Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My Yahoo email appears to be infected.

Started by Evan_R , May 17 2011 08:19 PM

  • Please log in to reply

#1
Evan_R
Posted 17 May 2011 - 08:19 PM

Evan_R

    Member

  • Member
  • PipPip
  • 24 posts
About a week ago a few friends told me I sent them an email containing a link sent them to sites featuring the usual spam items like viagra. Today it sent out two more, so I have definitely have a bug of some kind. I ran Malwarebytes, Ad-Aware and AVG. They caught a few things but nothing that looked like it was causing this email problem. Any help will be greatly appreciated. Here's my OTL log:

OTL logfile created on: 5/17/2011 10:02:26 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Evan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.00 Mb Total Physical Memory | 107.00 Mb Available Physical Memory | 42.00% Memory free
757.00 Mb Paging File | 221.00 Mb Available in Paging File | 29.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.25 Gb Total Space | 53.77 Gb Free Space | 76.54% Space Free | Partition Type: NTFS
Drive F: | 931.28 Gb Total Space | 911.01 Gb Free Space | 97.82% Space Free | Partition Type: FAT32

Computer Name: EVANJACKIE | User Name: Evan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/17 21:25:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evan\Desktop\OTL.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/07/09 11:23:16 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/03/31 19:06:56 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/12 21:24:50 | 002,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/08/24 15:27:46 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/08/24 11:01:35 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/24 11:01:25 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/24 11:00:48 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (SafeList) ==========

MOD - [2011/05/17 21:25:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evan\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/08/24 11:00:48 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/04/25 22:34:12 | 000,466,944 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\WINDOWS\System32\dlbucoms.exe -- (dlbu_device)


========== Driver Services (SafeList) ==========

DRV - [2009/10/12 21:24:56 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/12 21:24:54 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/12 21:24:52 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/08/24 11:01:34 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/24 11:01:34 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/21 16:43:23 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2007/04/09 09:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 09:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 09:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/09/17 15:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.amazon.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.74

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/21 19:21:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/17 18:44:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/12 12:49:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/31 19:07:10 | 000,000,000 | ---D | M]

[2009/01/12 16:27:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Evan\Application Data\Mozilla\Extensions
[2011/05/17 21:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\extensions
[2010/04/30 20:31:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/04 16:44:48 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/04 16:44:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/05/11 19:32:30 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\extensions\[email protected]
[2010/04/01 19:43:31 | 000,005,500 | ---- | M] () -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\searchplugins\foodtv.xml
[2008/06/20 19:38:11 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\searchplugins\IMDB.xml
[2011/05/16 18:00:30 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\searchplugins\weather.xml
[2008/06/20 19:38:12 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Evan\Application Data\Mozilla\Firefox\Profiles\42bnizgc.default\searchplugins\wikipedia.xml
[2011/05/17 21:22:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/21 19:21:16 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX
[2011/05/17 18:44:14 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2006/10/02 10:04:19 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/06/09 20:12:50 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2009/11/23 21:47:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [DLBUCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBUtime.DLL ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Evan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Evan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/17 21:25:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Evan\Desktop\OTL.exe

========== Files - Modified Within 30 Days ==========

[2011/05/17 21:25:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evan\Desktop\OTL.exe
[2011/05/17 21:24:44 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/17 20:24:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/17 18:49:41 | 075,825,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/05/17 18:37:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/17 18:36:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/17 18:36:53 | 266,391,552 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/29 17:32:15 | 000,033,216 | ---- | M] () -- C:\Documents and Settings\Evan\Application Data\wklnhst.dat
[2011/04/29 17:19:30 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Evan\Desktop\Word.lnk
[2011/04/23 21:22:17 | 000,255,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/23 21:04:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/23 21:00:18 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/23 21:00:18 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2010/08/02 16:46:46 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/10/26 20:52:28 | 000,000,027 | ---- | C] () -- C:\WINDOWS\wominfo.dat
[2008/04/22 13:29:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VZWDLManager.dll
[2007/11/23 19:26:07 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/11/23 19:26:07 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2007/11/23 19:26:07 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2007/11/23 19:26:07 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2007/11/23 19:26:07 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/11/23 19:26:07 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2007/11/23 19:26:07 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2007/11/23 19:26:07 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2007/11/23 19:26:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2007/11/23 19:26:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2007/11/23 19:26:07 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2007/11/23 19:26:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2007/11/23 19:26:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2007/11/23 19:26:07 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2007/11/23 19:26:07 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2007/11/23 19:26:07 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2007/11/23 19:26:07 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/23 19:26:06 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2007/11/23 19:26:06 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/11/15 07:29:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/10/04 22:30:43 | 000,000,048 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/09/04 11:00:52 | 000,001,180 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/01/25 22:37:23 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/31 14:51:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/14 21:53:21 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/30 17:55:53 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/11/30 17:55:46 | 000,003,813 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/11/30 17:26:23 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/16 20:24:45 | 000,067,072 | ---- | C] () -- C:\Documents and Settings\Evan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/16 20:15:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure20.INI
[2005/10/16 20:08:45 | 000,000,822 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/10/16 19:41:31 | 000,033,216 | ---- | C] () -- C:\Documents and Settings\Evan\Application Data\wklnhst.dat
[2005/10/16 19:35:47 | 000,001,551 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/10/16 19:27:59 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Evan\Local Settings\Application Data\fusioncache.dat
[2005/10/10 16:46:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/10 16:34:20 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/10 16:30:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/10 16:27:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/10 16:00:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/10 16:00:26 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/10/10 16:00:14 | 000,000,394 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/25 21:24:22 | 000,000,378 | ---- | C] () -- C:\WINDOWS\System32\dlbuplc.ini
[2005/04/15 06:22:24 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\dlbuinsr.dll
[2005/04/15 06:22:20 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\dlbucur.dll
[2005/04/15 06:22:02 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\dlbujswr.dll
[2005/04/15 06:14:50 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbuinsb.dll
[2005/04/15 06:14:44 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dlbucub.dll
[2005/04/15 06:14:40 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlbuins.dll
[2005/04/15 06:13:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbucu.dll
[2005/04/15 05:59:46 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\dlbuutil.dll
[2005/04/12 22:20:38 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\dlbusnls.dll
[2005/04/12 22:19:58 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlbucoin.dll
[2005/02/23 22:12:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbuvs.dll
[2005/02/03 23:59:48 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\metaflac.exe
[2005/02/03 23:59:44 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\flac.exe
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,255,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,442,466 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,071,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2000/09/08 18:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll

< End of report >


Thanks!
Evan
  • 0

Advertisements

#2
Evan_R
Posted 17 May 2011 - 08:21 PM

Evan_R

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Here's the second note from OTL:

OTL Extras logfile created on: 5/17/2011 10:02:26 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Evan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.00 Mb Total Physical Memory | 107.00 Mb Available Physical Memory | 42.00% Memory free
757.00 Mb Paging File | 221.00 Mb Available in Paging File | 29.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.25 Gb Total Space | 53.77 Gb Free Space | 76.54% Space Free | Partition Type: NTFS
Drive F: | 931.28 Gb Total Space | 911.01 Gb Free Space | 97.82% Space Free | Partition Type: FAT32

Computer Name: EVANJACKIE | User Name: Evan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1134611779\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1134611779\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1134611779\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1134611779\ee\aim6.exe:*:Enabled:AIM -- (America Online, Inc.)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- (LimeWire)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05410044-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Encyclopedia Standard 2005
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25EF00A1-F17B-11D6-88EA-000476CD2443}" = Verizon Online Support Center
"{25EF00BE-F17B-11D6-88EA-000476CD2443}" = Verizon Online
"{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = RemoteCapture Task 1.1
"{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer
"{2E8131B2-8DAF-41E2-B954-18FD5DEF0B54}" = BlackBerry Desktop Software 5.0.1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Library 10
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Premium 10
"{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = RAW Image Task 1.2
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4C96958A-6562-4143-B820-FF4890D3B734}" = Camera Window DVC
"{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{67E4EE98-59F4-4210-89A6-A20AF5BEC689}" = Microsoft Streets and Trips 2005
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7C594459-6829-420D-A773-041F64CBC330}" = Snood Deluxe
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = MovieEdit Task
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Camera Window DS
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Camera Support Core Library
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADAC983-FDE9-42FA-8FD9-7BB324155593}" = HLPRFO
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C61177FD-37C4-4C5F-BE6C-E04A8AC399B6}" = EclipseCrossword
"{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Camera Window MC
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}" = Microsoft Works Suite Add-in for Microsoft Word
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DC47F79D-E180-4D5E-9490-18C5C0B2009F}_is1" = Super Crossword Creator
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{FF523622-F4CB-463C-86EF-7EB94C5DD7BB}" = G23942EN
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced WMA Workshop_is1" = Advanced WMA Workshop version 2.7.2
"AIM_6" = AIM 6
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AVG8Uninstall" = AVG Free 8.5
"AviSynth" = AviSynth 2.5
"BlackBerry_{2E8131B2-8DAF-41E2-B954-18FD5DEF0B54}" = BlackBerry Desktop Software 5.0.1
"CleanUp!" = CleanUp!
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Dell Photo AIO Printer 942" = Dell Photo AIO Printer 942
"Digital Media Converter_is1" = Digital Media Converter 2.74
"FLAC" = FLAC Installer 1.1.2a (remove only)
"HijackThis" = HijackThis 2.0.2
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{4C96958A-6562-4143-B820-FF4890D3B734}" = Canon Camera Window DVC for ZoomBrowser EX
"InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"InstallShield_{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Canon Camera Window DS for ZoomBrowser EX
"InstallShield_{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Canon Camera Support Core Library
"InstallShield_{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Canon Camera Window for ZoomBrowser EX
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"PROSet" = Intel® PRO Network Adapters and Drivers
"Shockwave" = Shockwave
"StreetPlugin" = Learn2 Player (Uninstall Only)
"VCast Music Essentials Manager" = V CAST Music Manager
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"Works2005Setup" = Microsoft Works 2005 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/11/2011 7:52:21 PM | Computer Name = EVANJACKIE | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 4/11/2011 7:52:23 PM | Computer Name = EVANJACKIE | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/11/2011 7:52:27 PM | Computer Name = EVANJACKIE | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

[ System Events ]
Error - 3/6/2011 10:05:39 PM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7000
Description = The Fax service failed to start due to the following error: %%1053

Error - 4/8/2011 5:48:33 PM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Fax service to connect.

Error - 4/8/2011 5:48:33 PM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7000
Description = The Fax service failed to start due to the following error: %%1053

Error - 4/10/2011 11:08:26 AM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Fax service to connect.

Error - 4/10/2011 11:08:26 AM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7000
Description = The Fax service failed to start due to the following error: %%1053

Error - 4/22/2011 11:00:55 AM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Fax service to connect.

Error - 4/22/2011 11:00:55 AM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7000
Description = The Fax service failed to start due to the following error: %%1053

Error - 5/6/2011 5:31:03 PM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Fax service to connect.

Error - 5/6/2011 5:31:03 PM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7000
Description = The Fax service failed to start due to the following error: %%1053

Error - 5/17/2011 7:13:20 PM | Computer Name = EVANJACKIE | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%183


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP