Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer extremely slow and cannot access defrag

Started by Miah , Apr 05 2010 10:07 AM

  • Please log in to reply

#1
Miah
Posted 05 April 2010 - 10:07 AM

Miah

    Member

  • Member
  • PipPip
  • 24 posts
I followed the steps of the cleaning guide. It did remove many adware problems, and I thought the problem was better. However, within 30 minutes of the last restart brought on by the cleaning guide programs, it was back to being unbearably slow. As in it was taking several minutes to register a single mouse click.

Before I started through the cleaning guide I had tried to run the defragmenter, and it was giving an error, saying that

"MMC cannot open the file c:\WINDOWS\system32\dfrg.msc. This may be because the file does not exist, is not an MMC console, or was created by a later version of MMC. This may also be because you do not have sufficient access rights to the file."

Today when I tried to do it, so I could give the exact error message here, it said that that Windows Explorer had an error and could not something. For a few seconds the taskbar was gone. I did not manage to copy down the error message.

When I was trying to get the needed logs for this post, I downloaded GMER as directed and set it to run. I didn't try doing anything while it was running. The first time it locked the computer up to the point that even the clock did not change time. The second time, the computer restarted itself, claiming a full stop error due to a driver problem. It has not done that before. Therefore, I do not have a GMER log to post.



Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 3954

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

4/5/2010 9:25:53 AM
mbam-log-2010-04-05 (09-25-53).txt

Scan type: Quick scan
Objects scanned: 117621
Time elapsed: 12 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



OTL logfile created on: 4/5/2010 10:25:25 AM - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Juanita\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 489.00 Mb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.73 Gb Total Space | 85.09 Gb Free Space | 76.16% Space Free | Partition Type: NTFS
Drive D: | 662.68 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 5.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 973.17 Mb Total Space | 19.69 Mb Free Space | 2.02% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: MYCOMPUTER
Current User Name: Juanita
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/05 10:24:09 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Juanita\My Documents\Downloads\OTL.exe
PRC - [2010/04/02 11:54:03 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 12:28:36 | 002,010,864 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/03/29 17:55:33 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/03/23 18:40:32 | 000,967,888 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/03/23 18:40:18 | 001,994,640 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2009/10/10 16:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/09 16:12:22 | 000,800,256 | ---- | M] (IGN Entertainment Inc.) -- C:\Program Files\GameSpy\Comrade\Comrade.exe
PRC - [2008/02/22 16:57:54 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/12 11:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
PRC - [2006/11/03 17:07:04 | 000,537,480 | R--- | M] ( ) -- C:\WINDOWS\SYSTEM32\dlcxcoms.exe
PRC - [2006/11/03 17:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
PRC - [2003/10/07 17:21:10 | 000,294,912 | ---- | M] (Dell) -- C:\Program Files\Common Files\Dell\EUSW\Support.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/08/13 11:27:40 | 000,028,672 | ---- | M] (Dell - Advanced Desktop Engineering) -- C:\WINDOWS\SYSTEM32\DSentry.exe
PRC - [2003/02/20 17:45:40 | 000,028,672 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTHELPER.EXE
PRC - [2002/10/29 10:18:24 | 000,049,152 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PRC - [2002/09/30 02:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe


========== Modules (SafeList) ==========

MOD - [2010/04/05 10:24:09 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Juanita\My Documents\Downloads\OTL.exe
MOD - [2010/03/29 17:57:21 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/03/03 17:54:42 | 000,276,648 | ---- | M] (COMODO) -- C:\WINDOWS\SYSTEM32\guard32.dll
MOD - [2010/01/05 15:47:17 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msvcp71.dll
MOD - [2010/01/05 15:47:17 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msvcr71.dll
MOD - [2007/03/26 13:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2003/02/20 17:45:52 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTAGENT.DLL


========== Win32 Services (SafeList) ==========

SRV - [2010/03/23 18:40:32 | 000,967,888 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/01 11:59:52 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper) getPlus®
SRV - [2006/11/03 17:07:04 | 000,537,480 | R--- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dlcxcoms.exe -- (dlcx_device)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.mywebsear...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.Google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {1cff04ef-0c75-4621-ba2a-2efb77346996}:2.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.61
FF - prefs.js..extensions.enabledItems: {19627815-20a6-46e6-be34-a0b6967c022a}:1.300.306
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..keyword.URL: "http://search.freeca...&type=59099&p="

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/29 17:57:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/03 16:32:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/04 19:43:21 | 000,000,000 | ---D | M]

[2009/03/22 19:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Extensions
[2010/04/05 09:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\extensions
[2010/03/27 21:16:41 | 000,000,000 | ---D | M] (Pirates - FB) -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\extensions\{19627815-20a6-46e6-be34-a0b6967c022a}
[2010/02/14 17:32:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\extensions\{1cff04ef-0c75-4621-ba2a-2efb77346996}
[2009/09/25 23:51:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/04 18:45:38 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/02/14 17:35:27 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/03/28 11:59:04 | 000,009,895 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\searchplugins\mywebsearch.xml
[2010/03/27 21:16:56 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\searchplugins\search-the-web.xml
[2009/04/06 10:19:54 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\searchplugins\yahoo-search.xml
[2009/09/25 23:52:06 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\searchplugins\yahoo.gif
[2009/09/25 23:52:06 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\searchplugins\yahoo.src
[2009/09/16 02:11:48 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\Mozilla\Firefox\Profiles\k7nc86eb.default\searchplugins\yahoo.xml
[2009/03/22 19:47:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2002/08/29 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {094176F9-BF35-4BCB-B68A-108DFB8C3825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AsioReg] CTASIO.DLL (Creative Technology Ltd)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DLCXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe (Dell)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [MyTotalSearch Email Plugin] C:\PROGRA~1\MYTOTA~1\bar\1.bin\mtsoemon.exe File not found
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
O4 - HKCU..\Run: [SB Audigy 2 Startup Menu] File not found
O4 - HKCU..\Run: [Sonic RecordNow!] File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O4 - Startup: C:\Documents and Settings\Juanita\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll File not found
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://download.yaho...s/yinst0401.cab (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://us.dl1.yimg.c.../ymmapi_416.dll (YahooYMailTo Class)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 208.180.42.100 208.180.42.68
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Juanita\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Juanita\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - msnsspc.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/14 11:32:04 | 000,000,000 | R--D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007/06/14 18:23:01 | 000,263,744 | R--- | M] (Firaxis Games) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/07/17 12:11:01 | 000,006,299 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/03/17 19:31:34 | 000,000,171 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007/09/11 13:13:58 | 000,000,109 | ---- | M] () - H:\AUTORUN.INF -- [ FAT ]
O33 - MountPoints2\{7ed9a2ec-846d-11de-9bad-8ed881bf757e}\Shell - "" = AutoRun
O33 - MountPoints2\{7ed9a2ec-846d-11de-9bad-8ed881bf757e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7ed9a2ec-846d-11de-9bad-8ed881bf757e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b37c81e0-a3d0-11de-9bbb-f1d513e25522}\Shell - "" = AutoRun
O33 - MountPoints2\{b37c81e0-a3d0-11de-9bbb-f1d513e25522}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b37c81e0-a3d0-11de-9bbb-f1d513e25522}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\adobe\command - "" = D:\goodies\ar405eng.exe -- File not found
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\aocsetup.exe -- File not found
O33 - MountPoints2\D\Shell\log\command - "" = D:\goodies\machine\machine.exe -- File not found
O33 - MountPoints2\D\Shell\machine\command - "" = D:\goodies\machine\machine.exe -- File not found
O33 - MountPoints2\D\Shell\setup\command - "" = D:\aocsetup.exe -- File not found
O33 - MountPoints2\D\Shell\zone\command - "" = D:\goodies\mszone\zonea660.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\SYSTEM32\IAS [2004/03/26 10:17:22 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\SYSTEM32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 14 Days ==========

[2010/04/04 21:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/04/04 21:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
[2010/04/04 21:09:08 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2010/04/04 21:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO
[2010/04/04 21:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Juanita\Application Data\WinPatrol
[2010/04/04 21:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/04/04 21:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/04/04 20:58:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/04 20:58:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/04 20:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/04 20:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Fortego Security
[2010/04/04 20:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2010/04/04 20:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/04 20:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/04/04 19:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/04 19:56:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Juanita\Application Data\SUPERAntiSpyware.com
[2010/04/04 19:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/04 19:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/04 19:43:20 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/04/04 19:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Juanita\Desktop\Anti-virus
[2010/04/04 19:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Juanita\Application Data\Malwarebytes
[2010/04/04 19:30:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/04 19:30:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/04 19:30:52 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/04 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/04 19:27:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/04/04 19:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/03 16:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/03 16:32:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/29 17:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/03/28 15:24:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/03/23 18:40:00 | 000,224,808 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2009/03/28 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/08/07 20:06:37 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhcp.dll
[2006/10/11 17:01:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2006/10/11 16:59:56 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2006/10/11 16:54:10 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2006/10/11 16:52:34 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2006/10/11 16:51:16 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2006/10/11 16:48:58 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2006/10/11 16:48:14 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2006/10/11 16:47:42 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2006/10/11 16:41:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2006/10/11 16:41:04 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2006/10/11 16:37:14 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[2004/10/23 02:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2004/10/23 02:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2004/10/09 18:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Earthlink
[2004/10/09 16:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2004/03/26 11:02:15 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/04/05 10:25:07 | 000,377,648 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/04/05 10:24:22 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Juanita\NTUSER.DAT
[2010/04/05 10:17:58 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2550796456-2848201810-2424658531-1007.job
[2010/04/05 10:17:55 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2550796456-2848201810-2424658531-1007.job
[2010/04/05 10:15:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/05 10:15:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/04/05 10:15:24 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/05 09:34:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2550796456-2848201810-2424658531-1007UA.job
[2010/04/04 21:07:13 | 000,031,560 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/04/04 21:07:13 | 000,031,560 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/04/04 21:07:13 | 000,031,440 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/04/04 21:07:13 | 000,031,440 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/04/04 21:07:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/04/04 21:07:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/04/04 21:07:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000001-00000000-00000000-00001102-00000004-10031102}.dat
[2010/04/04 21:07:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000000-00001102-00000004-10031102}.dat
[2010/04/04 21:06:49 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Juanita\NTUSER.INI
[2010/04/04 21:06:28 | 004,481,358 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000000-00001102-00000004-10031102}.CDF
[2010/04/04 21:03:41 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2010/04/04 20:34:26 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Juanita\Start Menu\Programs\Startup\SpywareGuard.lnk
[2010/04/04 18:41:41 | 002,102,694 | -H-- | M] () -- C:\Documents and Settings\Juanita\Local Settings\Application Data\IconCache.db
[2010/04/03 23:34:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2550796456-2848201810-2424658531-1007Core.job
[2010/04/03 16:33:10 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/04/03 16:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/03 11:22:44 | 000,018,005 | ---- | M] () -- C:\Documents and Settings\Juanita\My Documents\Not!Todd.jpg
[2010/04/03 00:38:09 | 000,053,758 | ---- | M] () -- C:\Documents and Settings\Juanita\Application Data\wklnhst.dat
[2010/04/02 23:42:41 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Juanita\My Documents\Not allowed.doc
[2010/04/02 23:42:09 | 000,000,466 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/04/02 16:28:00 | 000,026,551 | ---- | M] () -- C:\Documents and Settings\Juanita\My Documents\Agent Cali Still.JPG
[2010/04/02 13:58:38 | 000,031,960 | ---- | M] () -- C:\Documents and Settings\Juanita\My Documents\Agent Miah Arthur.jpg
[2010/03/30 11:06:31 | 000,007,365 | ---- | M] () -- C:\WINDOWS\cdPlayer.ini
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/29 17:55:39 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/27 21:22:03 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/26 11:20:58 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/03/26 11:20:57 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/03/26 11:20:56 | 000,521,766 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/26 11:19:26 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/03/23 18:40:00 | 000,224,808 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/04 21:07:41 | 000,377,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/04/04 21:03:40 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2010/04/04 20:34:26 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Juanita\Start Menu\Programs\Startup\SpywareGuard.lnk
[2010/04/03 16:33:10 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/04/03 11:21:39 | 000,018,005 | ---- | C] () -- C:\Documents and Settings\Juanita\My Documents\Not!Todd.jpg
[2010/04/02 23:42:40 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Juanita\My Documents\Not allowed.doc
[2010/04/02 13:59:08 | 000,026,551 | ---- | C] () -- C:\Documents and Settings\Juanita\My Documents\Agent Cali Still.JPG
[2010/04/02 13:57:18 | 000,031,960 | ---- | C] () -- C:\Documents and Settings\Juanita\My Documents\Agent Miah Arthur.jpg
[2010/03/29 17:57:23 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2550796456-2848201810-2424658531-1007.job
[2010/03/29 17:57:22 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2550796456-2848201810-2424658531-1007.job
[2009/09/26 03:14:45 | 000,687,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/07/02 13:22:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009/05/20 19:15:00 | 000,000,148 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009/05/20 19:15:00 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/05/20 19:15:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/05/20 19:14:41 | 000,020,605 | ---- | C] () -- C:\WINDOWS\HL-4070CDW.INI
[2009/05/20 19:14:22 | 000,000,466 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/05/20 19:14:22 | 000,000,026 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/05/20 19:12:35 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2009/05/20 19:12:35 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2009/01/03 21:18:16 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Juanita\LuResult.txt
[2008/02/11 11:13:28 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Juanita\Local Settings\Application Data\fusioncache.dat
[2007/08/09 09:28:10 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\1C472308B3.sys
[2007/08/09 09:28:04 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/08/07 20:07:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2007/08/07 20:07:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2007/08/07 20:06:38 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\dlcxinst.dll
[2007/08/07 20:05:12 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2006/10/20 19:07:32 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2006/10/20 19:06:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2006/10/20 19:03:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2006/10/20 18:57:38 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2006/10/20 18:56:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2006/10/20 18:55:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2006/10/20 18:54:42 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2006/10/20 18:48:36 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2006/10/20 18:46:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2006/09/22 06:42:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2006/09/06 05:13:14 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcfg.dll
[2006/08/08 14:58:04 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2006/04/24 14:09:58 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2006/03/19 19:03:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2005/02/26 00:17:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Transmogrifier.INI
[2004/11/27 17:34:43 | 000,000,031 | ---- | C] () -- C:\WINDOWS\warhead.ini
[2004/11/27 17:31:47 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[2004/08/04 02:56:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\kbdmlt47.dll
[2004/08/02 19:25:04 | 000,000,066 | ---- | C] () -- C:\WINDOWS\KA.INI
[2004/06/20 12:52:19 | 000,000,412 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/06/20 12:51:32 | 000,000,081 | ---- | C] () -- C:\WINDOWS\CANDYLND.INI
[2004/05/25 18:18:25 | 000,007,365 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/04/17 18:51:31 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DVDSentry.ini
[2004/04/14 10:28:54 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AUTHMGR.INI
[2004/04/03 22:08:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/04/03 11:05:31 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/04/03 11:05:31 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/04/03 11:05:31 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/04/03 00:18:20 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Juanita\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/04/01 12:47:39 | 000,000,143 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2004/04/01 12:36:47 | 000,000,591 | ---- | C] () -- C:\WINDOWS\DELLSTAT.INI
[2004/04/01 08:17:48 | 000,053,758 | ---- | C] () -- C:\Documents and Settings\Juanita\Application Data\wklnhst.dat
[2004/04/01 00:33:38 | 006,815,744 | -H-- | C] () -- C:\Documents and Settings\Juanita\NTUSER.DAT
[2004/04/01 00:33:38 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\Juanita\ntuser.dat.LOG
[2004/04/01 00:33:38 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Juanita\NTUSER.INI
[2004/04/01 00:32:46 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2004/04/01 00:32:46 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2004/03/26 11:16:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/26 11:07:47 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/03/26 11:02:38 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/03/26 11:02:17 | 000,066,807 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2004/03/26 11:02:17 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/03/26 11:02:16 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2004/03/26 11:02:16 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2004/03/26 11:01:48 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/03/26 11:00:37 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/03/26 10:57:31 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/26 10:39:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/26 10:20:12 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/11/20 14:39:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[1997/06/13 21:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2004/04/01 12:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/03/28 12:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/04 20:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/02 19:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TGHomeSoft
[2009/07/02 13:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2004/03/26 11:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2004/04/14 10:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\Earthlink
[2004/04/23 13:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\InterTrust
[2005/03/13 14:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\Leadertech
[2008/02/10 20:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\My Games
[2009/03/28 12:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\SystemRequirementsLab
[2010/04/04 21:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juanita\Application Data\WinPatrol

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/10/09 15:42:04 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:AGP440.sys
[2004/10/09 15:42:04 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2001/08/17 14:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\I386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2002/08/29 06:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 06:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys
[2004/10/09 15:42:04 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2004/10/09 15:42:04 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002/08/29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SYSTEM32\DLLCACHE\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2003/04/23 10:29:54 | 000,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\I386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\SYSTEM32\eventlog.dll
[2002/08/29 06:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\I386\EVENTLOG.DLL

< MD5 for: NETLOGON.DLL >
[2002/08/29 06:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\I386\NETLOGON.DLL
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\SYSTEM32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\SYSTEM32\scecli.dll
[2002/08/29 06:00:00 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\I386\SCECLI.DLL

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2002/09/03 09:47:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV
[2002/09/03 09:47:18 | 000,602,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV
[2002/09/03 09:47:18 | 000,380,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\svchost.exe:SummaryInformation
< End of report >



OTL Extras logfile created on: 4/5/2010 10:25:25 AM - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Juanita\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 489.00 Mb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.73 Gb Total Space | 85.09 Gb Free Space | 76.16% Space Free | Partition Type: NTFS
Drive D: | 662.68 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 5.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 973.17 Mb Total Space | 19.69 Mb Free Space | 2.02% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: MYCOMPUTER
Current User Name: Juanita
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:TaskPanl -- File not found
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe" = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Disabled:backWeb-7288971 -- ()
"C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\WINDOWS\SYSTEM32\dlcxcoms.exe" = C:\WINDOWS\SYSTEM32\dlcxcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 -- (Firaxis Games)
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\AGE2_X1.ICD" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\AGE2_X1.ICD:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe" = C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe:*:Disabled:Device Monitor -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword -- (Firaxis Games)
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss -- (Firaxis Games)
"C:\Documents and Settings\Juanita\Local Settings\Temp\7zS16F.tmp\SymNRT.exe" = C:\Documents and Settings\Juanita\Local Settings\Temp\7zS16F.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{0784F89D-9E1C-450E-81FF-5C771D036542}" = Brother HL-4070CDW
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{186A63A2-4256-43C6-8061-95EF77A5CDB6}" = Sid Meier's Civilization 4
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{38FBBBD4-1D2A-4037-A71C-57093B4BA889}" = KODAK One Touch to Better Pictures
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{410438A3-B591-4028-B70A-3CC0B33FBCD1}" =
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{51661BCF-F22A-11D4-82B4-00500494EF5C}" = KODAK Picture Software
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{595A6662-6158-11D4-8F73-0050DA0F6297}" = The Sims Art Studio
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = Sonic MyDVD
"{6623EC97-858F-4540-845B-E2B508CB6921}" = Homeschool Tracker Plus
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8704D51E-25B7-4F23-81E7-AA4F54790210}" = Microsoft Streets and Trips 2004
"{884CE4D3-71D7-494A-8206-1317201AAE04}" = KODAK Camera Connection Software Help
"{894084B6-BC69-43B7-BF06-B93AECFEA520}" = GameSpy Comrade
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}" = The Sims Makin' Magic
"{9A8F1CA0-9085-11D4-B869-0050DA73F204}" = KODAK Memory Albums
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA5CF689-530F-44C0-960A-1CF9E4981D3A}" = Homeschool Tracker
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{E82BF103-904F-49C0-B77F-6EC110B71E87}" = Sound Blaster Audigy 2
"{E8C06CB3-5DB2-4689-B1DC-4A0220DEA96C}" = Consumer Complete Care Services Agreement
"{EE06E525-B202-4CAB-888A-8749AF598F6C}" = All-Seeing Eye 0.7.1
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F90DA605-4E92-11D4-A319-00104BCAB4AB}" = KODAK Picture Transfer Software
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FE117AA8-6CF3-4F2D-96C9-CAE35C309704}" = KODAK Camera Connection Software
"Adobe Acrobat 5.0" = Adobe Acrobat 4.0, 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adventures in Typing" = Adventures in Typing
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"America Online us" = America Online (Choose which version to remove)
"BackWeb-7288971 Uninstaller" = KODAK Software Updater
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"My Total Search Bar Uninstall" = My Total Search (Smiley Central)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoParade.exe" = PhotoParade Player
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"PROSet" = Intel® PRO Network Adapters and Drivers
"QuickTime32" = QuickTime for Windows (32-bit)
"RealPlayer 12.0" = RealPlayer
"Shockwave" = Shockwave
"SpongeBob SquarePants Typing" = SpongeBob SquarePants Typing
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SpywareGuard_is1" = SpywareGuard v2.2
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SystemRequirementsLab" = System Requirements Lab
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinPatrol" = WinPatrol 2009
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Companion
"Yahoo! Mail" = Yahoo! Internet Mail

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/15/2010 9:12:52 PM | Computer Name = MYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3685, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/25/2010 2:00:12 AM | Computer Name = MYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3685, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/29/2010 5:01:57 PM | Computer Name = MYCOMPUTER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 3/29/2010 5:01:57 PM | Computer Name = MYCOMPUTER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 3/30/2010 8:30:34 PM | Computer Name = MYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3727, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/30/2010 8:30:45 PM | Computer Name = MYCOMPUTER | Source = Application Hang | ID = 1001
Description = Fault bucket 1762740007.

Error - 4/2/2010 10:57:29 AM | Computer Name = MYCOMPUTER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.6856.0, faulting module
mso.dll, version 10.0.6858.0, fault address 0x00023188.

Error - 4/3/2010 12:49:48 AM | Computer Name = MYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/3/2010 12:50:38 AM | Computer Name = MYCOMPUTER | Source = Application Hang | ID = 1001
Description = Fault bucket 1788811432.

Error - 4/4/2010 10:08:39 PM | Computer Name = MYCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

[ System Events ]
Error - 4/5/2010 10:11:44 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 4/5/2010 10:12:23 AM | Computer Name = MYCOMPUTER | Source = Print | ID = 23
Description = Printer Dell AIO Printer A940,0 failed to initialize because a suitable
Dell AIO Printer A940 driver could not be found.

Error - 4/5/2010 10:30:43 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%2

Error - 4/5/2010 10:30:44 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%2

Error - 4/5/2010 10:30:44 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%2

Error - 4/5/2010 10:30:45 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%2

Error - 4/5/2010 10:30:45 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%2

Error - 4/5/2010 11:15:43 AM | Computer Name = MYCOMPUTER | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 4/5/2010 11:17:35 AM | Computer Name = MYCOMPUTER | Source = Print | ID = 23
Description = Printer Dell AIO Printer A940,0 failed to initialize because a suitable
Dell AIO Printer A940 driver could not be found.

Error - 4/5/2010 11:20:20 AM | Computer Name = MYCOMPUTER | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 835f9033, parameter3
f7716ab7, parameter4 00000000.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP