Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet extremely slow loading pages


  • Please log in to reply

#1
Fonzarellis

Fonzarellis

    New Member

  • Member
  • Pip
  • 4 posts

Firefox and IE both doing the same thing.  It's like a very slow dialup and I'm connected at 100Mbps.  I've run Avast deep scan and cleared a couple of issues, followed up with Malwarebytes, then Windows repair (all in one).  Still persists.  Cleaned up everything with ATF cleaner, cleared cache, cleared browsing history and still the same.  It took over half an hour just to register and login here.


Edited by Fonzarellis, 28 July 2014 - 02:12 PM.

  • 0

Advertisements


#2
Fonzarellis

Fonzarellis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Downloaded and ran OTL just for grins.  Here's the logs.

 

OTL logfile created on: 7/28/2014 4:02:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Dave\Desktop\Antivirus
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.50 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 66.12% Memory free
3.10 Gb Paging File | 2.44 Gb Available in Paging File | 78.81% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 440.51 Gb Free Space | 94.58% Space Free | Partition Type: NTFS
Drive F: | 149.05 Gb Total Space | 135.62 Gb Free Space | 90.99% Space Free | Partition Type: NTFS
 
Computer Name: DAVID | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/28 16:01:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dave\Desktop\Antivirus\OTL.exe
PRC - [2014/07/24 07:45:00 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/07/14 05:26:12 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/07/14 05:26:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/07/11 02:59:05 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014/05/19 15:35:16 | 002,303,256 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2014/03/24 17:51:30 | 000,148,248 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2013/05/16 09:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/11/22 17:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012/11/22 17:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/28 08:07:28 | 002,795,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14072800\algo.dll
MOD - [2014/07/24 07:44:56 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/07/14 05:26:16 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/07/14 05:26:13 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2010/08/15 17:08:44 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
MOD - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\qagentrt.dll -- (napagent)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\kmsvc.dll -- (hkmsvc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\eapsvc.dll -- (EapHost)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\dot3svc.dll -- (Dot3svc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/07/27 08:59:39 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/24 07:44:57 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/14 05:26:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/07/11 02:59:05 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014/03/24 17:50:36 | 000,293,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2013/05/16 09:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/22 17:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012/11/22 17:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (usbcm)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (motmodem)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (GenericMount)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (GEARAspiWDM)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/07/14 05:26:47 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/07/14 05:26:18 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/07/14 05:26:18 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/07/14 05:26:18 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/07/14 05:26:18 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/07/14 05:26:18 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswrdr.sys -- (AswRdr)
DRV - [2014/07/14 05:26:18 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/07/14 05:26:18 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/03/18 19:24:18 | 000,037,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2014/03/18 19:24:16 | 000,043,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2014/03/18 19:24:08 | 000,010,136 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2014/03/18 19:24:06 | 000,019,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2012/04/18 12:08:05 | 000,123,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011/09/21 10:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007/04/11 15:33:06 | 000,079,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007/04/11 15:32:38 | 000,063,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2005/11/25 18:43:48 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2005/11/10 18:00:48 | 000,102,400 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SI3112r.sys -- (SI3112r)
DRV - [2005/09/19 09:41:00 | 000,241,280 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/01 12:21:32 | 000,010,368 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2004/10/22 10:41:46 | 000,413,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2004/10/22 10:38:28 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2004/08/04 01:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 23:41:36 | 000,606,684 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/06/06 17:53:16 | 000,070,656 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/05/14 14:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2003/05/14 14:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2003/05/14 14:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2003/05/14 14:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2002/08/28 21:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://rd.yahoo.com/...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {2960D57E-094E-47A5-8F3B-A7BBDE375EAB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{2960D57E-094E-47A5-8F3B-A7BBDE375EAB}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll File not found
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/14 05:26:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2012/12/18 10:11:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2010/08/12 05:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dave\Application Data\Mozilla\Extensions
[2014/07/17 07:33:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles\0a2ab92l.default-1393936740718\extensions
[2014/07/24 07:44:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/07/24 07:45:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/07/28 07:56:52 | 000,000,855 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "F:\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [Adobe Reader Synchronizer] C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe (Ykoon)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: secureserver.net ([email02] http in Trusted sites)
O15 - HKCU\..Trusted Domains: secureserver.net ([www.email] * in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1344003415250 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD LT 2000i\AcDcToday.ocx (AcDcToday Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.65.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} http://download.zone...ctor/WebAAS.cab (Anonymizer Anti-Spyware Scanner)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file://C:\Program Files\AutoCAD LT 2000i\InstFred.ocx (NOXLATE)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.65.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.h.../qdiagh.cab?326 (QDiagHUpdateObj Class)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...672/mcfscan.cab (McFreeScan Class)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD LT 2000i\AcPreview.ocx (AcPreview Control)
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} http://zone.msn.com/...rp.cab56961.cab (ChessControl Class)
O16 - DPF: ppctlcab http://www.pestscan....er/ppctlcab.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30FCCDDE-040C-4283-9638-C9C10CDA4B34}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5E385A1-391A-4D1F-BA3E-CFB3B6AD1F99}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 () - http://cdn.fastclick.../media46462.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\CIA.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\CIA.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/28 08:00:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/07/26 06:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/07/24 07:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/07/17 10:42:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dave\Recent
[2014/07/14 05:33:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2014/07/14 05:26:17 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/04 15:58:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Desktop\Mailbox
[5 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[1 C:\Documents and Settings\Dave\Application Data\*.tmp files -> C:\Documents and Settings\Dave\Application Data\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/28 15:59:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/28 15:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/28 13:21:33 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014/07/28 13:11:11 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/07/28 13:06:14 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/28 13:06:14 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/07/28 13:06:08 | 000,012,688 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/07/28 10:52:37 | 000,438,208 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/07/28 10:52:37 | 000,070,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/07/28 10:48:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/28 08:04:57 | 000,898,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/07/28 08:03:09 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2014/07/28 07:56:52 | 000,000,855 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/07/28 07:56:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/07/28 07:56:18 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/07/28 07:46:53 | 000,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2014/07/27 08:06:14 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014/07/26 06:26:00 | 000,000,186 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2014/07/22 09:17:01 | 000,032,243 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\Ratcliff Lake.jpg
[2014/07/22 09:16:35 | 000,072,402 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\Ratcliff Campsites.jpg
[2014/07/14 05:26:47 | 000,414,520 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/07/14 05:26:18 | 000,779,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/07/14 05:26:18 | 000,192,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/07/14 05:26:18 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/07/14 05:26:18 | 000,057,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/07/14 05:26:18 | 000,055,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/07/14 05:26:18 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/07/14 05:26:18 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/07/14 05:26:17 | 000,276,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/07/14 05:26:17 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/08 15:00:08 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[1 C:\Documents and Settings\Dave\Application Data\*.tmp files -> C:\Documents and Settings\Dave\Application Data\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/27 08:06:05 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2014/07/22 09:17:01 | 000,032,243 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\Ratcliff Lake.jpg
[2014/07/22 09:16:34 | 000,072,402 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\Ratcliff Campsites.jpg
[2014/05/22 14:30:42 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\Dave\.recently-used.xbel
[2014/05/04 14:19:01 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/02/13 04:15:21 | 000,555,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/08/26 08:20:39 | 000,102,248 | ---- | C] () -- C:\Documents and Settings\Dave\GoToAssistDownloadHelper.exe
[2013/03/26 12:43:02 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/26 12:43:02 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/12/05 07:22:50 | 001,091,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/12/05 07:22:50 | 001,091,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/12/05 07:22:50 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/12/05 07:18:17 | 002,288,168 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/09/25 05:57:45 | 000,111,986 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\samj.gmic
[2012/06/24 06:38:05 | 000,353,675 | ---- | C] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\recently-used.xbel
[2012/06/21 14:14:19 | 000,846,986 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gmic_def.1516
[2012/06/21 07:09:03 | 000,604,277 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gmic_def.1500
[2012/03/31 11:16:31 | 000,035,712 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\garagecoder.gmic
[2012/03/08 14:32:22 | 000,659,130 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gmic_def.1510
[2012/01/27 09:02:40 | 000,000,405 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gmic_faves
[2012/01/20 12:18:45 | 000,667,109 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gmic_def.1509
[2011/12/31 13:06:33 | 000,147,337 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\iain_fergusson.gmic
[2011/12/31 13:06:32 | 000,059,382 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\naggobot.gmic
[2011/12/31 13:06:31 | 000,052,978 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\photocomix.gmic
[2011/12/31 13:06:31 | 000,006,831 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gentlemanbeggar_gmic.gmic
[2011/12/31 13:06:30 | 000,108,491 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\tomkeil.gmic
[2011/12/31 13:06:29 | 000,017,802 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\karos.gmic
[2011/12/31 13:06:29 | 000,001,415 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\ronounours.gmic
[2011/12/31 13:06:10 | 000,000,964 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gmic_sources.cimgz
[2011/12/31 13:05:36 | 000,656,734 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\gmic_def.1508
[2011/11/06 23:47:05 | 000,651,432 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gmic_def.1506
[2011/10/26 12:35:47 | 000,032,888 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.iain_fergusson.gmic
[2011/10/26 12:35:21 | 000,639,002 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gmic_def.1505
[2011/10/13 11:04:08 | 000,048,436 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.naggobot.gmic
[2011/09/27 14:07:24 | 000,635,693 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gmic_def.1503
[2011/09/19 11:59:32 | 000,006,831 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gentlemanbeggar_gmic.gmic
[2011/09/08 16:36:47 | 000,100,488 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.tomkeil.gmic
[2011/09/08 16:36:47 | 000,040,636 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.photocomix.gmic
[2011/09/08 16:36:46 | 000,014,955 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.karos.gmic
[2011/09/08 16:36:46 | 000,001,415 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.ronounours.gmic
[2011/09/08 16:36:24 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gmic_faves
[2011/08/29 17:01:21 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\.gmic_sources.cimgz
[2011/08/10 13:34:07 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\Dave\.gtkrc-2.0
[2010/03/11 07:54:13 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\Dave\.gtk-bookmarks
[2009/10/31 15:10:26 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\setup_ldm.iss
[2009/10/22 08:21:18 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\QuickZip45.ini
[2009/05/01 12:06:36 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\Dave\couponmanager.properties
[2007/01/20 13:18:54 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/01/06 16:59:19 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/06/26 07:21:50 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\fusioncache.dat
[2005/03/23 19:20:37 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/01/01 00:12:13 | 000,004,981 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe
 
========== ZeroAccess Check ==========
 
[2004/02/15 19:45:43 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/01/09 09:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/05/13 19:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/07 20:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FRISK Software
[2011/06/27 16:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2005/07/07 15:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Search Toolbar
[2011/02/21 17:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/09/07 09:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/03/08 16:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2010/07/10 13:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PDF reDirect
[2009/12/29 11:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2007/02/03 18:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/02/03 13:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/05/13 19:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/07/12 14:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2009/10/31 15:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Summitsoft
[2011/03/08 06:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2014/02/12 14:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/05/09 11:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2010/04/19 15:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/06 20:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012/12/18 10:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\APP_NAME_NON_STRING
[2010/09/14 07:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Astro Gemini Software
[2010/06/18 12:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Autodesk
[2014/01/09 09:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\AVAST Software
[2010/08/12 07:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Bytescout SWF To Video Scout
[2009/05/27 06:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Canon
[2009/10/06 14:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/07/18 14:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\com.zipeg
[2010/07/10 19:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\DarkWave Studio
[2011/06/22 15:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\ElementalsTheMagicKey
[2011/06/27 09:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\ElevatedDiagnostics
[2011/02/18 15:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\EnchantedCavern
[2011/05/20 09:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\FileZilla
[2012/02/01 13:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Filter Forge Freepack 1 - Metals
[2009/09/25 09:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\FrmMain
[2012/02/06 22:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\GlarySoft
[2014/05/22 14:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\gtk-2.0
[2010/07/26 12:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\inkscape
[2006/04/16 11:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\InterVideo
[2005/06/26 07:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\IsolatedStorage
[2002/01/12 23:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\iSpring Solutions
[2010/10/07 14:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\kompozer.net
[2009/09/25 14:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Leadertech
[2011/06/27 16:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\motorola
[2005/05/16 18:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\MSN Search Toolbar
[2010/07/08 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\NCH Swift Sound
[2009/05/14 08:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\NewSoft
[2011/11/12 16:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Notepad++
[2011/02/21 13:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Oberon Media
[2012/08/03 08:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Oracle
[2010/07/10 13:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\PDF reDirect
[2013/05/11 11:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\pdfforge
[2014/02/12 14:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\rmi
[2010/12/29 16:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Sahmon Games
[2009/05/13 19:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\ScanSoft
[2008/09/19 17:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Softplicity
[2005/02/07 11:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\spweng
[2010/10/01 14:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Stellarium
[2009/10/29 19:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Summitsoft
[2004/02/10 19:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Vantage Software
[2012/10/19 10:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\XnView
[2009/10/22 17:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Zipeg
 
========== Purity Check ==========
 
 

< End of report >

 

 

...and the extras log...

 

OTL Extras logfile created on: 7/28/2014 4:02:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Dave\Desktop\Antivirus
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.50 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 66.12% Memory free
3.10 Gb Paging File | 2.44 Gb Available in Paging File | 78.81% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 440.51 Gb Free Space | 94.58% Space Free | Partition Type: NTFS
Drive F: | 149.05 Gb Total Space | 135.62 Gb Free Space | 90.99% Space Free | Partition Type: NTFS
 
Computer Name: DAVID | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- Reg Error: Key error. File not found
.reg [@ = regfile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"F:\My Games\Blackhawk Striker 2\Blackhawk2.exe" = F:\My Games\Blackhawk Striker 2\Blackhawk2.exe:*:Disabled:Black Hawk Striker 2 -- (WanakoGames)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.2
"{1B399A41-C1D0-40A2-9E4F-095868EFAF01}" = DVD5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 65
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38040B3C-D2AF-4BCB-B612-502701A67C9B}" = Pando
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6779E366-ED0F-49AB-A4D3-24CFADC43341}" = Photofont Start
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{833D97B9-AC16-45C1-AD44-0A32198956F8}" = Gimp Themes v1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{839CA7E5-5956-487D-8138-682907C5D576}_is1" = The Works version 3.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 140.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B6DC0CAF-0D27-4ACE-8E34-8594C8D7C1DA}" = MMC85
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D3661269-10B6-495F-B4EE-539ABE3F9AA9}" = DVDDec
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}" = RssReader
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}" = Microsoft Plus! for Windows XP
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"3D Asteroids_is1" = 3D Asteroids v1.3
"3D UltraPong1.3" = 3D UltraPong
"7-Zip" = 7-Zip 9.22beta
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe InDesign 2.0" = Adobe InDesign 2.0
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"Canon MX310 series User Registration" = Canon MX310 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Click'N Design 3D" = Click'N Design 3D
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"DreamSuite Bonus" = Uninstall DreamSuite Bonus
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"Fireworks screensaver 1.0" = Fireworks screensaver 1.0
"G'MIC for GIMP_is1" = G'MIC for GIMP version 1.5.1.6
"Hex_is1" = Mindgames Hex
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Inkscape" = Inkscape 0.47
"InstallShield_{B6DC0CAF-0D27-4ACE-8E34-8594C8D7C1DA}" = ATI Multimedia Center 8.5.0.0
"InstallShield_{D3661269-10B6-495F-B4EE-539ABE3F9AA9}" = ATI DVD Decoder 2.2.0.0
"IrfanView" = IrfanView (remove only)
"isfree_is1" = iSpring Free 4.2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mirage Driver_is1" = Mirage Driver 1.1
"Mozilla Firefox 31.0 (x86 en-US)" = Mozilla Firefox 31.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notepad++" = Notepad++
"NVIDIA Audio Driver" = NVIDIA Audio Driver
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Ethernet Driver" = NVIDIA Ethernet Driver
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"OrganicArtMS" = Organic Art, Microsoft Edition
"Play Guitar" = Play Guitar Uninstall
"pycairo-py2.6" = Python 2.6 pycairo-1.8.6
"pygobject-py2.6" = Python 2.6 pygobject-2.20.0
"pygtk-py2.6" = Python 2.6 pygtk-2.16.0
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"ReallySlickScreensavers" = Really Slick Screensavers 0.2
"SereneScreen Marine Aquarium 2_is1" = SereneScreen Marine Aquarium 2
"ShapeCollage" = Shape Collage
"Sigil_is1" = Sigil 0.6.0
"sp6" = Logitech SetPoint 6.65
"Sqirlz Water Reflections" = Sqirlz Water Reflections
"ST5UNST #1" = CLOX 2000
"Tranquillity 1.0_is1" = Tranquillity 1.0
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"Wavelet Denoise Gimp Plugin_is1" = Wavelet Denoise Gimp Plugin version 0.3.1
"Wavelet Sharpen Gimp Plugin_is1" = Wavelet Sharpen Gimp Plugin version 0.1.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.97.6
"Zuma Deluxe 1.0.0.0" = Zuma Deluxe 1.0.0.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"4 Elements" = 4 Elements
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/11/2014 5:41:48 PM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140252290820208.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 6/11/2014 5:41:53 PM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140252291319220.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 6/11/2014 5:42:21 PM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140252294120176.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 6/29/2014 6:12:51 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140403676944260.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 6/29/2014 6:13:07 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140403678642092.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 6/29/2014 6:13:12 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140403679235948.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 6/29/2014 6:13:18 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2018.391, faulting
 module gcapi_140403679743088.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 7/17/2014 7:21:13 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2021.515, faulting
 module gcapi_14055960716008.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 7/17/2014 7:21:20 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2021.515, faulting
 module gcapi_14055960795344.dll, version 0.0.0.0, fault address 0x00024472.
 
Error - 7/17/2014 7:21:24 AM | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Faulting application aswoffertool.exe, version 9.0.2021.515, faulting
 module gcapi_14055960845424.dll, version 0.0.0.0, fault address 0x00024472.
 
[ System Events ]
Error - 7/28/2014 5:17:06 PM | Computer Name = DAVID | Source = Rasman | ID = 20132
Description = Remote Access Connection Manager failed to start because the RAS RPC
module
 failed to initialize. The specified procedure could not be found.  
 
Error - 7/28/2014 5:17:07 PM | Computer Name = DAVID | Source = Service Control Manager | ID = 7023
Description = The Remote Access Connection Manager service terminated with the following
 error:   %%127
 
Error - 7/28/2014 5:17:08 PM | Computer Name = DAVID | Source = Rasman | ID = 20132
Description = Remote Access Connection Manager failed to start because the RAS RPC
module
 failed to initialize. The specified procedure could not be found.  
 
Error - 7/28/2014 5:17:09 PM | Computer Name = DAVID | Source = Service Control Manager | ID = 7023
Description = The Remote Access Connection Manager service terminated with the following
 error:   %%127
 
Error - 7/28/2014 5:17:10 PM | Computer Name = DAVID | Source = Rasman | ID = 20132
Description = Remote Access Connection Manager failed to start because the RAS RPC
module
 failed to initialize. The specified procedure could not be found.  
 
Error - 7/28/2014 5:17:11 PM | Computer Name = DAVID | Source = Service Control Manager | ID = 7023
Description = The Remote Access Connection Manager service terminated with the following
 error:   %%127
 
Error - 7/28/2014 5:17:12 PM | Computer Name = DAVID | Source = Rasman | ID = 20132
Description = Remote Access Connection Manager failed to start because the RAS RPC
module
 failed to initialize. The specified procedure could not be found.  
 
Error - 7/28/2014 5:17:12 PM | Computer Name = DAVID | Source = Service Control Manager | ID = 7023
Description = The Remote Access Connection Manager service terminated with the following
 error:   %%127
 
Error - 7/28/2014 5:17:13 PM | Computer Name = DAVID | Source = Rasman | ID = 20132
Description = Remote Access Connection Manager failed to start because the RAS RPC
module
 failed to initialize. The specified procedure could not be found.  
 
Error - 7/28/2014 5:17:14 PM | Computer Name = DAVID | Source = Service Control Manager | ID = 7023
Description = The Remote Access Connection Manager service terminated with the following
 error:   %%127
 
 
< End of report >


 


  • 0

#3
Aura

Aura

    Special Ops

  • Visiting Consultant
  • 2,479 posts
Hello Fonzarellis :)

Just to tell you that if you want to get a check-up for malwares (due to you posting an OTL log), you'll have to create a thread in the Virus, Spyware, Malware Removal for that in order to receive quality and professional assistance from a Geek :)
  • 0

#4
Fonzarellis

Fonzarellis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Already run thru the malware process and still having issues.  I only posted the OTL log in case you wanted to review it.  Are you able to help me?


  • 0

#5
Fonzarellis

Fonzarellis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

oops, double post


Edited by Fonzarellis, 29 July 2014 - 04:32 PM.

  • 0

#6
Aura

Aura

    Special Ops

  • Visiting Consultant
  • 2,479 posts

Already run thru the malware process and still having issues.  I only posted the OTL log in case you wanted to review it.  Are you able to help me?


I am not allowed, nor trained to read and analyze OTL logs yet. An approved helper of GeeksToGo will have to handle your case as trainees can't right now :o
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP