I have had some problems for about two weeks now. Computer started running slow. When I open browser sometimes I connect to internet and sometimes not. It says can't display this page. After connecting sometimes its very slow at responding. Sometimes I have got disconnected up to ten times in an hour. Very frustrating. I have contacted my internet server provider and they came out and changed my wireless router, they say everything is working fine on their end. I don't no what else to do. I thought maybe its something with the computer. I ran a full virus scan through my microsoft security essentials, a full scan through super antispyware and nothing showed up. I did a full scan on malwarebytes and it showed three things, two pup.optional.bearshare tb.a and trojan.format c. I don't know if this is the problem but I'm ready to scream. It seems like since I ran scans the disconnects are more frequent and computer getting slower. Please help me. Thank you Patty. Here is a copy of the OTL.
OTL logfile created on: 11/7/2013 11:37:03 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.61% Memory free
3.84 Gb Paging File | 3.27 Gb Available in Paging File | 85.15% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.71 Gb Total Space | 46.17 Gb Free Space | 67.20% Space Free | Partition Type: NTFS
Drive D: | 5.80 Gb Total Space | 2.95 Gb Free Space | 50.79% Space Free | Partition Type: FAT32
Computer Name: PATTY | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/11/07 11:36:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013/11/07 02:20:15 | 005,717,272 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2013/10/16 23:25:50 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/08/12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/08/12 09:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/05/23 15:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/04/17 16:18:55 | 000,422,632 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/03/14 15:42:18 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/03/14 15:40:52 | 001,376,340 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2004/10/08 14:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
========== Modules (No Company Name) ==========
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/12/09 20:46:38 | 000,600,868 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/08/02 02:26:20 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/08/02 02:24:54 | 000,348,160 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2013/10/16 23:25:50 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/08/12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/23 15:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/03/09 20:30:09 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008/07/24 03:02:46 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6D4F028B-5575-4E24-A989-132875308BEA}\MpKsla9f1a1b7.sys -- (MpKsla9f1a1b7)
DRV - [2011/09/02 01:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 01:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 01:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/22 00:47:50 | 000,023,608 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV - [2010/09/27 13:50:44 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/31 10:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/06/04 09:19:18 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCVideo32.sys -- (MusCVideo32)
DRV - [2008/06/04 09:19:16 | 000,508,544 | ---- | M] (Windows ® 2000/XP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCDriverV32.sys -- (MusCDriverV32)
DRV - [2007/12/14 09:21:56 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007/06/18 19:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/09/14 12:03:52 | 000,980,736 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/08/02 03:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/03/14 15:21:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/03/14 15:19:24 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/03/14 15:18:00 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/03/14 15:15:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/03/14 15:15:24 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/03/14 15:14:52 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/14 15:12:02 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/03/14 15:10:56 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/09/09 17:15:32 | 001,032,472 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2003/06/30 04:50:00 | 000,072,894 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lmouflt2.sys -- (LMouFlt2)
DRV - [2003/06/30 04:50:00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003/06/30 04:50:00 | 000,025,214 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...s=PTB&M=NX860XL
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7EDA56B3-0B62-4F78-9D62-F73F5C654949}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "www.msn.com"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 20:30:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/03/09 19:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013/03/14 17:53:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\h4vxsm2x.default\extensions
[2013/03/14 17:53:53 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\h4vxsm2x.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/03/10 18:04:01 | 000,531,283 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\h4vxsm2x.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/03/09 20:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 20:30:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/15 19:35:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/15 19:35:09 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2013/03/14 17:28:25 | 000,572,148 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 csh.actiondesk.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 15484 more lines...
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2698A5C7-EA98-4195-ADC3-6AB12C1614C6}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/11/07 11:35:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/11/01 08:54:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2013/10/23 15:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\equifax report me
[2013/10/23 13:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\equifax report
[2013/10/16 23:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/10/16 23:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/16 23:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2009/01/01 02:14:27 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2013/11/07 11:36:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/11/07 10:16:03 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/11/07 10:06:06 | 000,194,401 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/11/07 10:05:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/07 02:19:33 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Administrator\random.dat
[2013/11/06 23:41:56 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE.dat
[2013/11/03 01:54:11 | 000,442,276 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/03 01:54:11 | 000,072,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/02 22:37:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/20 18:53:40 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/10/15 17:08:55 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/10/09 20:11:18 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/09 20:06:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/05/17 02:12:18 | 000,125,440 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll
[2013/03/18 00:51:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\sfc
[2013/01/01 07:16:06 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\ud-boot-time.ini
[2012/10/25 23:30:19 | 000,000,071 | ---- | C] () -- C:\Documents and Settings\Administrator\jagex_cl_loginapplet_LIVE.dat
[2012/06/21 19:00:42 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE1.dat
[2012/06/01 22:30:20 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE.dat
[2012/05/12 18:53:16 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Administrator\random.dat
[2012/02/25 20:00:35 | 000,000,316 | ---- | C] () -- C:\WINDOWS\w32demo8.ini
[2012/02/17 11:03:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/30 00:20:18 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2012/01/30 00:20:15 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2012/01/30 00:20:15 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2012/01/30 00:20:13 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2012/01/30 00:20:10 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2012/01/30 00:20:10 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2012/01/30 00:20:05 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2012/01/30 00:20:04 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011/12/20 20:24:07 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ESGAppInfo.dll
[2011/11/20 12:41:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/10/28 22:53:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
[2011/01/25 07:14:21 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/02 23:49:05 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\setup_ldm.iss
[2009/04/07 19:38:36 | 000,000,364 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
[2009/02/10 00:47:28 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ghH6NSCmtt.gif
[2009/02/10 00:47:28 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ghH6NSCmnn.gif
[2009/02/10 00:47:28 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ghH6NSCmyy.gif
[2009/02/05 19:04:32 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\Administrator\ntuser.bak
[2009/01/31 23:59:44 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\tt.gif
[2009/01/31 23:59:44 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\nn.gif
[2009/01/31 23:59:44 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\yy.gif
[2009/01/01 20:48:48 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/01/01 02:14:27 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ezpinst.exe
[2009/01/01 02:14:27 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2009/01/01 02:14:27 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf
[2008/08/14 20:04:24 | 000,001,028 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\WavCodec.wff
[2008/07/29 21:37:50 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
========== ZeroAccess Check ==========
[2006/06/17 04:37:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009/02/01 00:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Amazon
[2012/02/26 00:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Auslogics
[2009/05/09 10:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blitware
[2011/03/11 18:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\bsbandmltbpi
[2011/12/20 19:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/05/09 09:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DriverCure
[2013/06/09 11:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
[2013/07/28 15:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2009/02/01 00:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ImgBurn
[2008/07/24 03:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2008/07/24 02:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
[2009/05/28 19:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Musicmatch
[2011/02/27 20:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
[2011/04/08 08:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2011/12/20 21:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2012/05/11 11:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Oracle
[2011/07/20 15:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ParetoLogic
[2008/08/13 23:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2008/08/15 00:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ringtone
[2008/12/29 23:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RipIt4Me
[2008/07/24 02:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2011/10/29 01:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Samsung
[2011/07/21 23:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SmartDVDCreator
[2010/10/06 18:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2009/04/07 19:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Template
[2011/11/15 13:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Tific
[2011/07/20 20:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Vso
[2013/03/18 01:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2013/03/12 04:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2012/07/04 15:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2011/07/19 22:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClubSanDisk
[2011/11/15 12:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Manager
[2009/05/09 10:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2012/01/29 23:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverWizard
[2010/11/03 11:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2008/08/13 20:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2013/04/25 10:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/02/27 20:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2012/02/25 02:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/05/09 08:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/08/13 23:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2013/03/12 02:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/10/28 22:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/01/01 20:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 11/7/2013 11:37:03 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.61% Memory free
3.84 Gb Paging File | 3.27 Gb Available in Paging File | 85.15% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.71 Gb Total Space | 46.17 Gb Free Space | 67.20% Space Free | Partition Type: NTFS
Drive D: | 5.80 Gb Total Space | 2.95 Gb Free Space | 50.79% Space Free | Partition Type: FAT32
Computer Name: PATTY | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = Bluetooth Software
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{4D24F198-A2CB-46B5-BB16-41B69C644B6C}" = Microsoft Security Client
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.78
"{607398CF-354B-4E21-B1BC-549424BFD04C}" = TIPCI
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6CF4996E-9A09-4C7A-BB2B-22CB4D7F33BE}" = nav-u tool
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"CLO" = CLO
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"ERUNT_is1" = ERUNT 1.1j
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.7.18
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.24.430
"Free YouTube Download_is1" = Free YouTube Download version 3.2.1.320
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"Hardwood Euchre" = Hardwood Euchre
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{607398CF-354B-4E21-B1BC-549424BFD04C}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = Nero Media Player
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 16.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Speccy" = Speccy
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Switch" = Switch Sound File Converter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"UltraDefrag" = Ultra Defragmenter
"Uninstall_is1" = Uninstall 1.0.0.1
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WGA" = Windows Genuine Advantage Validation Tool
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/1/2013 9:54:04 AM | Computer Name = PATTY | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.3.219.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
[ System Events ]
Error - 10/7/2013 5:36:45 PM | Computer Name = PATTY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 10/7/2013 5:36:53 PM | Computer Name = PATTY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 10/7/2013 5:37:00 PM | Computer Name = PATTY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 10/7/2013 5:37:07 PM | Computer Name = PATTY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 10/28/2013 4:55:17 PM | Computer Name = PATTY | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/28/2013 4:55:17 PM | Computer Name = PATTY | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 11/1/2013 9:40:07 AM | Computer Name = PATTY | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.161.1109.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10003.0
Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 11/1/2013 12:09:22 PM | Computer Name = PATTY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
Error - 11/2/2013 11:38:27 PM | Computer Name = PATTY | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 11/2/2013 11:38:27 PM | Computer Name = PATTY | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
< End of report >