evt
[2013/07/06 12:45:55 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\system log.evt
[2013/07/06 11:39:41 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/07/06 11:39:41 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/07/06 11:39:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/07/06 11:39:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/07/06 11:39:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/07/06 11:38:13 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Uninstaller.lnk
[2013/07/06 11:38:13 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 6.lnk
[2013/07/06 11:38:13 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 6.lnk
[2013/07/06 11:28:01 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2013/07/03 18:39:44 | 000,283,635 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Blackmon Residence(Liz).pdf
[2013/07/01 10:19:53 | 000,119,139 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\401262_496775543696240_758378301_n.jpg
[2013/07/01 10:18:29 | 000,142,355 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\197943_501785559861905_199076935_n.jpg
[2013/07/01 10:18:16 | 000,150,299 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\69484_502056993168095_1732405421_n.jpg
[2013/07/01 10:18:00 | 000,206,947 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\225807_503495533024241_2005367362_n.jpg
[2013/07/01 10:17:45 | 000,074,196 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\64005_505238699516591_1559339700_n.jpg
[2013/07/01 10:17:10 | 000,141,223 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\33871_512617792112015_1547791522_n.jpg
[2013/07/01 10:14:55 | 000,082,539 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\19306_522766884430439_2135944798_n.jpg
[2013/07/01 10:14:01 | 000,149,603 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\529853_533194143387713_110433115_n.jpg
[2013/06/30 18:28:28 | 000,064,454 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\tumblr_mcs2drk8XL1qcyrsio1_500.jpg
[2013/06/25 18:01:45 | 000,020,753 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1011736_10201473401227390_1224720998_n.jpg
[2013/06/20 10:27:01 | 000,232,236 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7227.JPG
[2013/06/20 10:27:01 | 000,143,246 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7224.JPG
[2013/06/20 10:27:01 | 000,112,847 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7225.JPG
[2013/06/20 10:27:01 | 000,110,591 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7223.JPG
[2013/06/20 10:27:01 | 000,110,232 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7226.JPG
[2013/06/15 09:35:33 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/14 16:07:18 | 000,046,351 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\TS103456621.dotx
[2013/06/14 16:06:57 | 000,049,612 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\TS102919188.dotx
[2013/06/14 13:56:06 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/14 13:56:06 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/12 17:20:15 | 001,378,923 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\KEB Deck.pdf
[2013/06/09 19:21:58 | 000,126,714 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20130609_192153.reg
[2013/06/09 18:56:26 | 000,000,219 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Document.rtf
[2013/06/09 18:44:41 | 000,002,395 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2013/06/09 18:40:58 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.msi
[2013/06/09 18:21:39 | 000,095,460 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ShapedRates.pdf
[2013/06/09 17:02:21 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 16:46:32 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/06/09 16:46:32 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/06/08 19:46:25 | 002,094,994 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Deck Plans.bmp
[2013/06/05 23:24:10 | 000,212,786 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\census.cache
[2013/06/05 23:19:39 | 000,205,206 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ars.cache
[2013/06/05 22:20:18 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2013/05/28 15:38:54 | 000,922,944 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\a.zip
[2009/12/06 20:21:51 | 116,264,960 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\lol
[2009/11/27 21:03:03 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\mcs.rma
[2009/03/03 17:43:39 | 000,003,323 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\manifest.ini
[2009/03/03 17:43:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\permdata.box
[2009/01/09 20:08:32 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Settings.ini
[2007/12/06 01:33:57 | 006,397,370 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ui.zip
[2007/12/06 01:33:57 | 000,905,097 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\terrain.zip
[2007/12/06 01:33:57 | 000,687,504 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\staff.zip
[2007/12/06 01:33:57 | 000,309,698 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn15.zoo
[2007/12/06 01:33:57 | 000,288,710 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\large.zoo
[2007/12/06 01:33:57 | 000,216,039 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn12.zoo
[2007/12/06 01:33:57 | 000,204,759 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\medium.zoo
[2007/12/06 01:33:57 | 000,201,767 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn13.zoo
[2007/12/06 01:33:57 | 000,156,617 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn04.zoo
[2007/12/06 01:33:57 | 000,138,694 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn03.zoo
[2007/12/06 01:33:57 | 000,102,319 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn02.zoo
[2007/12/06 01:33:57 | 000,102,054 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn07.zoo
[2007/12/06 01:33:57 | 000,094,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn11.zoo
[2007/12/06 01:33:57 | 000,094,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn10.zoo
[2007/12/06 01:33:57 | 000,092,319 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn01.zoo
[2007/12/06 01:33:57 | 000,091,639 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\default.zoo
[2007/12/06 01:33:57 | 000,076,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn06.zoo
[2007/12/06 01:33:57 | 000,055,809 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\tiles.zip
[2007/12/06 01:33:56 | 008,954,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\objects.zip
[2007/12/06 01:33:56 | 003,635,656 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scenario.zip
[2007/12/06 01:33:56 | 002,983,796 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scenery.zip
[2007/12/06 01:33:56 | 000,357,129 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\guests.zip
[2007/12/06 01:33:56 | 000,024,146 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\items.zip
[2007/12/06 01:33:56 | 000,007,337 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\research.zip
[2007/12/06 01:33:56 | 000,005,884 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\paths.zip
[2007/12/06 01:33:55 | 014,240,209 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\global.zip
[2007/12/06 01:33:55 | 000,135,989 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\fences.zip
[2007/12/06 01:33:55 | 000,010,043 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\fringe.zip
[2007/12/06 01:33:55 | 000,006,564 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\config.zip
[2007/12/06 01:33:54 | 009,116,930 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\animals2.zip
[2007/12/06 01:33:47 | 086,362,105 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\animals.zip
[2007/12/06 01:33:47 | 000,002,514 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ai.zip
[2007/12/06 01:33:47 | 000,000,000 | RH-- | C] () -- C:\Documents and Settings\Compaq_Owner\EBUSetup.sem
[2007/12/06 01:33:46 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\zoo.ini
[2007/12/06 01:33:45 | 001,440,056 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\splash.bmp
[2007/12/06 01:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\MSLOGO.AVI
[2007/12/06 01:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\BFLOGO.AVI
[2007/07/29 23:02:32 | 000,290,029 | ---- | C] () -- C:\Program Files\game in progress.zoo
[2007/07/25 20:05:05 | 000,739,832 | ---- | C] () -- C:\Program Files\072507.zoo
[2007/07/25 17:24:42 | 000,309,698 | ---- | C] () -- C:\Program Files\scn15.zoo
[2007/07/25 17:24:42 | 000,288,710 | ---- | C] () -- C:\Program Files\large.zoo
[2007/07/25 17:24:42 | 000,216,039 | ---- | C] () -- C:\Program Files\scn12.zoo
[2007/07/25 17:24:42 | 000,204,759 | ---- | C] () -- C:\Program Files\medium.zoo
[2007/07/25 17:24:42 | 000,201,767 | ---- | C] () -- C:\Program Files\scn13.zoo
[2007/07/25 17:24:42 | 000,156,617 | ---- | C] () -- C:\Program Files\scn04.zoo
[2007/07/25 17:24:42 | 000,138,694 | ---- | C] () -- C:\Program Files\scn03.zoo
[2007/07/25 17:24:42 | 000,102,319 | ---- | C] () -- C:\Program Files\scn02.zoo
[2007/07/25 17:24:42 | 000,102,054 | ---- | C] () -- C:\Program Files\scn07.zoo
[2007/07/25 17:24:42 | 000,094,755 | ---- | C] () -- C:\Program Files\scn11.zoo
[2007/07/25 17:24:42 | 000,094,755 | ---- | C] () -- C:\Program Files\scn10.zoo
[2007/07/25 17:24:42 | 000,092,319 | ---- | C] () -- C:\Program Files\scn01.zoo
[2007/07/25 17:24:42 | 000,091,639 | ---- | C] () -- C:\Program Files\default.zoo
[2007/07/25 17:24:42 | 000,076,880 | ---- | C] () -- C:\Program Files\scn06.zoo
[2007/07/25 17:24:41 | 006,397,370 | ---- | C] () -- C:\Program Files\ui.zip
[2007/07/25 17:24:41 | 003,635,656 | ---- | C] () -- C:\Program Files\scenario.zip
[2007/07/25 17:24:41 | 002,983,796 | ---- | C] () -- C:\Program Files\scenery.zip
[2007/07/25 17:24:41 | 000,905,097 | ---- | C] () -- C:\Program Files\terrain.zip
[2007/07/25 17:24:41 | 000,687,504 | ---- | C] () -- C:\Program Files\staff.zip
[2007/07/25 17:24:41 | 000,055,809 | ---- | C] () -- C:\Program Files\tiles.zip
[2007/07/25 17:24:41 | 000,007,337 | ---- | C] () -- C:\Program Files\research.zip
[2007/07/25 17:24:41 | 000,005,884 | ---- | C] () -- C:\Program Files\paths.zip
[2007/07/25 17:24:40 | 008,954,880 | ---- | C] () -- C:\Program Files\objects.zip
[2007/07/25 17:24:40 | 000,357,129 | ---- | C] () -- C:\Program Files\guests.zip
[2007/07/25 17:24:40 | 000,024,146 | ---- | C] () -- C:\Program Files\items.zip
[2007/07/25 17:24:39 | 014,240,209 | ---- | C] () -- C:\Program Files\global.zip
[2007/07/25 17:24:39 | 000,135,989 | ---- | C] () -- C:\Program Files\fences.zip
[2007/07/25 17:24:39 | 000,010,043 | ---- | C] () -- C:\Program Files\fringe.zip
[2007/07/25 17:24:39 | 000,006,564 | ---- | C] () -- C:\Program Files\config.zip
[2007/07/25 17:24:38 | 009,116,930 | ---- | C] () -- C:\Program Files\animals2.zip
[2007/07/25 17:24:29 | 086,362,105 | ---- | C] () -- C:\Program Files\animals.zip
[2007/07/25 17:24:29 | 000,002,514 | ---- | C] () -- C:\Program Files\ai.zip
[2007/07/25 17:24:29 | 000,000,000 | RH-- | C] () -- C:\Program Files\EBUSetup.sem
[2007/07/25 17:24:28 | 000,001,618 | ---- | C] () -- C:\Program Files\zoo.ini
[2007/07/25 17:24:27 | 001,440,056 | ---- | C] () -- C:\Program Files\splash.bmp
[2007/07/25 17:24:27 | 000,000,000 | ---- | C] () -- C:\Program Files\MSLOGO.AVI
[2007/07/25 17:24:27 | 000,000,000 | ---- | C] () -- C:\Program Files\BFLOGO.AVI
[2007/04/03 22:35:45 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/02/22 12:03:09 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2007/02/03 10:40:30 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2007/01/29 16:42:08 | 000,145,408 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 15:56:04 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2006/07/21 06:30:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2007/08/22 08:55:40 | 001,498,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< MD5 for: INTELPPM.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:intelppm.sys
[2004/08/04 00:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:intelppm.sys
[2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=8C953733D8F36EB2133F5BB58808B66B -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\intelppm.sys

< MD5 for: LCODCCMP.DLL >
[2004/06/09 11:47:18 | 000,385,024 | R--- | M] (LEAD Technologies, Inc.) MD5=D7783FD74B6CD21F7D5BD009F909D35E -- C:\Program Files\Common Files\HP\Memories Disc\2.0\LeadTools\LCodcCMP.dll
[2005/07/25 19:48:18 | 000,385,024 | R--- | M] (LEAD Technologies, Inc.) MD5=D7783FD74B6CD21F7D5BD009F909D35E -- C:\Program Files\HP\Digital Imaging\bin\LCodcCMP.dll

< End of report >
  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c


:OTL
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.exe -- (ewido anti-spyware 4.0 guard)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.sys -- (ewido anti-spyware 4.0 driver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AWRTPD.sys -- (AdWatchDrv)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8081
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
[2013/01/16 13:47:29 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/06/25 11:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF

:files
C:\WINDOWS\system32\drivers\atapi.sys|c:\atapi.sys /replace
C:\WINDOWS\system32\drivers\intelppm.sys|C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\intelppm.sys /replace
C:\WINDOWS\system32\LCodcCMP.dll|C:\Program Files\HP\Digital Imaging\bin\LCodcCMP.dll /replace

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\070813-some number.log so look there if you don't see it.

Then let's clear the alarms and run vew again:


Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:

2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Have you done a defrag recently? Is your high cpu related to IE? I've just had two IE 8's that were hanging for some reason. Had to uninstall IE 8 and reinstall to fix them.
  • 0

#20
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
========== OTL ==========
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll not found.
Service gusvc stopped successfully!
Service gusvc deleted successfully!
File C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe not found.
Service ewido anti-spyware 4.0 guard stopped successfully!
Service ewido anti-spyware 4.0 guard deleted successfully!
File C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.exe not found.
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll not found.
Service ZDPSp50 stopped successfully!
Service ZDPSp50 deleted successfully!
File System32\Drivers\ZDPSp50.sys not found.
Error: No service named Winsock - Google Desktop Search Backup Before Last Install was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock - Google Desktop Search Backup Before Last Install deleted successfully.
Error: No service named Winsock - Google Desktop Search Backup Before First Install was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock - Google Desktop Search Backup Before First Install deleted successfully.
Service USBAAPL stopped successfully!
Service USBAAPL deleted successfully!
File System32\Drivers\usbaapl.sys not found.
Service Profos stopped successfully!
Service Profos deleted successfully!
File C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys not found.
Service MCSTRM stopped successfully!
Service MCSTRM deleted successfully!
Service intelppm stopped successfully!
Service intelppm deleted successfully!
File system32\DRIVERS\intelppm.sys not found.
Service ewido anti-spyware 4.0 driver stopped successfully!
Service ewido anti-spyware 4.0 driver deleted successfully!
File C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Service AdWatchDrv stopped successfully!
Service AdWatchDrv deleted successfully!
File C:\WINDOWS\system32\drivers\AWRTPD.sys not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player\ deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
========== FILES ==========
File c:\atapi.sys not found.
File C:\WINDOWS\system32\drivers\intelppm.sys successfully replaced with C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\intelppm.sys
File C:\WINDOWS\system32\LCodcCMP.dll successfully replaced with C:\Program Files\HP\Digital Imaging\bin\LCodcCMP.dll
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Compaq_Owner
->Flash cache emptied: 689 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: me
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Compaq_Owner
->Java cache emptied: 0 bytes

User: Default User

User: LocalService

User: me
->Java cache emptied: 0 bytes

User: NetworkService

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07112013_151324
  • 0

#21
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 11/07/2013 3:32:42 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






Vino's Event Viewer v01c run on Windows XP in English
Report run at 11/07/2013 3:33:50 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#22
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
And no, I have not run defrag recently. I will run it now.

UPDATE: Disk Defragmenter - Volume C (C:) has 14% free space, but only 13% is available for use by Disk Defragmenter (due to reserved system space). To run effectively, Disk Defragmenter requires at least 15% usable free space. There is not enough disk space to properly complete the operation. Delete some unneeded files on your hard disk, and then try again.


As for the IE issues, I usually use firefox, but neither has run at "normal" speed. I am still having some horrible wait & lag issues. I find that Belkin still hogs most the CPU, then I close it and it moves from one thing to another. IE has been caught up in the mess, but I have uninstalled Belkin and reinstalled that...

Edited by Liz2012, 11 July 2013 - 01:42 PM.

  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
You need to free up some disk space. I would start by going into IE and Tools, Internet Options, and then Delete the Browsing History then click on Settings and change the slider for amount of space to reserve down to 50 M. OK

Then: Click Start, and then click My Computer.
Right-click the disk in which you want to free up space, (C: )and then click Properties.
Click the General tab, and then click Disk Cleanup.
Click the Disk Cleanup tab (if it is not already selected), click to select the check boxes next to the files that you want to remove, and then click OK. (Check all but the option to Compress files to save space). Once it finishes, check your disk space. If you still don't have enough free to run defrag then:

Copy the following:


:Commands
[CLEARTEMP]
[CLEARALLRESTOREPOINTS]
[Reboot]

Run OTL. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

Does that give you enough space? If you get it to defrag, copy and paste the report it gives you when it is finished. (Where it shows what did not defrag.)

What exactly does Belkin do? Is it controlling your wireless? We can let Windows do that and just use the drivers from Belkin and not the software.
  • 0

#24
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
What exactly does Belkin do? Is it controlling your wireless? We can let Windows do that and just use the drivers from Belkin and not the software.

Yes. Belkin is my wireless... I removed it and tried to use windows but couldn't get it to work, so I re-loaded it. Didn't solve the 99% CPU issue I had with it either...

----

Volume C (C:)
Volume size = 104 GB
Cluster size = 4 KB
Used space = 88.40 GB
Free space = 16.08 GB
Percent free space = 15 %

Volume fragmentation
Total fragmentation = 9 %
File fragmentation = 15 %
Free space fragmentation = 4 %

File fragmentation
Total files = 161,138
Average file size = 775 KB
Total fragmented files = 16
Total excess fragments = 150,695
Average fragments per file = 1.93

Pagefile fragmentation
Pagefile size = 1.41 GB
Total fragments = 3

Folder fragmentation
Total folders = 22,067
Fragmented folders = 1
Excess folder fragments = 0

Master File Table (MFT) fragmentation
Total MFT size = 249 MB
MFT record count = 186,929
Percent MFT in use = 73 %
Total MFT fragments = 2

--------------------------------------------------------------------------------
Fragments File Size Files that cannot be defragmented
7,063 450 MB \Program Files\Steam\SteamApps\source models.gcf
13,487 985 MB \Program Files\Steam\SteamApps\source 2007 shared materials.gcf
15,880 1.00 GB \Documents and Settings\Compaq_Owner\Application Data\SPORE\GraphicsCache.package
13,596 1.02 GB \Program Files\Steam\SteamApps\source materials.gcf
18,333 1.16 GB \Program Files\Steam\SteamApps\team fortress 2 materials.gcf
16,710 1.66 GB \Program Files\Steam\SteamApps\team fortress 2 content.gcf
55,338 3.80 GB \Data\Installs\My Videos\'06_08_20_00\06082802.avi
  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
I think when you remove Belkin it also uninstalls the drivers. There should be an option in it to let windows do the wireless. IF not we can use MSCONFIG to disable Belkin and see if you can then get Windows to handle the wireless.

To turn off Belkin using msconfig:

Start, Run, msconfig , OK. Then under Startup find the Belkin entry

O4 - HKLM..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe (Belkin)

It may be called F5D9050 or Blekinwcui or maybe even Belkin. Uncheck it and then OK and reboot. Msconfig will pop up. just minimize it for now. Then go in and see if you can get it to connect letting Windows run the wireless.

If that doesn't work can you run Process Explorer and save a log when Belkin is bogging down the PC?


Looking at your defrag report: Are there any of these that you do not need that you could delete? (Maybe burn to a DVD first?)

7,063 450 MB \Program Files\Steam\SteamApps\source models.gcf
13,487 985 MB \Program Files\Steam\SteamApps\source 2007 shared materials.gcf
15,880 1.00 GB \Documents and Settings\Compaq_Owner\Application Data\SPORE\GraphicsCache.package
13,596 1.02 GB \Program Files\Steam\SteamApps\source materials.gcf
18,333 1.16 GB \Program Files\Steam\SteamApps\team fortress 2 materials.gcf
16,710 1.66 GB \Program Files\Steam\SteamApps\team fortress 2 content.gcf
55,338 3.80 GB \Data\Installs\My Videos\'06_08_20_00\06082802.avi
  • 0

Advertisements


#26
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Sorry, I have had a crazy week. I appologize for the wait.

I will follow your instructions on the Belkin and see what happens. _ IT IS WORKING!!! YAY!!!

As for those other programs, I will delete all except Spore which my nephew loves to play (as do I from time to time...haha).

Edited by Liz2012, 19 July 2013 - 09:48 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP