Hi I'm new here. I have a problem with Firefox. I have Windows XP and I'm using Firefox 28.0.
One day I tried saving a image and all I get is a hourglass and it won't save the image. I clicked on Tools/ Options / General and tried saving to another place but the Malware won't let me use the "Browse button". The Malware also keeps me from doing anything with my bookmarks. I also tried uninstalling and reinstaling Firefox and the
Malware just comes back. I also tried resetting Firefox to it's default but that does not work either.
I tried scanning with Stop Sign, Avast, Malwarebytes,Panda Cloud Cleaner,AdwCleaner and SUPERAntiSpyware . They all say I'm clean ! But I know my PC is infected. The only thing I found that gets rid of it is to restore my PC to a earlier time but I wish there was a tool to get rid of it.
The Malware seems to only affect Firefox. Chrome does not seem affected by the Malware but I rather
use Firefox. Somebody please help.
-------------------------------------------------------------------------------------------------------------------------------------------------
OTL logfile created on: 4/22/2014 7:39:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
895.36 Mb Total Physical Memory | 311.15 Mb Available Physical Memory | 34.75% Memory free
2.12 Gb Paging File | 1.01 Gb Available in Paging File | 47.90% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 181.87 Gb Total Space | 22.87 Gb Free Space | 12.58% Space Free | Partition Type: NTFS
Drive D: | 4.43 Gb Total Space | 2.26 Gb Free Space | 51.07% Space Free | Partition Type: FAT32
Computer Name: YOUR-8B6E50BD72 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/22 19:33:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2014/04/21 12:14:01 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/21 12:14:01 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/09 15:14:26 | 000,228,744 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
PRC - [2014/03/24 11:18:08 | 000,118,264 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2014/03/15 01:40:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/02/18 12:40:55 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2014/01/16 14:41:04 | 001,618,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
PRC - [2014/01/09 22:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2014/01/09 18:05:58 | 001,519,200 | R--- | M] (eAcceleration Corp) -- C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
PRC - [2014/01/06 14:37:38 | 005,625,624 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2013/11/26 16:50:11 | 000,366,976 | ---- | M] (eAcceleration Corp) -- C:\Program Files\StopSign\Firewall\FWService.exe
PRC - [2013/10/31 12:15:46 | 000,178,576 | R--- | M] (eAcceleration Corp) -- C:\Program Files\StopSign\ThreatScanner\engines\vipre\viprecomsvc.exe
PRC - [2013/10/10 15:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/09/26 12:00:03 | 000,116,224 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Framework\eac_svc.exe
PRC - [2013/09/26 11:45:30 | 000,264,592 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Framework\eac_productsvc.exe
PRC - [2013/09/16 17:50:20 | 000,306,784 | ---- | M] (eAcceleration Corp) -- C:\Program Files\StopSign\OnAccess\onaccess.exe
PRC - [2013/09/16 12:42:13 | 000,465,296 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Station\station_bk.exe
PRC - [2012/05/25 05:25:02 | 006,595,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/03/25 17:41:08 | 000,374,096 | ---- | M] (eAcceleration Corp ) -- C:\Program Files\StopSign\PopupBlocker\sspopupblockerctrl.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/09 19:44:40 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
========== Modules (No Company Name) ==========
MOD - [2014/04/22 14:11:02 | 002,215,424 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14042201\algo.dll
MOD - [2014/04/01 20:20:17 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/03/15 01:40:39 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/03/07 10:57:22 | 000,178,464 | ---- | M] () -- C:\Program Files\StopSign\ThreatScanner\engines\vipre\vdb\libMachoUniv.dll
MOD - [2014/03/07 10:57:21 | 000,190,752 | ---- | M] () -- C:\Program Files\StopSign\ThreatScanner\engines\vipre\vdb\libBase64.dll
MOD - [2014/01/09 22:28:18 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2014/01/09 22:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2013/01/01 23:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/05/25 05:25:00 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2010/07/04 14:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005/09/18 09:32:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/04/21 12:14:01 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/03/24 11:18:08 | 000,118,264 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2014/03/15 01:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/18 12:40:55 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2013/11/26 16:50:11 | 000,366,976 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\Firewall\FWService.exe -- (FWService)
SRV - [2013/10/31 12:15:46 | 000,178,576 | R--- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\ThreatScanner\engines\vipre\viprecomsvc.exe -- (viprecomsvc)
SRV - [2013/10/10 15:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/09/26 11:45:30 | 000,264,592 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\eAcceleration\Framework\eac_productsvc.exe -- (eac_productsvc)
SRV - [2013/09/26 11:45:28 | 000,235,920 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\eAcceleration\Framework\eac_notifysvc.dll -- (eac_notifysvc)
SRV - [2011/04/05 14:58:11 | 000,189,904 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\Firewall\ssfwmonsvc.dll -- (ssfwmonsvc)
SRV - [2010/11/08 12:25:24 | 000,202,264 | R--- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\Acceleration Software\Anti-Virus\sstsmonsvc.dll -- (sstsmonsvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/04/22 06:27:36 | 000,052,312 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2014/04/21 12:14:06 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/04/21 12:14:06 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/04/21 12:14:06 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/04/21 12:14:06 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/04/21 12:14:06 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/04/21 12:14:06 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/04/21 12:14:06 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/04/21 12:14:06 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/01/16 14:41:04 | 000,044,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys -- (ESProtectionDriver)
DRV - [2013/11/26 16:50:17 | 000,111,968 | ---- | M] (eAcceleration Corp) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fwcore.sys -- (fwcore)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/07/04 12:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2007/09/17 02:34:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2005/09/23 14:26:40 | 001,094,751 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/09/14 12:38:00 | 003,856,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005/07/29 18:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 18:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/01/07 18:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/22 17:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 17:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus)
DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2001/08/17 06:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...Sys=DTP&M=T6426
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.gateway.c...Sys=DTP&M=T6426
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7B9D23D0AA-D8F5-11DA-B3FC-0928ABF316DE%7D:3.1
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.98
FF - prefs.js..extensions.enabledAddons: MafiaaFire%40mafiaafire.com:0.9d
FF - prefs.js..extensions.enabledAddons: CustomGoogle%40mafiaafire.com:1.0.0.0
FF - prefs.js..extensions.enabledAddons: info%40omtv.se:1.0.1
FF - prefs.js..extensions.enabledAddons: nicofox%40littlebtc:1.0b5
FF - prefs.js..extensions.enabledAddons: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/21 12:14:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2014/04/09 15:01:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/04/08 09:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/04/22 19:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions
[2014/04/08 09:36:25 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2014/04/08 09:32:14 | 000,004,732 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\[email protected]
[2014/04/22 19:30:43 | 001,533,185 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\[email protected]
[2014/04/08 09:33:28 | 000,013,849 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\[email protected]
[2014/04/08 09:32:14 | 000,123,007 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\[email protected]
[2014/04/08 09:35:18 | 000,561,620 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\[email protected]
[2014/04/08 09:28:31 | 000,383,888 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014/04/08 09:27:31 | 000,322,499 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\{9D23D0AA-D8F5-11DA-B3FC-0928ABF316DE}.xpi
[2014/04/08 09:23:42 | 000,957,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/04/08 09:25:10 | 000,138,614 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\cn5n1kaw.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2014/04/08 09:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/04/08 09:03:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/09 15:01:05 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.yahoo.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Adblock Plus = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: Ghostery = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.2.1_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2004/08/04 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Reg Error: Value error.) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OnAccess] C:\Program Files\StopSign\OnAccess\onaccess.exe (eAcceleration Corp)
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SoftwareStation] C:\Program Files\eAcceleration\Station\station.exe (eAcceleration Corp)
O4 - HKLM..\Run: [StopSignPopupBlocker] C:\Program Files\StopSign\PopupBlocker\sspopupblockerctrl.exe (eAcceleration Corp )
O4 - HKLM..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe (eAcceleration Corp)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe (Uniblue Software)
O4 - HKLM..\RunOnce: [PrivacyGuardianIndex] C:\Program Files\Privacy Guardian\PgIndex.exe (WinGuides Software)
O4 - HKCU..\RunOnce: [PGhist] C:\Program Files\Privacy Guardian\PgHist.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra 'Tools' menuitem : Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O15 - HKCU\..Trusted Domains: microsoft.com ([windows] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB1D8A96-50D7-43EC-B4AE-4D0E8CC625F6}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\emachines.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\emachines.bmp
O28 - HKLM ShellExecuteHooks: {42DD0873-5FA9-465D-90DE-0826020416A5} - C:\Program Files\StopSign\OnAccess\onaccess_hk32.dll (eAcceleration Corp)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 11:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2014/02/20 07:55:54 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O32 - AutoRun File - [2009/04/18 11:01:28 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/22 19:33:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/04/22 19:25:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2014/04/22 16:00:01 | 002,049,128 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HousecallLauncher.exe
[2014/04/21 17:02:56 | 000,000,000 | -HSD | C] -- C:\Jumpshot
[2014/04/21 17:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\gnupg
[2014/04/21 16:50:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2014/04/21 12:14:05 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/04/19 19:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2014/04/19 19:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2014/04/19 18:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Comical
[2014/04/19 18:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Comical
[2014/04/16 14:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Privacy Guardian
[2014/04/16 14:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\Privacy Guardian
[2014/04/12 16:51:13 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/09 18:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/09 18:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/09 15:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2014/04/09 13:54:50 | 014,482,352 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\grimefighter.exe
[2014/04/09 07:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\chrome
[2014/04/08 09:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/04/08 09:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/04/08 08:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2014/04/08 08:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/04/08 08:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla(2)
[2014/04/08 08:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2014/04/08 08:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla(2)
[2014/04/08 08:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(2)
[2014/04/08 07:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\bookmarkbackups
[2014/04/07 19:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2014/04/01 21:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2014/04/01 20:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVAST Software
[2014/04/01 20:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/04/01 20:20:28 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/04/01 20:20:27 | 000,776,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/04/01 20:20:27 | 000,411,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/04/01 20:20:26 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/04/01 20:20:26 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/04/01 20:20:22 | 000,271,264 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/04/01 20:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/03/27 20:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2014/03/26 14:44:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2014/03/25 17:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\DDMSettings
[2014/03/25 17:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX
[2014/03/25 09:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\dvdcss
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/22 19:36:44 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/22 19:33:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/04/22 19:19:03 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/22 16:34:43 | 000,724,703 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\census.cache
[2014/04/22 16:33:56 | 000,219,657 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\ars.cache
[2014/04/22 16:03:46 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2014/04/22 16:00:08 | 002,049,128 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HousecallLauncher.exe
[2014/04/22 15:19:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/22 12:14:07 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/22 07:10:01 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\Health-Check-deep.job
[2014/04/22 06:27:36 | 000,052,312 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/22 06:14:31 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes Anti-Exploit.job
[2014/04/22 06:14:27 | 000,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2014/04/22 06:14:01 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/04/22 06:13:55 | 938,921,984 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/22 06:13:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/21 12:14:38 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/04/21 12:14:06 | 000,776,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/04/21 12:14:06 | 000,411,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/04/21 12:14:06 | 000,180,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/21 12:14:06 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/04/21 12:14:06 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/04/21 12:14:06 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/04/21 12:14:06 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/21 12:14:06 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/04/21 12:14:05 | 000,271,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/04/21 12:14:05 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/04/14 17:23:24 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/04/12 18:45:12 | 002,230,619 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lunchables with Smoothie Kabobbles - Street Casting.mp4
[2014/04/09 18:18:01 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 15:17:16 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/09 13:55:32 | 014,482,352 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\grimefighter.exe
[2014/04/09 06:09:07 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/04/08 09:03:38 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/08 09:03:38 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/03/31 16:31:10 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/25 17:30:21 | 000,010,498 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\lpm.dat
[2014/03/25 17:14:26 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/03/24 12:18:31 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/22 16:34:43 | 000,724,703 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\census.cache
[2014/04/22 16:33:56 | 000,219,657 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\ars.cache
[2014/04/22 16:03:46 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2014/04/21 17:03:19 | 000,000,201 | RHS- | C] () -- C:\boot.ini
[2014/04/21 12:14:17 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/04/12 18:45:06 | 002,230,619 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lunchables with Smoothie Kabobbles - Street Casting.mp4
[2014/04/09 15:17:16 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 15:17:16 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/09 06:36:29 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/09 06:36:28 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/09 06:03:09 | 938,921,984 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/08 09:03:38 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/08 09:03:38 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/08 09:03:38 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/04/01 20:21:23 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/04/01 20:20:40 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/01 20:20:28 | 000,180,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/01 20:20:27 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/03/25 17:29:42 | 000,010,498 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\lpm.dat
[2014/03/03 12:59:34 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/02/26 12:25:31 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2014/02/20 18:44:57 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2014/02/20 08:16:22 | 000,165,275 | ---- | C] () -- C:\WINDOWS\Video Cleaner Pro Uninstaller.exe
[2014/02/20 07:19:15 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2014/02/20 07:19:14 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2014/02/19 19:47:09 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2014/02/19 19:47:09 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2014/02/19 19:47:09 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[2014/02/19 19:47:07 | 000,217,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2014/02/19 19:47:03 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2014/02/18 17:27:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/02/18 15:29:45 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2014/02/18 15:29:45 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2014/02/18 15:29:45 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2014/02/18 12:52:15 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2014/02/18 12:50:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2014/02/18 12:46:54 | 000,471,300 | ---- | C] () -- C:\WINDOWS\wallpe.exe
[2014/02/18 12:44:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
========== ZeroAccess Check ==========
[2014/02/18 12:47:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2014/02/03 21:52:10 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/04/01 20:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/02/18 20:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eAcceleration
[2014/03/25 16:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2014/02/18 21:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2014/02/20 08:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2014/03/09 10:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware(3).com
[2014/04/22 05:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/04/01 20:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVAST Software
[2014/03/30 08:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Chessmaster Challenge
[2014/02/19 20:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.example.desktopLara
[2014/02/19 20:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.example.desktopLara.38AD268D554B48E1BFABC2A9B9EEB21BBAA89D0F.1
[2014/03/25 17:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DDMSettings
[2014/02/18 20:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\eAcceleration
[2014/04/21 17:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gnupg
[2014/04/08 07:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2014/02/20 08:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\River Past G5
[2014/02/18 16:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2014/03/09 10:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware(3).com
[2014/04/19 19:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2014/02/19 20:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Xilisoft Corporation
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
-----------------------------------------------------------------------------------------------------------------------------------------------
OTL Extras logfile created on: 4/22/2014 7:39:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
895.36 Mb Total Physical Memory | 311.15 Mb Available Physical Memory | 34.75% Memory free
2.12 Gb Paging File | 1.01 Gb Available in Paging File | 47.90% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 181.87 Gb Total Space | 22.87 Gb Free Space | 12.58% Space Free | Partition Type: NTFS
Drive D: | 4.43 Gb Total Space | 2.26 Gb Free Space | 51.07% Space Free | Partition Type: FAT32
Computer Name: YOUR-8B6E50BD72 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed
"C:\Program Files\Common Files\AOL\1392753143\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1392753143\EE\AOLServiceHost.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7AD1EF2-2670-40C2-A541-939265AF2F18}_is1" = Privacy Eraser Pro
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"Comical_is1" = Comical 0.8
"Defraggler" = Defraggler
"DivX Setup" = DivX Setup
"EaccelSetup" = StopSign Internet Security
"FileASSASSIN" = FileASSASSIN
"Free Any Burn" = Free Any Burn
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"IsoBuster_is1" = IsoBuster 2.2
"JAIELangPack" = Japanese Language Support
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.1.5
"Malwarebytes Anti-Exploit_is1" = Malwarebytes Anti-Exploit version 0.09.5.1000
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Ootake_is1" = Ootake ver2.75
"Port Magic" = Pure Networks Port Magic
"Privacy Guardian_is1" = Privacy Guardian 4.1
"RealPlayer 6.0" = RealPlayer Basic
"Revo Uninstaller" = Revo Uninstaller 1.95
"SpywareBlaster_is1" = SpywareBlaster 5.0
"SYSTEMCARE_025B3ECB-F8A1-45ff-BABC-140E08C7D8C5_is1" = Uniblue PowerSuite
"Total Video Converter 3.12_is1" = Total Video Converter 3.12 080330
"UltraISO_is1" = UltraISO 8.0 Premium Edition
"Unlocker" = Unlocker 1.9.0
"Video Cleaner Pro" = River Past Video Cleaner Pro
"VLC media player" = VLC media player 2.1.3
"WinAce Archiver" = WinAce Archiver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft DVD Copy Express" = Xilisoft DVD Copy Express
"Xilisoft DVD Ripper Ultimate 5" = Xilisoft DVD Ripper Ultimate
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Yahoo! Messenger" = Yahoo! Messenger
"ZHCIELangPack" = Chinese (Simplified) Language Support
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5d3da13d1ccdb7f8" = Desktop Lara (Anniversary Edition)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/20/2014 8:44:32 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1000
Description = Faulting application chess.exe, version 1.0.0.119, faulting module
chess.exe, version 1.0.0.119, fault address 0x00006ed2.
Error - 3/21/2014 4:54:16 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1000
Description = Faulting application chess.exe, version 1.0.0.119, faulting module
chess.exe, version 1.0.0.119, fault address 0x00006ed2.
Error - 3/21/2014 5:08:01 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1000
Description = Faulting application chess.exe, version 1.0.0.119, faulting module
chess.exe, version 1.0.0.119, fault address 0x00006ed2.
Error - 3/21/2014 6:20:32 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module shell32.dll, version 6.0.2900.6242, fault address 0x000b140b.
Error - 3/21/2014 6:20:44 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1001
Description = Fault bucket -1214181621.
Error - 3/24/2014 9:27:22 AM | Computer Name = YOUR-8B6E50BD72 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/24/2014 9:27:33 AM | Computer Name = YOUR-8B6E50BD72 | Source = Application Hang | ID = 1001
Description = Fault bucket 134231651.
Error - 3/26/2014 10:48:10 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1000
Description = Faulting application chess.exe, version 1.0.0.119, faulting module
chess.exe, version 1.0.0.119, fault address 0x00006ed2.
Error - 3/31/2014 8:50:38 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 28.0.0.5186, faulting
module mozalloc.dll, version 28.0.0.5186, fault address 0x0000119c.
Error - 3/31/2014 8:54:51 PM | Computer Name = YOUR-8B6E50BD72 | Source = Application Error | ID = 1001
Description = Fault bucket 134686812.
[ System Events ]
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The PrismXL service terminated unexpectedly. It has done this 1 time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The Vipre COM Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The eAcceleration Notification Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The StopSign® Firewall Security Center Provider service terminated
unexpectedly. It has done this 1 time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The StopSign® Antivirus Security Center Provider service terminated
unexpectedly. It has done this 1 time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The FWService service terminated unexpectedly. It has done this 1
time(s).
Error - 4/22/2014 9:11:24 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 4/22/2014 9:11:32 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7031
Description = The SAS Core Service service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.
Error - 4/22/2014 9:14:13 AM | Computer Name = YOUR-8B6E50BD72 | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
< End of report >
Edited by koolkat1939, 24 April 2014 - 08:48 AM.