Jump to content

NascarFan19

Anti-Spyware Brigade
  • Content Count

    910
  • Joined

  • Last visited

Posts posted by NascarFan19


  1. Hi Jeffce, Once we have done all we can to this system, and I suspect that we are almost there, are any of the programs I have downloaded of any use on an everday basis? I suspect not, but wanted to ask you. Thanks

     

    ComboFix 12-01-10.02 - Owner 01/10/2012 21:16:39.4.1 - x86

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.141 [GMT -5:00]

    Running from: c:documents and settingsOwnerDesktopComboFix.exe

    Command switches used :: c:documents and settingsOwnerDesktopCFScript.txt

    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

    .

    .

    ((((((((((((((((((((((((( Files Created from 2011-12-11 to 2012-01-11 )))))))))))))))))))))))))))))))

    .

    .

    2012-01-10 23:16 . 2012-01-10 23:16 -------- d-----w- c:windowsLastGood

    2012-01-10 20:17 . 2012-01-10 20:19 -------- d-----w- c:program filesOracle

    2012-01-10 20:16 . 2012-01-10 20:16 -------- d-----w- c:documents and settingsOwnerApplication DataOracle

    2012-01-10 20:13 . 2011-11-09 00:56 637848 ----a-w- c:windowssystem32npdeployJava1.dll

    2012-01-10 20:13 . 2011-11-09 00:56 567184 ----a-w- c:windowssystem32deployJava1.dll

    2012-01-10 05:56 . 2012-01-10 05:56 -------- d-----w- c:documents and settingsOwnerApplication DataDriverCure

    2012-01-10 05:56 . 2012-01-10 05:56 -------- d-----w- c:documents and settingsOwnerApplication DataSpeedyPC Software

    2012-01-10 05:55 . 2012-01-10 05:55 -------- d-----w- c:program filesCommon FilesSpeedyPC Software

    2012-01-10 05:55 . 2012-01-10 05:55 -------- d-----w- c:documents and settingsAll UsersApplication DataSpeedyPC Software

    2012-01-10 05:55 . 2012-01-10 05:55 -------- d-----w- c:program filesSpeedyPC Software

    2012-01-09 19:06 . 2012-01-09 19:06 -------- d-----w- c:program filesFoxit Software

    2012-01-09 06:31 . 2012-01-09 06:31 -------- d-----w- C:_OTL

    2012-01-08 02:15 . 2012-01-08 02:15 -------- d-----w- c:program filesESET

    2012-01-07 04:55 . 2012-01-07 04:55 -------- d-----w- C:$AVG

    2012-01-06 01:30 . 2012-01-06 01:30 -------- d-----w- c:documents and settingsOwnerApplication DataAVG2012

    2012-01-06 01:25 . 2012-01-10 15:16 -------- d-----w- c:windowssystem32driversAVG

    2012-01-06 01:25 . 2012-01-06 01:38 -------- d-----w- c:documents and settingsAll UsersApplication DataAVG2012

    2012-01-06 01:07 . 2012-01-06 01:07 -------- d--h--w- c:documents and settingsAll UsersApplication DataCommon Files

    2012-01-06 01:02 . 2012-01-10 23:48 -------- d-----w- c:documents and settingsAll UsersApplication DataMFAData

    2012-01-04 02:39 . 2012-01-05 07:38 -------- d-----w- C:HiJack This

    2012-01-04 02:37 . 2012-01-04 02:37 388096 ----a-r- c:documents and settingsOwnerApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe

    2012-01-04 02:37 . 2012-01-04 02:37 -------- d-----w- c:program filesTrend Micro

    2012-01-02 04:54 . 2012-01-02 05:08 -------- d-----w- C:Pictures

    2012-01-01 17:22 . 2012-01-01 17:22 0 ----a-w- c:documents and settingsOwnerReset_IE_Windows.reg

    2011-12-31 20:49 . 2011-12-31 20:49 -------- d-----w- c:documents and settingsAll UsersApplication DataBlueSprig

    2011-12-28 13:13 . 2011-12-31 19:55 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

    2011-12-25 00:48 . 2011-12-31 01:48 -------- d-----w- c:documents and settingsAdministrator

    2011-12-22 02:07 . 1998-09-02 08:28 38160 ----a-w- c:windowssystem32LMRTREND.dll

    2011-12-22 02:07 . 1998-08-20 11:02 140800 ----a-w- c:windowssystem32tm20dec.ax

    2011-12-22 02:07 . 1998-08-27 04:51 182032 ----a-w- c:windowssystem32dxtmsft3.dll

    2011-12-22 02:06 . 1998-09-02 08:28 63488 ----a-w- c:windowssystem32unam4ie.exe

    2011-12-22 02:06 . 1998-08-17 09:21 5672 ----a-w- c:windowssystem32quartz.vxd

    2011-12-22 02:06 . 1998-08-17 09:21 10240 ----a-w- c:windowssystem32vidx16.dll

    2011-12-22 02:06 . 1998-08-17 09:21 11776 ----a-w- c:windowssystem32mciqtz.drv

    2011-12-22 02:06 . 1998-09-02 08:02 194320 ----a-w- c:windowssystem32qcut.dll

    2011-12-22 02:06 . 2011-12-22 02:06 4608 ----a-w- c:windowssystem32w95inf32.dll

    2011-12-22 02:06 . 2011-12-22 02:06 2272 ----a-w- c:windowssystem32w95inf16.dll

    2011-12-22 02:05 . 1996-07-01 05:00 77312 ----a-w- c:windowssystem32TWAIN_32.DLL

    2011-12-22 01:44 . 2008-04-14 01:12 20992 ----a-w- c:windowssystem32dshowext.ax

    2011-12-19 01:22 . 2011-12-19 01:22 22 --sha-w- c:documents and settingsOwnerApplication DataSys2662.Config.Repository.bin

    2011-12-19 01:21 . 2011-12-19 01:22 -------- d-----w- c:program filesjv16 PowerTools 2011

    2011-12-19 01:11 . 2012-01-03 20:31 -------- d-----w- c:program filesMalwarebytes' Anti-Malware

    2011-12-19 01:11 . 2011-12-10 20:24 20464 ----a-w- c:windowssystem32driversmbam.sys

    2011-12-17 15:31 . 2011-12-17 15:31 -------- d-----w- c:program filesCommon FilesHewlett-Packard

    2011-12-17 15:27 . 2004-09-29 17:08 61440 ----a-w- c:windowssystem32HPZinw12.exe

    2011-12-17 15:27 . 2004-09-29 17:15 204800 ----a-w- c:windowssystem32HPZipr12.dll

    2011-12-17 15:27 . 2004-09-29 17:14 69632 ----a-w- c:windowssystem32HPZipm12.exe

    2011-12-17 15:27 . 2004-09-29 17:09 57344 ----a-w- c:windowssystem32HPZisn12.dll

    2011-12-17 15:27 . 2004-09-29 17:09 94208 ----a-w- c:windowssystem32HPZipt12.dll

    2011-12-17 15:27 . 2004-09-29 17:12 278584 ----a-w- c:windowssystem32HPZidr12.dll

    2011-12-17 15:24 . 2005-03-18 18:32 180315 ----a-w- c:windowssystem32hpzsnt12.dll

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2011-11-23 13:25 . 2007-12-30 03:26 1859584 ----a-w- c:windowssystem32win32k.sys

    2011-11-09 00:56 . 2008-02-01 03:57 141312 ----a-w- c:windowssystem32javacpl.cpl

    2011-11-04 19:20 . 2007-12-30 04:07 43520 ----a-w- c:windowssystem32licmgr10.dll

    2011-11-04 19:20 . 2007-12-30 04:07 1469440 ------w- c:windowssystem32inetcpl.cpl

    2011-11-04 19:20 . 2007-12-30 03:26 916992 ----a-w- c:windowssystem32wininet.dll

    2011-11-04 11:23 . 2007-12-30 10:26 385024 ----a-w- c:windowssystem32html.iec

    2011-11-01 16:07 . 2007-12-30 03:24 1288704 ----a-w- c:windowssystem32ole32.dll

    2011-10-28 05:31 . 2007-12-30 04:03 33280 ----a-w- c:windowssystem32csrsrv.dll

    2011-10-25 13:37 . 2002-08-29 08:04 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe

    2011-10-25 12:52 . 2002-08-29 08:04 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe

    2011-10-18 11:13 . 2007-12-30 04:07 186880 -c--a-w- c:windowssystem32encdec.dll

    2011-10-17 18:48 . 2011-10-17 18:48 21035 ----a-w- c:windowssystem32driversAegisP.sys

    2011-03-21 01:17 . 2011-03-21 01:16 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe

    2011-03-19 04:25 . 2011-03-19 04:24 3033192 -c--a-w- c:program filesccsetup304.exe

    2011-01-27 03:18 . 2011-01-27 03:18 629968 ----a-w- c:program filesPartyPokerNetSetup.exe

    2010-04-30 06:49 . 2010-04-30 06:49 7184528 -c--a-w- c:program filesasc-setup.exe

    2010-04-30 06:42 . 2010-04-30 06:42 16409960 ----a-w- c:program filesspybotsd162.exe

    2010-04-30 06:24 . 2010-04-30 06:24 3103640 ----a-w- c:program filesspywareblastersetup43.exe

    2010-03-14 16:29 . 2010-03-14 16:28 336 ----a-w- c:program filestemp995.bat

    2008-07-11 22:39 . 2008-07-12 02:30 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll

    .

    .

    ((((((((((((((((((((((((((((( [email protected]_01.39.40 )))))))))))))))))))))))))))))))))))))))))

    .

    + 2005-09-23 03:48 . 2005-09-23 03:48 626688 c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acdmsvcr80.dll

    + 2005-09-23 03:48 . 2005-09-23 03:48 548864 c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acdmsvcp80.dll

    + 2005-09-23 03:48 . 2005-09-23 03:48 479232 c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acdmsvcm80.dll

    + 2003-01-24 12:54 . 2012-01-07 02:05 571112 c:windowssystem32perfh009.dat

    - 2003-01-24 12:54 . 2012-01-05 02:10 571112 c:windowssystem32perfh009.dat

    - 2003-01-24 12:54 . 2012-01-05 02:10 109606 c:windowssystem32perfc009.dat

    + 2003-01-24 12:54 . 2012-01-07 02:05 109606 c:windowssystem32perfc009.dat

    + 2012-01-10 20:13 . 2011-11-09 00:56 223112 c:windowssystem32javaws.exe

    + 2012-01-10 20:13 . 2012-01-10 20:11 173960 c:windowssystem32javaw.exe

    + 2012-01-10 20:13 . 2012-01-10 20:11 173960 c:windowssystem32java.exe

    + 2012-01-10 23:15 . 2012-01-10 23:15 301056 c:windowsInstaller1bf9498.msi

    + 2012-01-10 20:20 . 2012-01-10 20:20 101376 c:windowsInstaller10a266e.msi

    + 2012-01-10 20:18 . 2012-01-10 20:18 375808 c:windowsInstaller10a266a.msi

    + 2012-01-10 20:14 . 2012-01-10 20:14 176128 c:windowsInstaller10a2666.msi

    + 2012-01-10 20:11 . 2012-01-10 20:11 938496 c:windowsInstaller10a2660.msi

    + 2012-01-10 20:04 . 2012-01-10 20:04 519168 c:windowsInstaller10a2659.msi

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

    "Weather"="c:program filesAWSWeatherBugWeather.exe" [2004-11-08 1597440]

    .

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

    "ZoneAlarm"="c:program filesCheckPointZoneAlarmzatray.exe" [2011-11-10 73360]

    "AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2011-12-03 2415456]

    "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2011-09-30 252296]

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]

    "NoWinKeys"= 1 (0x1)

    "NoSMMyDocs"= 1 (0x1)

    "NoFavoritesMenu"= 1 (0x1)

    .

    [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]

    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2008-05-13 77824]

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon]

    2009-12-28 20:06 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL

    .

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]

    BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]

    "aawservice"=2 (0x2)

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]

    "MSMSGS"="c:program filesMessengermsmsgs.exe" /background

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringZoneLabsFirewall]

    "DisableMonitoring"=dword:00000001

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]

    "%windir%system32sessmgr.exe"=

    "%windir%Network Diagnosticxpnetdiag.exe"=

    .

    R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [7/11/2011 1:14 AM 23120]

    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [9/13/2011 6:30 AM 32592]

    R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [10/7/2011 6:23 AM 230608]

    R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [7/11/2011 1:14 AM 295248]

    R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [5/28/2008 9:33 AM 12872]

    R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [5/28/2008 9:33 AM 67656]

    R2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [8/2/2011 6:09 AM 192776]

    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [11/3/2011 9:44 AM 27016]

    R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [7/11/2011 1:14 AM 134608]

    R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [7/11/2011 1:14 AM 24272]

    R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [10/4/2011 6:21 AM 16720]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [3/18/2010 12:16 PM 130384]

    S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driversCoachCap.sys --> c:windowssystem32driversCoachCap.sys [?]

    S3 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]

    S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys --> c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys [?]

    S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [5/28/2008 9:33 AM 12872]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

    S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filesCheckPointZAForceFieldISWSVC.exe [11/3/2011 9:44 AM 497280]

    .

    --- Other Services/Drivers In Memory ---

    .

    *NewlyCreated* - JAVAQUICKSTARTERSERVICE

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-01-10 c:windowsTasksSpeedyPC Pro.job

    - c:program filesSpeedyPC SoftwareSpeedyPCSpeedyPC.exe [2011-10-09 01:19]

    .

    2012-01-10 c:windowsTasksSpeedyPC Registration3.job

    - c:program filesCommon FilesSpeedyPC SoftwareUUS3UUS3.dll [2011-10-06 16:18]

    .

    2012-01-10 c:windowsTasksSpeedyPC Update Version3.job

    - c:program filesCommon FilesSpeedyPC SoftwareUUS3SpeedyPC_Update3.exe [2011-10-06 16:18]

    .

    2012-01-11 c:windowsTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job

    - c:windowssystem32msfeedssync.exe [2009-03-08 09:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.facebook.com/login.php

    uDefault_Search_URL =

    mSearch Bar =

    uInternet Connection Wizard,ShellNext = iexplore

    uSearchAssistant =

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: Google Sidewiki... - c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

    DPF: DirectAnimation Java Classes - file://c:windowsJavaclassesdajava.cab

    DPF: Microsoft XML Parser for Java - file://c:windowsJavaclassesxmldso.cab

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-01-10 21:34

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(876)

    c:program filesSUPERAntiSpywareSASWINLO.DLL

    c:windowssystem32WININET.dll

    .

    - - - - - - - > 'explorer.exe'(3408)

    c:windowssystem32WININET.dll

    c:windowssystem32ieframe.dll

    c:windowssystem32webcheck.dll

    .

    Completion time: 2012-01-10 21:46:20

    ComboFix-quarantined-files.txt 2012-01-11 02:46

    ComboFix2.txt 2012-01-08 17:14

    ComboFix3.txt 2012-01-07 22:20

    ComboFix4.txt 2012-01-07 01:46

    .

    Pre-Run: 22,403,788,800 bytes free

    Post-Run: 22,719,541,248 bytes free

    .

    - - End Of File - - 9433602565FE54E240D164D22EECD3C0


  2. .

    DDS (Ver_2011-08-26.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.2.1

    Run by Owner at 17:34:10 on 2012-01-10

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.75 [GMT -5:00]

    .

    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    FW: ZoneAlarm Free Firewall *Enabled*

    .

    ============== Running Processes ===============

    .

    C:PROGRA~1AVGAVG2012avgrsx.exe

    C:Program FilesAVGAVG2012avgcsrvx.exe

    C:WINDOWSsystem32svchost.exe -k DcomLaunch

    svchost.exe

    C:WINDOWSSystem32svchost.exe -k netsvcs

    C:Program FilesCheckPointZoneAlarmvsmon.exe

    C:WINDOWSExplorer.EXE

    C:WINDOWSSystem32svchost.exe -k netsvcs

    C:WINDOWSsystem32spoolsv.exe

    C:Program FilesAVGAVG2012avgwdsvc.exe

    C:WINDOWSsystem32HPZipm12.exe

    C:WINDOWSSystem32snmp.exe

    C:Program FilesAVGAVG2012AVGIDSAgent.exe

    C:Program FilesAVGAVG2012avgnsx.exe

    C:Program FilesAVGAVG2012avgemcx.exe

    C:Program FilesCheckPointZoneAlarmzatray.exe

    C:Program FilesAVGAVG2012avgtray.exe

    C:Program FilesAWSWeatherBugWeather.exe

    C:Program FilesInternet Exploreriexplore.exe

    C:Program FilesInternet Exploreriexplore.exe

    C:WINDOWSSystem32svchost.exe -k imgsvc

    C:Program FilesJavajre7binjqs.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.facebook.com/login.php

    uDefault_Search_URL =

    mSearch Bar =

    uInternet Connection Wizard,ShellNext = iexplore

    uSearchAssistant =

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg2012avgssie.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesoraclejavafx 2.0 runtimebinjp2ssv.dll

    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

    TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File

    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:program filescheckpointzaforcefieldtrustcheckerbinTrustCheckerIEPlugin.dll

    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

    uRun: [Weather] c:program filesawsweatherbugWeather.exe 1

    mRun: [ZoneAlarm] c:program filescheckpointzonealarmzatray.exe

    mRun: [AVG_TRAY] "c:program filesavgavg2012avgtray.exe"

    mRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe"

    uPolicies-explorer: NoWinKeys = 1 (0x1)

    uPolicies-explorer: NoSMMyDocs = 1 (0x1)

    uPolicies-explorer: NoFavoritesMenu = 1 (0x1)

    IE: Google Sidewiki... - c:program filesgooglegoogle toolbarcomponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe

    DPF: DirectAnimation Java Classes - file://c:windowsjavaclassesdajava.cab

    DPF: Microsoft XML Parser for Java - file://c:windowsjavaclassesxmldso.cab

    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab

    DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

    TCP: Interfaces{733D3642-D733-402B-95C3-B9CFE83B7BA9} : DhcpNameServer = 209.18.47.61 209.18.47.62

    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:program filesbelarcadvisorsystemBAVoilaX.dll

    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program filesavgavg2012avgpp.dll

    Notify: !SASWinLogon - c:program filessuperantispywareSASWINLO.DLL

    Notify: igfxcui - igfxsrvc.dll

    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:program filessuperantispywareSASSEH.DLL

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [2011-7-11 23120]

    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [2011-9-13 32592]

    R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [2011-10-7 230608]

    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32driversavgmfx86.sys [2011-8-8 40016]

    R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [2011-7-11 295248]

    R1 SASDIFSV;SASDIFSV;c:program filessuperantispywareSASDIFSV.SYS [2008-5-28 12872]

    R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2008-5-28 67656]

    R1 Vsdatant;vsdatant;c:windowssystem32vsdatant.sys [2011-11-9 525840]

    R2 AVGIDSAgent;AVGIDSAgent;c:program filesavgavg2012AVGIDSAgent.exe [2011-10-12 4433248]

    R2 avgwd;AVG WatchDog;c:program filesavgavg2012avgwdsvc.exe [2011-8-2 192776]

    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filescheckpointzaforcefieldISWKL.sys [2011-11-3 27016]

    R2 vsmon;TrueVector Internet Monitor;c:program filescheckpointzonealarmvsmon.exe -service --> c:program filescheckpointzonealarmvsmon.exe -service [?]

    R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [2011-7-11 134608]

    R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [2011-7-11 24272]

    R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [2011-10-4 16720]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

    S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driverscoachcap.sys --> c:windowssystem32driversCoachCap.sys [?]

    S3 cpuz132;cpuz132;??c:docume~1ownerlocals~1tempcpuz132cpuz132_x32.sys --> c:docume~1ownerlocals~1tempcpuz132cpuz132_x32.sys [?]

    S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1pc-doc~1diagno~1pcdrdrv.sys --> c:progra~1pc-doc~1diagno~1PCDRDRV.sys [?]

    S3 SASENUM;SASENUM;c:program filessuperantispywareSASENUM.SYS [2008-5-28 12872]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2010-3-18 753504]

    S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filescheckpointzaforcefieldISWSVC.exe [2011-11-3 497280]

    .

    =============== Created Last 30 ================

    .

    2012-01-10 20:17:37 -------- d-----w- c:program filesOracle

    2012-01-10 20:13:38 637848 ----a-w- c:windowssystem32npdeployJava1.dll

    2012-01-10 20:13:37 567184 ----a-w- c:windowssystem32deployJava1.dll

    2012-01-10 05:56:28 -------- d-----w- c:documents and settingsownerapplication dataDriverCure

    2012-01-10 05:56:24 -------- d-----w- c:documents and settingsownerapplication dataSpeedyPC Software

    2012-01-10 05:55:23 -------- d-----w- c:program filescommon filesSpeedyPC Software

    2012-01-10 05:55:13 -------- d-----w- c:program filesSpeedyPC Software

    2012-01-10 05:55:13 -------- d-----w- c:documents and settingsall usersapplication dataSpeedyPC Software

    2012-01-09 19:06:33 -------- d-----w- c:program filesFoxit Software

    2012-01-09 06:31:10 -------- d-----w- C:_OTL

    2012-01-08 02:15:14 -------- d-----w- c:program filesESET

    2012-01-07 04:55:33 -------- d-----w- C:$AVG

    2012-01-07 01:24:15 -------- d-sha-r- C:cmdcons

    2012-01-06 16:43:14 98816 ----a-w- c:windowssed.exe

    2012-01-06 16:43:14 518144 ----a-w- c:windowsSWREG.exe

    2012-01-06 16:43:14 256000 ----a-w- c:windowsPEV.exe

    2012-01-06 16:43:14 208896 ----a-w- c:windowsMBR.exe

    2012-01-06 01:30:03 -------- d-----w- c:documents and settingsownerapplication dataAVG2012

    2012-01-06 01:25:52 -------- d-----w- c:windowssystem32driversAVG

    2012-01-06 01:25:52 -------- d-----w- c:documents and settingsall usersapplication dataAVG2012

    2012-01-06 01:07:57 -------- d--h--w- c:documents and settingsall usersapplication dataCommon Files

    2012-01-06 01:02:02 -------- d-----w- c:documents and settingsall usersapplication dataMFAData

    2012-01-04 02:39:47 -------- d-----w- C:HiJack This

    2012-01-04 02:37:50 388096 ----a-r- c:documents and settingsownerapplication datamicrosoftinstaller{45a66726-69bc-466b-a7a4-12fcba4883d7}HiJackThis.exe

    2012-01-04 02:37:49 -------- d-----w- c:program filesTrend Micro

    2012-01-02 04:54:16 -------- d-----w- C:Pictures

    2012-01-01 17:22:50 0 ----a-w- c:documents and settingsownerReset_IE_Windows.reg

    2011-12-31 20:49:48 -------- d-----w- c:documents and settingsall usersapplication dataBlueSprig

    2011-12-28 13:13:58 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

    2011-12-22 02:07:26 38160 ----a-w- c:windowssystem32LMRTREND.dll

    2011-12-22 02:07:24 140800 ----a-w- c:windowssystem32tm20dec.ax

    2011-12-22 02:07:20 182032 ----a-w- c:windowssystem32dxtmsft3.dll

    2011-12-22 02:06:38 63488 ----a-w- c:windowssystem32unam4ie.exe

    2011-12-22 02:06:26 5672 ----a-w- c:windowssystem32quartz.vxd

    2011-12-22 02:06:26 11776 ----a-w- c:windowssystem32mciqtz.drv

    2011-12-22 02:06:26 10240 ----a-w- c:windowssystem32vidx16.dll

    2011-12-22 02:06:22 194320 ----a-w- c:windowssystem32qcut.dll

    2011-12-22 02:06:17 4608 ----a-w- c:windowssystem32w95inf32.dll

    2011-12-22 02:06:16 2272 ----a-w- c:windowssystem32w95inf16.dll

    2011-12-22 02:05:47 77312 ----a-w- c:windowssystem32TWAIN_32.DLL

    2011-12-22 01:44:15 20992 ----a-w- c:windowssystem32dshowext.ax

    2011-12-19 01:22:16 22 --sha-w- c:documents and settingsownerapplication dataSys2662.Config.Repository.bin

    2011-12-19 01:21:18 -------- d-----w- c:program filesjv16 PowerTools 2011

    2011-12-19 01:11:43 20464 ----a-w- c:windowssystem32driversmbam.sys

    2011-12-19 01:11:43 -------- d-----w- c:program filesMalwarebytes' Anti-Malware

    2011-12-17 15:31:39 -------- d-----w- c:program filescommon filesHewlett-Packard

    2011-12-17 15:27:43 61440 ----a-w- c:windowssystem32HPZinw12.exe

    2011-12-17 15:27:42 94208 ----a-w- c:windowssystem32HPZipt12.dll

    2011-12-17 15:27:42 69632 ----a-w- c:windowssystem32HPZipm12.exe

    2011-12-17 15:27:42 57344 ----a-w- c:windowssystem32HPZisn12.dll

    2011-12-17 15:27:42 204800 ----a-w- c:windowssystem32HPZipr12.dll

    2011-12-17 15:27:41 278584 ----a-w- c:windowssystem32HPZidr12.dll

    2011-12-17 15:24:17 180315 ----a-w- c:windowssystem32hpzsnt12.dll

    .

    ==================== Find3M ====================

    .

    2011-11-23 13:25:32 1859584 ----a-w- c:windowssystem32win32k.sys

    2011-11-09 00:56:48 141312 ----a-w- c:windowssystem32javacpl.cpl

    2011-11-04 19:20:51 916992 ----a-w- c:windowssystem32wininet.dll

    2011-11-04 19:20:51 43520 ----a-w- c:windowssystem32licmgr10.dll

    2011-11-04 19:20:51 1469440 ------w- c:windowssystem32inetcpl.cpl

    2011-11-04 11:23:59 385024 ----a-w- c:windowssystem32html.iec

    2011-11-01 16:07:10 1288704 ----a-w- c:windowssystem32ole32.dll

    2011-10-28 05:31:48 33280 ----a-w- c:windowssystem32csrsrv.dll

    2011-10-25 13:37:08 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe

    2011-10-25 12:52:02 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe

    2011-10-18 11:13:22 186880 -c--a-w- c:windowssystem32encdec.dll

    2011-10-17 18:48:01 21035 ----a-w- c:windowssystem32driversAegisP.sys

    2011-03-21 01:17:08 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe

    2011-03-19 04:25:01 3033192 -c--a-w- c:program filesccsetup304.exe

    2011-01-27 03:18:38 629968 ----a-w- c:program filesPartyPokerNetSetup.exe

    2010-04-30 06:49:25 7184528 -c--a-w- c:program filesasc-setup.exe

    2010-04-30 06:42:28 16409960 ----a-w- c:program filesspybotsd162.exe

    2010-04-30 06:24:07 3103640 ----a-w- c:program filesspywareblastersetup43.exe

    2010-03-14 16:29:04 336 ----a-w- c:program filestemp995.bat

    2008-07-11 22:39:17 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll

    .

    ============= FINISH: 17:38:08.09 ===============

     

     

     

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows XP Home Edition

    Boot Device: DeviceHarddiskVolume2

    Install Date: 12/29/2007 10:25:58 PM

    System Uptime: 1/10/2012 10:05:58 AM (7 hours ago)

    .

    Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-6390

    Processor: AMD Athlon XP 2200+ | Socket A | 1798/133mhz

    .

    ==== Disk Partitions =========================

    .

    A: is Removable

    C: is FIXED (NTFS) - 33 GiB total, 21.017 GiB free.

    D: is FIXED (FAT32) - 4 GiB total, 0.782 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP467: 1/9/2012 11:33:37 AM - System Checkpoint

    RP468: 1/9/2012 2:13:18 PM - Removed Adobe Reader 7.0

    RP469: 1/10/2012 3:02:33 PM - Installed Java SE Development Kit 7 Update 2

    RP470: 1/10/2012 3:11:10 PM - Installed Java 7 Update 2

    RP471: 1/10/2012 3:17:16 PM - Installed JavaFX 2.0.2 SDK

    RP472: 1/10/2012 3:19:37 PM - Installed JavaFX 2.0.2

    .

    ==== Installed Programs ======================

    .

    .

    Adobe Flash Player 11 ActiveX

    Adobe Shockwave Player 11

    AiO_Scan

    AVG 2012

    Belarc Advisor 6.1

    CCleaner

    CCScore

    CDBurnerXP

    Coloreal

    EasyCleaner

    ESET Online Scanner v3

    essvatgt

    fflink

    Foxit Reader 5.1

    Garmin Communicator Plugin

    Garmin POI Loader

    Garmin USB Drivers

    H&R Block Deluxe + Efile + State 2010

    H&R Block North Carolina 2010

    HiJackThis

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Windows Media Format 11 SDK (KB929399)

    Hotfix for Windows XP (KB2158563)

    Hotfix for Windows XP (KB2443685)

    Hotfix for Windows XP (KB2570791)

    Hotfix for Windows XP (KB2633952)

    Hotfix for Windows XP (KB952287)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB961118)

    Hotfix for Windows XP (KB976098-v2)

    Hotfix for Windows XP (KB979306)

    Hotfix for Windows XP (KB981793)

    HP PSC & OfficeJet 5.3.B

    Intel® Extreme Graphics Driver Software

    Java Auto Updater

    Java 6 Update 3

    Java 7 Update 2

    Java SE Development Kit 7 Update 2

    JavaFX 2.0.2

    JavaFX 2.0.2 SDK

    jv16 PowerTools 2011

    kgcbaby

    kgcbase

    kgchday

    kgchlwn

    kgcinvt

    kgckids

    kgcmove

    kgcvday

    Malwarebytes Anti-Malware version 1.60.0.1800

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 4 Client Profile

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

    Microsoft User-Mode Driver Framework Feature Pack 1.0

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Mp3 Tag Tools v1.2

    MSXML 4.0 SP2 (KB936181)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    netbrdg

    NVIDIA Windows 2000/XP Display Drivers

    OfotoXMI

    PartyPoker.net

    QFolder

    Scan

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft Windows (KB2564958)

    Security Update for Step By Step Interactive Training (KB898458)

    Security Update for Step By Step Interactive Training (KB923723)

    Security Update for Windows Internet Explorer 8 (KB2183461)

    Security Update for Windows Internet Explorer 8 (KB2360131)

    Security Update for Windows Internet Explorer 8 (KB2416400)

    Security Update for Windows Internet Explorer 8 (KB2482017)

    Security Update for Windows Internet Explorer 8 (KB2497640)

    Security Update for Windows Internet Explorer 8 (KB2510531)

    Security Update for Windows Internet Explorer 8 (KB2530548)

    Security Update for Windows Internet Explorer 8 (KB2544521)

    Security Update for Windows Internet Explorer 8 (KB2559049)

    Security Update for Windows Internet Explorer 8 (KB2586448)

    Security Update for Windows Internet Explorer 8 (KB2618444)

    Security Update for Windows Internet Explorer 8 (KB971961)

    Security Update for Windows Internet Explorer 8 (KB976325)

    Security Update for Windows Internet Explorer 8 (KB978207)

    Security Update for Windows Internet Explorer 8 (KB981332)

    Security Update for Windows Internet Explorer 8 (KB982381)

    Security Update for Windows Media Player (KB2378111)

    Security Update for Windows Media Player (KB911564)

    Security Update for Windows Media Player (KB952069)

    Security Update for Windows Media Player (KB954155)

    Security Update for Windows Media Player (KB968816)

    Security Update for Windows Media Player (KB973540)

    Security Update for Windows Media Player (KB975558)

    Security Update for Windows Media Player (KB978695)

    Security Update for Windows Media Player (KB979402)

    Security Update for Windows Media Player 6.4 (KB925398)

    Security Update for Windows Media Player 9 (KB911565)

    Security Update for Windows Media Player 9 (KB936782)

    Security Update for Windows XP (KB2079403)

    Security Update for Windows XP (KB2115168)

    Security Update for Windows XP (KB2121546)

    Security Update for Windows XP (KB2160329)

    Security Update for Windows XP (KB2229593)

    Security Update for Windows XP (KB2259922)

    Security Update for Windows XP (KB2279986)

    Security Update for Windows XP (KB2286198)

    Security Update for Windows XP (KB2296011)

    Security Update for Windows XP (KB2296199)

    Security Update for Windows XP (KB2347290)

    Security Update for Windows XP (KB2360937)

    Security Update for Windows XP (KB2387149)

    Security Update for Windows XP (KB2393802)

    Security Update for Windows XP (KB2412687)

    Security Update for Windows XP (KB2419632)

    Security Update for Windows XP (KB2423089)

    Security Update for Windows XP (KB2436673)

    Security Update for Windows XP (KB2440591)

    Security Update for Windows XP (KB2443105)

    Security Update for Windows XP (KB2476490)

    Security Update for Windows XP (KB2476687)

    Security Update for Windows XP (KB2478960)

    Security Update for Windows XP (KB2478971)

    Security Update for Windows XP (KB2479628)

    Security Update for Windows XP (KB2479943)

    Security Update for Windows XP (KB2481109)

    Security Update for Windows XP (KB2483185)

    Security Update for Windows XP (KB2485376)

    Security Update for Windows XP (KB2485663)

    Security Update for Windows XP (KB2491683)

    Security Update for Windows XP (KB2503658)

    Security Update for Windows XP (KB2503665)

    Security Update for Windows XP (KB2506212)

    Security Update for Windows XP (KB2506223)

    Security Update for Windows XP (KB2507618)

    Security Update for Windows XP (KB2507938)

    Security Update for Windows XP (KB2508272)

    Security Update for Windows XP (KB2508429)

    Security Update for Windows XP (KB2509553)

    Security Update for Windows XP (KB2511455)

    Security Update for Windows XP (KB2524375)

    Security Update for Windows XP (KB2535512)

    Security Update for Windows XP (KB2536276-v2)

    Security Update for Windows XP (KB2536276)

    Security Update for Windows XP (KB2544893-v2)

    Security Update for Windows XP (KB2544893)

    Security Update for Windows XP (KB2555917)

    Security Update for Windows XP (KB2562937)

    Security Update for Windows XP (KB2566454)

    Security Update for Windows XP (KB2567053)

    Security Update for Windows XP (KB2567680)

    Security Update for Windows XP (KB2570222)

    Security Update for Windows XP (KB2570947)

    Security Update for Windows XP (KB2592799)

    Security Update for Windows XP (KB2618451)

    Security Update for Windows XP (KB2619339)

    Security Update for Windows XP (KB2620712)

    Security Update for Windows XP (KB2624667)

    Security Update for Windows XP (KB2633171)

    Security Update for Windows XP (KB2639417)

    Security Update for Windows XP (KB923561)

    Security Update for Windows XP (KB938464)

    Security Update for Windows XP (KB941569)

    Security Update for Windows XP (KB946648)

    Security Update for Windows XP (KB950759)

    Security Update for Windows XP (KB950760)

    Security Update for Windows XP (KB950762)

    Security Update for Windows XP (KB950974)

    Security Update for Windows XP (KB951066)

    Security Update for Windows XP (KB951376-v2)

    Security Update for Windows XP (KB951376)

    Security Update for Windows XP (KB951698)

    Security Update for Windows XP (KB951748)

    Security Update for Windows XP (KB952004)

    Security Update for Windows XP (KB952954)

    Security Update for Windows XP (KB953838)

    Security Update for Windows XP (KB953839)

    Security Update for Windows XP (KB954211)

    Security Update for Windows XP (KB954459)

    Security Update for Windows XP (KB954600)

    Security Update for Windows XP (KB955069)

    Security Update for Windows XP (KB956390)

    Security Update for Windows XP (KB956391)

    Security Update for Windows XP (KB956572)

    Security Update for Windows XP (KB956744)

    Security Update for Windows XP (KB956802)

    Security Update for Windows XP (KB956803)

    Security Update for Windows XP (KB956841)

    Security Update for Windows XP (KB956844)

    Security Update for Windows XP (KB957095)

    Security Update for Windows XP (KB957097)

    Security Update for Windows XP (KB958215)

    Security Update for Windows XP (KB958644)

    Security Update for Windows XP (KB958687)

    Security Update for Windows XP (KB958690)

    Security Update for Windows XP (KB958869)

    Security Update for Windows XP (KB959426)

    Security Update for Windows XP (KB960225)

    Security Update for Windows XP (KB960714)

    Security Update for Windows XP (KB960715)

    Security Update for Windows XP (KB960803)

    Security Update for Windows XP (KB960859)

    Security Update for Windows XP (KB961371)

    Security Update for Windows XP (KB961373)

    Security Update for Windows XP (KB961501)

    Security Update for Windows XP (KB963027)

    Security Update for Windows XP (KB968537)

    Security Update for Windows XP (KB969059)

    Security Update for Windows XP (KB969897)

    Security Update for Windows XP (KB969947)

    Security Update for Windows XP (KB970238)

    Security Update for Windows XP (KB970430)

    Security Update for Windows XP (KB971468)

    Security Update for Windows XP (KB971486)

    Security Update for Windows XP (KB971557)

    Security Update for Windows XP (KB971633)

    Security Update for Windows XP (KB971657)

    Security Update for Windows XP (KB971961)

    Security Update for Windows XP (KB972270)

    Security Update for Windows XP (KB973346)

    Security Update for Windows XP (KB973354)

    Security Update for Windows XP (KB973507)

    Security Update for Windows XP (KB973525)

    Security Update for Windows XP (KB973869)

    Security Update for Windows XP (KB973904)

    Security Update for Windows XP (KB974112)

    Security Update for Windows XP (KB974318)

    Security Update for Windows XP (KB974392)

    Security Update for Windows XP (KB974571)

    Security Update for Windows XP (KB975467)

    Security Update for Windows XP (KB975560)

    Security Update for Windows XP (KB975561)

    Security Update for Windows XP (KB975562)

    Security Update for Windows XP (KB975713)

    Security Update for Windows XP (KB976325)

    Security Update for Windows XP (KB977165-v2)

    Security Update for Windows XP (KB977816)

    Security Update for Windows XP (KB977914)

    Security Update for Windows XP (KB978037)

    Security Update for Windows XP (KB978251)

    Security Update for Windows XP (KB978262)

    Security Update for Windows XP (KB978338)

    Security Update for Windows XP (KB978542)

    Security Update for Windows XP (KB978601)

    Security Update for Windows XP (KB978706)

    Security Update for Windows XP (KB979309)

    Security Update for Windows XP (KB979482)

    Security Update for Windows XP (KB979559)

    Security Update for Windows XP (KB979683)

    Security Update for Windows XP (KB979687)

    Security Update for Windows XP (KB980195)

    Security Update for Windows XP (KB980218)

    Security Update for Windows XP (KB980232)

    Security Update for Windows XP (KB980436)

    Security Update for Windows XP (KB981322)

    Security Update for Windows XP (KB981852)

    Security Update for Windows XP (KB981957)

    Security Update for Windows XP (KB981997)

    Security Update for Windows XP (KB982132)

    Security Update for Windows XP (KB982214)

    Security Update for Windows XP (KB982665)

    Security Update for Windows XP (KB982802)

    SFR

    SHASTA

    skin0001

    SKINXSDK

    SpeedyPC Pro

    Spybot - Search & Destroy 1.5.2.20

    SpywareBlaster 4.5

    staticcr

    SUPERAntiSpyware Free Edition

    tooltips

    Unity Web Player

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Windows Internet Explorer 8 (KB976662)

    Update for Windows Internet Explorer 8 (KB978506)

    Update for Windows Internet Explorer 8 (KB980182)

    Update for Windows XP (KB2141007)

    Update for Windows XP (KB2345886)

    Update for Windows XP (KB2467659)

    Update for Windows XP (KB2541763)

    Update for Windows XP (KB2616676-v2)

    Update for Windows XP (KB2641690)

    Update for Windows XP (KB951072-v2)

    Update for Windows XP (KB951978)

    Update for Windows XP (KB955759)

    Update for Windows XP (KB955839)

    Update for Windows XP (KB967715)

    Update for Windows XP (KB968389)

    Update for Windows XP (KB971029)

    Update for Windows XP (KB971737)

    Update for Windows XP (KB973687)

    Update for Windows XP (KB973815)

    Update for Windows XP (KB978207)

    VC 9.0 Runtime

    VIA Rhine-Family Fast Ethernet Adapter

    VPRINTOL

    WD Diagnostics

    WeatherBug

    WebFldrs XP

    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Internet Explorer 8

    Windows Media Format 11 runtime

    Windows XP Service Pack 3

    WinPatrol 2008

    WIRELESS

    ZoneAlarm Firewall

    ZoneAlarm Free

    ZoneAlarm Security

    ZoneAlarm Toolbar

    .

    ==== Event Viewer Messages From Past Week ========

    .

    1/9/2012 1:31:14 AM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).

    1/7/2012 5:03:09 PM, error: PlugPlayManager [11] - The device RootLEGACY_ESIHDRV0000 disappeared from the system without first being prepared for removal.

    1/6/2012 8:57:06 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Avgldx86 Avgmfx86 Avgtdix BANTExt Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip Vsdatant

    1/6/2012 8:57:06 AM, error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Vsdatant service which failed to start because of the following error: A device attached to the system is not functioning.

    1/6/2012 8:57:06 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.

    1/6/2012 8:56:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    1/6/2012 8:47:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

    1/6/2012 8:20:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 Avgldx86 Avgmfx86 BANTExt Fips MRxSmb Rdbss SASDIFSV SASKUTIL

    1/6/2012 8:20:16 PM, error: Service Control Manager [7023] - The Workstation service terminated with the following error: The system cannot find the file specified.

    1/6/2012 8:20:16 PM, error: Service Control Manager [7023] - The Server service terminated with the following error: The system cannot find the file specified.

    1/6/2012 8:20:16 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The system cannot find the file specified.

    1/6/2012 8:04:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

    1/6/2012 8:00:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Avgldx86 Avgmfx86 Avgtdix BANTExt Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip Vsdatant WS2IFSL

    1/5/2012 12:20:29 PM, error: atapi [9] - The device, DeviceIdeIdePort0, did not respond within the timeout period.

    1/4/2012 8:27:58 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.

    1/3/2012 4:02:11 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: agp440 nv_agp

    1/3/2012 4:02:11 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    1/3/2012 4:02:11 PM, error: Service Control Manager [7000] - The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: The system cannot find the file specified.

    1/3/2012 4:01:41 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

    .

    ==== End Of File ===========================


  3. Hi Jeff,

     

    I downloaded JavaRa and ran it. It produced the following report. I went to the Java website and could not determine which of the download options I should get for my computer. I saw 2 for win xp, win86 and win64 ( I have 32 bit version ). I dumped Adobe and downloaded the Foxit Reader. The system seems to be a bit quicker now.

     

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Jan 09 18:26:46 2012

    Found and removed: JavaPlugin.FamilyVersionSupport

    Found and removed: CLSID{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

    Found and removed: CLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

    Found and removed: JavaScript

    Found and removed: JavaScript Author

    Found and removed: JavaScript1.1

    Found and removed: JavaScript1.1 Author

    Found and removed: JavaScript1.2

    Found and removed: JavaScript1.2 Author

    Found and removed: SoftwareClassesCLSID{E19F9331-3110-11D4-991C-005004D3B3DB}

    Found and removed: SoftwareClassesJavaPlugin.160_03

    Found and removed: SoftwareJavaSoftJava Update

    Found and removed: SoftwareJavaSoftJava Runtime Environment1.6.0_03

    Found and removed: SoftwareJavaSoftJava2D1.5.0_03

    Found and removed: SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

    Found and removed: SOFTWAREClassesJavaPlugin

    Found and removed: SOFTWAREClassesJavaPlugin.160_03

    Found and removed: SOFTWAREJavaSoftJava Plug-in1.6.0_03

    Found and removed: SOFTWAREJavaSoftJava Runtime Environment1.6

    Found and removed: SOFTWAREJavaSoftJava Runtime Environment1.6.0_03

    Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1

    Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1_02

    Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1_03

    Found and removed: SOFTWAREJavaSoftJava Web Start1.0.1_04

    Found and removed: SOFTWAREJavaSoftJava Web Start1.2

    Found and removed: SOFTWAREJavaSoftJava Web Start1.2.0_01

    Found and removed: SOFTWAREJavaSoftJava Web Start1.6.0_03

    Found and removed: SOFTWAREMicrosoftActive SetupInstalled Components{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    Found and removed: SOFTWAREMicrosoftWindowsCurrentVersionInstallerFoldersC:Program FilesJavajre1.6.0_03

    Found and removed: SOFTWAREMicrosoftWindowsCurrentVersionInstallerFoldersC:Program FilesCommon FilesJavaUpdateBase Imagesjre1.6.0.b105patch-jre1.6.0_03.b05

    ------------------------------------

    Finished reporting.


  4. I will look into the programs you suggested after we get finalized here, and again, I thank you for the suggestions. I just now reran OTL with the 2 checks in place and after reboot, I ran it again withOUT the checks. I also copied and pasted the same text into the Custom Scan Window. Again, I appreciate your patience with me.

     

     

    All processes killed

    ========== SERVICES/DRIVERS ==========

    ========== OTL ==========

    Error: No service named NMSAccess was found to stop!

    ServiceDriver key NMSAccess not found.

    File File not found not found.

    Error: No service named msCMTSrvc was found to stop!

    ServiceDriver key msCMTSrvc not found.

    File File not found not found.

    Error: No service named HidServ was found to stop!

    ServiceDriver key HidServ not found.

    File File not found not found.

    Error: No service named AppMgmt was found to stop!

    ServiceDriver key AppMgmt not found.

    File File not found not found.

    HKLMSOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully!

    HKLMSOFTWAREMicrosoftInternet ExplorerSearchDefault_Search_URL| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerMainDefault_Search_URL| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully!

    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{02478D38-C3F9-4efb-9B51-7695ECA05670} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk moved successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found.

    Starting removal of ActiveX control {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    ========== FILES ==========

    < ipconfig /flushdns /c >

    Windows IP Configuration

    Could not flush the DNS Resolver Cache: Function failed during execution.

    C:Documents and SettingsOwnerDesktopcmd.bat deleted successfully.

    C:Documents and SettingsOwnerDesktopcmd.txt deleted successfully.

    ========== REGISTRY ==========

    Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsListC:Program FilesBearShare ApplicationsBearShareBearShare.exe not found.

    ========== COMMANDS ==========

    C:WINDOWSSystem32driversetcHosts moved successfully.

    HOSTS file reset successfully

     

    [EMPTYJAVA]

     

    User: Administrator

     

    User: All Users

     

    User: Default User

     

    User: LocalService

     

    User: NetworkService

     

    User: Owner

    ->Java cache emptied: 0 bytes

     

    Total Java Files Cleaned = 0.00 mb

     

     

    [EMPTYFLASH]

     

    User: Administrator

     

    User: All Users

    ->Flash cache emptied: 0 bytes

     

    User: Default User

     

    User: LocalService

     

    User: NetworkService

     

    User: Owner

    ->Flash cache emptied: 470 bytes

     

    Total Flash Files Cleaned = 0.00 mb

     

     

    [EMPTYTEMP]

     

    User: Administrator

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: All Users

    ->Flash cache emptied: 0 bytes

     

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: LocalService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: NetworkService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

     

    User: Owner

    ->Temp folder emptied: 98304 bytes

    ->Temporary Internet Files folder emptied: 17819992 bytes

    ->Java cache emptied: 0 bytes

    ->Flash cache emptied: 0 bytes

     

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 0 bytes

    %systemroot%System32 .tmp files removed: 0 bytes

    %systemroot%System32dllcache .tmp files removed: 0 bytes

    %systemroot%System32drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 704 bytes

    %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes

    %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes

    RecycleBin emptied: 0 bytes

     

    Total Files Cleaned = 17.00 mb

     

    Restore points cleared and new OTL Restore Point set!

    Error: Unable to interpret <[Reboot> in the current context!

     

    OTL by OldTimer - Version 3.2.31.0 log created on 01092012_111632

    FilesFolders moved on Reboot...

    C:Documents and SettingsOwnerLocal SettingsTemp~DFACFB.tmp moved successfully.

    C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5UJFZ6UUQindex[4].htm moved successfully.

    C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5SWP3HDYJfastbutton[1].htm moved successfully.

    C:WINDOWStempZLT03fa6.TMP moved successfully.

    Registry entries deleted on Reboot...

     

     

    All processes killed

    ========== SERVICES/DRIVERS ==========

    ========== OTL ==========

    Error: No service named NMSAccess was found to stop!

    ServiceDriver key NMSAccess not found.

    File File not found not found.

    Error: No service named msCMTSrvc was found to stop!

    ServiceDriver key msCMTSrvc not found.

    File File not found not found.

    Error: No service named HidServ was found to stop!

    ServiceDriver key HidServ not found.

    File File not found not found.

    Error: No service named AppMgmt was found to stop!

    ServiceDriver key AppMgmt not found.

    File File not found not found.

    HKLMSOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully!

    HKLMSOFTWAREMicrosoftInternet ExplorerSearchDefault_Search_URL| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerMainDefault_Search_URL| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully!

    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{02478D38-C3F9-4efb-9B51-7695ECA05670} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found.

    Starting removal of ActiveX control {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    ========== FILES ==========

    < ipconfig /flushdns /c >

    Windows IP Configuration

    Could not flush the DNS Resolver Cache: Function failed during execution.

    C:Documents and SettingsOwnerDesktopcmd.bat deleted successfully.

    C:Documents and SettingsOwnerDesktopcmd.txt deleted successfully.

    ========== REGISTRY ==========

    Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsListC:Program FilesBearShare ApplicationsBearShareBearShare.exe not found.

    ========== COMMANDS ==========

    C:WINDOWSSystem32driversetcHosts moved successfully.

    HOSTS file reset successfully

     

    [EMPTYJAVA]

     

    User: Administrator

     

    User: All Users

     

    User: Default User

     

    User: LocalService

     

    User: NetworkService

     

    User: Owner

    ->Java cache emptied: 0 bytes

     

    Total Java Files Cleaned = 0.00 mb

     

     

    [EMPTYFLASH]

     

    User: Administrator

     

    User: All Users

    ->Flash cache emptied: 0 bytes

     

    User: Default User

     

    User: LocalService

     

    User: NetworkService

     

    User: Owner

    ->Flash cache emptied: 456 bytes

     

    Total Flash Files Cleaned = 0.00 mb

     

     

    [EMPTYTEMP]

     

    User: Administrator

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: All Users

    ->Flash cache emptied: 0 bytes

     

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: LocalService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: NetworkService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

     

    User: Owner

    ->Temp folder emptied: 49152 bytes

    ->Temporary Internet Files folder emptied: 3271520 bytes

    ->Java cache emptied: 0 bytes

    ->Flash cache emptied: 0 bytes

     

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 0 bytes

    %systemroot%System32 .tmp files removed: 0 bytes

    %systemroot%System32dllcache .tmp files removed: 0 bytes

    %systemroot%System32drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 256 bytes

    %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes

    %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes

    RecycleBin emptied: 0 bytes

     

    Total Files Cleaned = 3.00 mb

     

    Restore points cleared and new OTL Restore Point set!

    Error: Unable to interpret <[Reboot> in the current context!

     

    OTL by OldTimer - Version 3.2.31.0 log created on 01092012_113257

    FilesFolders moved on Reboot...

    C:Documents and SettingsOwnerLocal SettingsTemp~DF4493.tmp moved successfully.

    C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5M44Q85V2index[1].htm moved successfully.

    C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE50D26PN4Kfastbutton[1].htm moved successfully.

    FileFolder C:WINDOWStempZLT03fd2.TMP not found!

    Registry entries deleted on Reboot...


  5. I would appreciate any suggestions, even on software. Indeed send the info. I am posting this first scan, but I just noticed that the 2nd scan (after reboot) is to be done without the LOP Check or Purity boxes checked. Before doing the 2nd scan, I wanted to be sure I was doing this correctly. I ran first scan with those boxes not checked. Will I also need to copy contents of the box for 2nd run? For what is worth, after the reboot, I was missing an icon off the desktop. Party Poker. Was not uninstalled just icon was snatched. My home page was also changed to MSN.com. Did you expect this? Thanks for your patience and time.

     

     

     

    All processes killed

    ========== SERVICES/DRIVERS ==========

    ========== OTL ==========

    Service NMSAccess stopped successfully!

    Service NMSAccess deleted successfully!

    File File not found not found.

    Service msCMTSrvc stopped successfully!

    Service msCMTSrvc deleted successfully!

    File File not found not found.

    Service HidServ stopped successfully!

    Service HidServ deleted successfully!

    File File not found not found.

    Service AppMgmt stopped successfully!

    Service AppMgmt deleted successfully!

    File File not found not found.

    HKLMSOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully!

    HKLMSOFTWAREMicrosoftInternet ExplorerSearchDefault_Search_URL| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerMainDefault_Search_URL| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

    HKCUSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully!

    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{02478D38-C3F9-4efb-9B51-7695ECA05670} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

    Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk moved successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F4430FE8-2638-42e5-B849-800749B94EED} not found.

    File C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk not found.

    Starting removal of ActiveX control {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} deleted successfully.

    Registry key HKEY_CURRENT_USERSOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} deleted successfully.

    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} not found.

    ========== FILES ==========

    < ipconfig /flushdns /c >

    Windows IP Configuration

    Could not flush the DNS Resolver Cache: Function failed during execution.

    C:Documents and SettingsOwnerDesktopcmd.bat deleted successfully.

    C:Documents and SettingsOwnerDesktopcmd.txt deleted successfully.

    ========== REGISTRY ==========

    Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsListC:Program FilesBearShare ApplicationsBearShareBearShare.exe deleted successfully.

    ========== COMMANDS ==========

    C:WINDOWSSystem32driversetcHosts moved successfully.

    HOSTS file reset successfully

     

    [EMPTYJAVA]

     

    User: Administrator

     

    User: All Users

     

    User: Default User

     

    User: LocalService

     

    User: NetworkService

     

    User: Owner

    ->Java cache emptied: 0 bytes

     

    Total Java Files Cleaned = 0.00 mb

     

     

    [EMPTYFLASH]

     

    User: Administrator

     

    User: All Users

    ->Flash cache emptied: 70 bytes

     

    User: Default User

     

    User: LocalService

     

    User: NetworkService

     

    User: Owner

    ->Flash cache emptied: 875 bytes

     

    Total Flash Files Cleaned = 0.00 mb

     

     

    [EMPTYTEMP]

     

    User: Administrator

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 67 bytes

     

    User: All Users

    ->Flash cache emptied: 0 bytes

     

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: LocalService

    ->Temp folder emptied: 65984 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

     

    User: NetworkService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 32902 bytes

     

    User: Owner

    ->Temp folder emptied: 82346 bytes

    ->Temporary Internet Files folder emptied: 19923376 bytes

    ->Java cache emptied: 0 bytes

    ->Flash cache emptied: 0 bytes

     

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 0 bytes

    %systemroot%System32 .tmp files removed: 0 bytes

    %systemroot%System32dllcache .tmp files removed: 0 bytes

    %systemroot%System32drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 704 bytes

    %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes

    %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 33170 bytes

    RecycleBin emptied: 334885 bytes

     

    Total Files Cleaned = 20.00 mb

     

    Restore points cleared and new OTL Restore Point set!

    Error: Unable to interpret <[Reboot> in the current context!

     

    OTL by OldTimer - Version 3.2.31.0 log created on 01092012_013110

    FilesFolders moved on Reboot...

    C:Documents and SettingsOwnerLocal SettingsTemp~DF1DCA.tmp moved successfully.

    C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5RPNXNFS9index[2].htm moved successfully.

    C:Documents and SettingsOwnerLocal SettingsTemporary Internet FilesContent.IE5NGP2N8CBfastbutton[1].htm moved successfully.

    FileFolder C:WINDOWStempZLT016ad.TMP not found!

    Registry entries deleted on Reboot...


  6. OTL Extras logfile created on: 1/8/2012 6:24:09 PM - Run 1

    OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsOwnerDesktop

    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

    Internet Explorer (Version = 8.0.6001.18702)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

     

    479.48 Mb Total Physical Memory | 245.84 Mb Available Physical Memory | 51.27% Memory free

    1.10 Gb Paging File | 0.75 Gb Available in Paging File | 68.52% Paging File free

    Paging file location(s): C:pagefile.sys 720 1440 [binary data]

     

    %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files

    Drive C: | 33.40 Gb Total Space | 21.49 Gb Free Space | 64.34% Space Free | Partition Type: NTFS

    Drive D: | 3.89 Gb Total Space | 0.78 Gb Free Space | 20.13% Space Free | Partition Type: FAT32

     

    Computer Name: YOUR-N3TY7ATHD5 | User Name: Owner | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

     

    ========== Extra Registry (SafeList) ==========

     

     

    ========== File Associations ==========

     

    [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

     

    ========== Shell Spawning ==========

     

    [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]

    batfile [open] -- "%1" %*

    cmdfile [open] -- "%1" %*

    comfile [open] -- "%1" %*

    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    exefile [open] -- "%1" %*

    htmlfile [edit] -- Reg Error: Key error.

    piffile [open] -- "%1" %*

    regfile [merge] -- Reg Error: Key error.

    scrfile [config] -- "%1"

    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

    scrfile [open] -- "%1" /S

    txtfile [edit] -- Reg Error: Key error.

    Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1

    Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

    Folder [open] -- %SystemRoot%Explorer.exe /idlist,%I,%L (Microsoft Corporation)

    Folder [explore] -- %SystemRoot%Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

    Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

     

    ========== Security Center Settings ==========

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

    "AntiVirusDisableNotify" = 0

    "FirewallDisableNotify" = 0

    "UpdatesDisableNotify" = 0

    "AntiVirusOverride" = 0

    "FirewallOverride" = 0

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]

    "DisableMonitoring" = 1

     

    ========== System Restore Settings ==========

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore]

    "DisableSR" = 0

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSr]

    "Start" = 0

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSrService]

    "Start" = 2

     

    ========== Firewall Settings ==========

     

    [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewall]

     

    [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallDomainProfile]

     

    [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallStandardProfile]

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]

    "EnableFirewall" = 0

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]

    "EnableFirewall" = 0

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]

     

    ========== Authorized Applications List ==========

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]

    "C:Program FilesBearShare ApplicationsBearShareBearShare.exe" = C:Program FilesBearShare ApplicationsBearShareBearShare.exe:*:Enabled:BearShare

     

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]

     

     

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

     

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]

    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime

    "{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn

    "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics

    "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan

    "{0D9C6525-FE1B-471E-ADF1-BF286546EC58}" = H&R Block North Carolina 2010

    "{10964A8F-21C1-45EA-BC2D-F84B505C3848}" = H&R Block Deluxe + Efile + State 2010

    "{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday

    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    "{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security

    "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt

    "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

    "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg

    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

    "{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B

    "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001

    "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA

    "{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink

    "{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers

    "{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids

    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

    "{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012

    "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder

    "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr

    "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver Software

    "{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday

    "{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}" =

    "{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin

    "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL

    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    "{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt

    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    "{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove

    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

    "{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall

    "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0

    "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI

    "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore

    "{BDE90251-93EB-4F6A-89D8-086E2D91DC56}" = Coloreal

    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

    "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan

    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition

    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

    "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR

    "{DFA1E2C8-A9DE-4B99-8B3C-866664B5F67C}" = Garmin POI Loader

    "{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012

    "{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby

    "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips

    "{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase

    "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK

    "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner

    "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS

    "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

    "Adobe Shockwave Player" = Adobe Shockwave Player 11

    "AVG" = AVG 2012

    "Belarc Advisor 2.0" = Belarc Advisor 6.1

    "CCleaner" = CCleaner

    "ESET Online Scanner" = ESET Online Scanner v3

    "ie8" = Windows Internet Explorer 8

    "jv16 PowerTools 2011" = jv16 PowerTools 2011

    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800

    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

    "mtt12" = Mp3 Tag Tools v1.2

    "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers

    "PartyPokerNet" = PartyPoker.net

    "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20

    "SpywareBlaster_is1" = SpywareBlaster 4.5

    "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter

    "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

    "WeatherBug" = WeatherBug

    "Windows Media Format Runtime" = Windows Media Format 11 runtime

    "Windows XP Service Pack" = Windows XP Service Pack 3

    "WinPatrol" = WinPatrol 2008

    "WMFDist11" = Windows Media Format 11 runtime

    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    "ZoneAlarm Free" = ZoneAlarm Free

    "ZoneAlarm Toolbar" = ZoneAlarm Toolbar

     

    ========== HKEY_CURRENT_USER Uninstall List ==========

     

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]

    "UnityWebPlayer" = Unity Web Player

     

    ========== Last 10 Event Log Errors ==========

     

    [ Application Events ]

    Error - 7/16/2010 11:01:56 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = WmiAdapter | ID = 4099

    Description = Open of service failed.

     

    Error - 7/17/2010 1:24:56 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000

    Description = Faulting application patch.exe, version 0.0.0.0, faulting module patch.exe,

    version 0.0.0.0, fault address 0x00002864.

     

    Error - 7/17/2010 1:25:03 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000

    Description = Faulting application patch.exe, version 0.0.0.0, faulting module unknown,

    version 0.0.0.0, fault address 0x100027d1.

     

    Error - 2/16/2011 4:35:31 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = crypt32 | ID = 131083

    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

    with error: A required certificate is not within its validity period when verifying

    against the current system clock or the timestamp in the signed file.

     

    Error - 2/16/2011 4:35:31 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = crypt32 | ID = 131083

    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

    with error: A required certificate is not within its validity period when verifying

    against the current system clock or the timestamp in the signed file.

     

    Error - 3/29/2011 9:20:36 AM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000

    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting

    module ntdll.dll, version 5.1.2600.6055, fault address 0x0000ff56.

     

    Error - 6/17/2011 9:09:20 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Application Error | ID = 1000

    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting

    module mshtml.dll, version 8.0.6001.19046, fault address 0x000e1584.

     

    Error - 6/28/2011 4:30:14 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = MsiInstaller | ID = 11719

    Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1719.The

    Windows Installer Service could not be accessed. This can occur if you are running

    Windows in safe mode, or if the Windows Installer is not correctly installed. Contact

    your support personnel for assistance.

     

    Error - 6/28/2011 4:30:14 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = MsiInstaller | ID = 1023

    Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'KB2478658'

    could not be installed. Error code 1603. Additional information is available in

    the log file C:WINDOWSsystem32configSYSTEM~1LOCALS~1TempMicrosoft .NET Framework

    2.0-KB2478658_20110628_202937265-Msi0.txt.

     

    Error - 6/28/2011 4:30:17 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = HotFixInstaller | ID = 5000

    Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2478658,

    P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10

    1719.

     

    [ System Events ]

    Error - 1/6/2012 9:20:16 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Workstation service which

    failed to start because of the following error: %%2

     

    Error - 1/6/2012 9:20:16 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7026

    Description = The following boot-start or system-start driver(s) failed to load:

    AmdK7 Avgldx86 Avgmfx86 BANTExt Fips MRxSmb Rdbss SASDIFSV SASKUTIL

     

    Error - 1/6/2012 9:20:16 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7023

    Description = The Server service terminated with the following error: %%2

     

    Error - 1/6/2012 9:47:52 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = DCOM | ID = 10005

    Description = DCOM got error "%1084" attempting to start the service StiSvc with

    arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

     

    Error - 1/6/2012 9:56:08 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = DCOM | ID = 10005

    Description = DCOM got error "%1084" attempting to start the service EventSystem

    with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

     

    Error - 1/6/2012 10:01:31 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000

    Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to

    start due to the following error: %%2

     

    Error - 1/7/2012 10:45:46 AM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000

    Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to

    start due to the following error: %%2

     

    Error - 1/7/2012 6:03:09 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = PlugPlayManager | ID = 11

    Description = The device RootLEGACY_ESIHDRV0000 disappeared from the system without

    first being prepared for removal.

     

    Error - 1/7/2012 6:08:00 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000

    Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to

    start due to the following error: %%2

     

    Error - 1/8/2012 12:01:11 PM | Computer Name = YOUR-N3TY7ATHD5 | Source = Service Control Manager | ID = 7000

    Description = The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to

    start due to the following error: %%2

     

     

    < End of report >


  7. OTL logfile created on: 1/8/2012 6:24:09 PM - Run 1

    OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsOwnerDesktop

    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

    Internet Explorer (Version = 8.0.6001.18702)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

     

    479.48 Mb Total Physical Memory | 245.84 Mb Available Physical Memory | 51.27% Memory free

    1.10 Gb Paging File | 0.75 Gb Available in Paging File | 68.52% Paging File free

    Paging file location(s): C:pagefile.sys 720 1440 [binary data]

     

    %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files

    Drive C: | 33.40 Gb Total Space | 21.49 Gb Free Space | 64.34% Space Free | Partition Type: NTFS

    Drive D: | 3.89 Gb Total Space | 0.78 Gb Free Space | 20.13% Space Free | Partition Type: FAT32

     

    Computer Name: YOUR-N3TY7ATHD5 | User Name: Owner | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

     

    ========== Processes (SafeList) ==========

     

    PRC - C:Documents and SettingsOwnerDesktopOTL.exe (OldTimer Tools)

    PRC - C:Program FilesAVGAVG2012avgtray.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:Program FilesAVGAVG2012avgnsx.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:Program FilesCheckPointZoneAlarmvsmon.exe (Check Point Software Technologies LTD)

    PRC - C:Program FilesCheckPointZoneAlarmzatray.exe (Check Point Software Technologies LTD)

    PRC - C:Program FilesAVGAVG2012AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:Program FilesAVGAVG2012avgemcx.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:Program FilesAVGAVG2012avgrsx.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:Program FilesAVGAVG2012avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:Program FilesAVGAVG2012avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

    PRC - C:WINDOWSexplorer.exe (Microsoft Corporation)

    PRC - C:Program FilesAWSWeatherBugWeather.exe (AWS Convergence Technologies, Inc.)

    PRC - C:WINDOWSsystem32HPZipm12.exe (HP)

     

     

    ========== Modules (No Company Name) ==========

     

     

    ========== Win32 Services (SafeList) ==========

     

    SRV - (NMSAccess) -- File not found

    SRV - (msCMTSrvc) -- File not found

    SRV - (HidServ) -- File not found

    SRV - (AppMgmt) -- File not found

    SRV - (vsmon) -- C:Program FilesCheckPointZoneAlarmvsmon.exe (Check Point Software Technologies LTD)

    SRV - (IswSvc) -- C:Program FilesCheckPointZAForceFieldIswSvc.exe (Check Point Software Technologies)

    SRV - (AVGIDSAgent) -- C:Program FilesAVGAVG2012AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

    SRV - (avgwd) -- C:Program FilesAVGAVG2012avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

    SRV - (Pml Driver HPZ12) -- C:WINDOWSsystem32HPZipm12.exe (HP)

     

     

    ========== Driver Services (SafeList) ==========

     

    DRV - (catchme) -- File not found

    DRV - (SASKUTIL) -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

    DRV - (SASDIFSV) -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

    DRV - (SASENUM) -- C:Program FilesSUPERAntiSpywareSASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)

    DRV - (Vsdatant) -- C:WINDOWSsystem32vsdatant.sys (Check Point Software Technologies LTD)

    DRV - (ISWKL) -- C:Program FilesCheckPointZAForceFieldISWKL.sys (Check Point Software Technologies)

    DRV - (Avgldx86) -- C:WINDOWSsystem32driversavgldx86.sys (AVG Technologies CZ, s.r.o.)

    DRV - (AVGIDSShim) -- C:WINDOWSsystem32driversAVGIDSShim.sys (AVG Technologies CZ, s.r.o. )

    DRV - (Avgrkx86) -- C:WINDOWSsystem32DRIVERSavgrkx86.sys (AVG Technologies CZ, s.r.o.)

    DRV - (Avgmfx86) -- C:WINDOWSsystem32driversavgmfx86.sys (AVG Technologies CZ, s.r.o.)

    DRV - (Avgtdix) -- C:WINDOWSsystem32driversavgtdix.sys (AVG Technologies CZ, s.r.o.)

    DRV - (AVGIDSFilter) -- C:WINDOWSsystem32driversAVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )

    DRV - (AVGIDSEH) -- C:WINDOWSsystem32DRIVERSAVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )

    DRV - (AVGIDSDriver) -- C:WINDOWSsystem32driversAVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )

    DRV - (StarOpen) -- C:WINDOWSSystem32driversStarOpen.sys ()

    DRV - (motmodem) -- C:WINDOWSsystem32driversmotmodem.sys (Motorola)

    DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:WINDOWSsystem32driversALCXWDM.SYS (Realtek Semiconductor Corp.)

    DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:WINDOWSsystem32driversrtl8139.sys (Realtek Semiconductor Corporation)

    DRV - (wg111nd5) -- C:WINDOWSsystem32driverswg111nd5.sys (NETGEAR, Inc.)

    DRV - (S3Psddr) -- C:WINDOWSsystem32driverss3gnbm.sys (S3 Graphics, Inc.)

    DRV - (ltmodem5) -- C:WINDOWSsystem32driversltmdmnt.sys (LT)

    DRV - (BANTExt) -- C:WINDOWSSystem32DriversBANTExt.sys ()

    DRV - (pfc) -- C:WINDOWSsystem32driverspfc.sys (Padus, Inc.)

    DRV - (nv_agp) -- C:WINDOWSSystem32DRIVERSnv_agp.sys (NVIDIA Corporation)

    DRV - (Ps2) -- C:WINDOWSsystem32driversPS2.sys (Hewlett-Packard Company)

    DRV - (viaagp1) -- C:WINDOWSSystem32DRIVERSviaagp1.sys (VIA Technologies, Inc.)

    DRV - (ICAM3NT5) -- C:WINDOWSsystem32driversIcam3.sys (Microsoft Corporation)

     

     

    ========== Standard Registry (SafeList) ==========

     

     

    ========== Internet Explorer ==========

     

    IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://srch-qus7.hpwis.com/

    IE - HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com/ie

     

    IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-qus7.hpwis.com/

    IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.facebook.com/login.php

    IE - HKCUSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com/ie

    IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

     

    FF - [email protected]/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)

    FF - [email protected]/FFApi: C:Program FilesCheckPointZAForceFieldTrustCheckerbinnpFFApi.dll ()

    FF - [email protected]/GpsControl: C:Program FilesGarmin GPS PluginnpGarmin.dll (GARMIN Corp.)

    FF - [email protected]/WPF,version=3.5: c:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)

    FF - [email protected]/UnityPlayer,version=1.0: C:Documents and SettingsOwnerLocal SettingsApplication DataUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)

     

    FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:Program FilesCheckPointZAForceFieldTrustChecker [2011/11/26 11:33:15 | 000,000,000 | ---D | M]

    FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:Program FilesAVGAVG2012Firefox4 [2012/01/05 20:28:05 | 000,000,000 | ---D | M]

     

     

    O1 HOSTS File: ([2012/01/07 17:07:13 | 000,000,027 | ---- | M]) - C:WINDOWSsystem32driversetchosts

    O1 - Hosts: 127.0.0.1 localhost

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG2012avgssie.dll (AVG Technologies CZ, s.r.o.)

    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll (Sun Microsystems, Inc.)

    O3 - HKCU..ToolbarShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

    O3 - HKCU..ToolbarShellBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.

    O3 - HKCU..ToolbarWebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

    O3 - HKCU..ToolbarWebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:Program FilesCheckPointZAForceFieldTrustcheckerbinTrustCheckerIEPlugin.dll (Check Point Software Technologies)

    O4 - HKLM..Run: [AVG_TRAY] C:Program FilesAVGAVG2012avgtray.exe (AVG Technologies CZ, s.r.o.)

    O4 - HKLM..Run: [ZoneAlarm] C:Program FilesCheckPointZoneAlarmzatray.exe (Check Point Software Technologies LTD)

    O4 - HKCU..Run: [Weather] C:Program FilesAWSWeatherBugWeather.exe (AWS Convergence Technologies, Inc.)

    O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerInfodelivery present

    O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present

    O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: LinkResolveIgnoreLinkInfo = 0

    O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoResolveSearch = 1

    O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1

    O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863

    O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323

    O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0

    O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: LinkResolveIgnoreLinkInfo = 0

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoWinKeys = 1

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMMyDocs = 1

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoFavoritesMenu = 1

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863

    O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0

    O8 - Extra context menu item: Google Sidewiki... - res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found

    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binnpjpi160_03.dll (Sun Microsystems, Inc.)

    O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk ()

    O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk ()

    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

    O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Value error.)

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

    O16 - DPF: DirectAnimation Java Classes file://C:WINDOWSJavaclassesdajava.cab (Reg Error: Key error.)

    O16 - DPF: Microsoft XML Parser for Java file://C:WINDOWSJavaclassesxmldso.cab (Reg Error: Key error.)

    O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 209.18.47.61 209.18.47.62

    O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{733D3642-D733-402B-95C3-B9CFE83B7BA9}: DhcpNameServer = 209.18.47.61 209.18.47.62

    O18 - ProtocolHandlerbelarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:Program FilesBelarcAdvisorSystemBAVoilaX.dll (Belarc, Inc.)

    O18 - ProtocolHandlerlinkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG2012avgpp.dll (AVG Technologies CZ, s.r.o.)

    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WINDOWSexplorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) -C:WINDOWSsystem32userinit.exe (Microsoft Corporation)

    O20 - WinlogonNotify!SASWinLogon: DllName - (C:Program FilesSUPERAntiSpywareSASWINLO.DLL) - C:Program FilesSUPERAntiSpywareSASWINLO.DLL (SUPERAntiSpyware.com)

    O20 - WinlogonNotifydimsntfy: DllName - () - File not found

    O20 - WinlogonNotifyigfxcui: DllName - (igfxsrvc.dll) - C:WINDOWSSystem32igfxsrvc.dll (Intel Corporation)

    O24 - Desktop WallPaper: C:Documents and SettingsOwnerLocal SettingsApplication DataMicrosoftWallpaper1.bmp

    O24 - Desktop BackupWallPaper: C:Documents and SettingsOwnerLocal SettingsApplication DataMicrosoftWallpaper1.bmp

    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com)

    O32 - HKLM CDRom: AutoRun - 1

    O32 - AutoRun File - [2003/01/24 09:07:32 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ]

    O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:AUTOEXEC.BAT -- [ FAT32 ]

    O34 - HKLM BootExecute: (autocheck autochk *)

    O34 - HKLM BootExecute: (C:PROGRA~1AVGAVG2012avgrsx.exe /sync /restart)

    O35 - HKLM..comfile [open] -- "%1" %*

    O35 - HKLM..exefile [open] -- "%1" %*

    O37 - HKLM...com [@ = ComFile] -- "%1" %*

    O37 - HKLM...exe [@ = exefile] -- "%1" %*

     

    ========== Files/Folders - Created Within 30 Days ==========

     

    [2012/01/08 18:22:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsOwnerDesktopOTL.exe

    [2012/01/07 21:15:14 | 000,000,000 | ---D | C] -- C:Program FilesESET

    [2012/01/06 23:55:33 | 000,000,000 | ---D | C] -- C:$AVG

    [2012/01/06 20:24:15 | 000,000,000 | RHSD | C] -- C:cmdcons

    [2012/01/06 11:43:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:WINDOWSSWREG.exe

    [2012/01/06 11:43:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:WINDOWSSWSC.exe

    [2012/01/06 11:43:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:WINDOWSSWXCACLS.exe

    [2012/01/06 11:43:14 | 000,060,416 | ---- | C] (NirSoft) -- C:WINDOWSNIRCMD.exe

    [2012/01/05 22:18:38 | 004,374,678 | R--- | C] (Swearware) -- C:Documents and SettingsOwnerDesktopComboFix.exe

    [2012/01/05 20:30:03 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerApplication DataAVG2012

    [2012/01/05 20:28:06 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsAVG 2012

    [2012/01/05 20:25:52 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataAVG2012

    [2012/01/05 20:25:52 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32driversAVG

    [2012/01/05 20:07:57 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAll UsersApplication DataCommon Files

    [2012/01/05 20:02:02 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataMFAData

    [2012/01/05 19:57:49 | 000,000,000 | ---D | C] -- C:WINDOWSERDNT

    [2012/01/05 19:14:22 | 000,000,000 | ---D | C] -- C:Qoobox

    [2012/01/04 21:08:48 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachebckgres.dll

    [2012/01/04 21:08:48 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachebckg.dll

    [2012/01/04 21:08:48 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachebckgzm.exe

    [2012/01/04 21:08:48 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachervsezm.exe

    [2012/01/04 21:08:47 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachechkrres.dll

    [2012/01/04 21:08:47 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachervseres.dll

    [2012/01/04 21:08:47 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachervse.dll

    [2012/01/04 21:08:47 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachechkrzm.exe

    [2012/01/04 21:08:47 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheshvlzm.exe

    [2012/01/04 21:08:47 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachechkr.dll

    [2012/01/04 21:08:46 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheshvlres.dll

    [2012/01/04 21:08:46 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachehrtzres.dll

    [2012/01/04 21:08:46 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheshvl.dll

    [2012/01/04 21:08:46 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachehrtz.dll

    [2012/01/04 21:08:46 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachehrtzzm.exe

    [2012/01/04 21:08:45 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecmnresm.dll

    [2012/01/04 21:08:45 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecmnclim.dll

    [2012/01/04 21:08:45 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezoneclim.dll

    [2012/01/04 21:08:45 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezcorem.dll

    [2012/01/04 21:08:45 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheuniansi.dll

    [2012/01/04 21:08:45 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheznetm.dll

    [2012/01/04 21:08:45 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezonelibm.dll

    [2012/01/04 21:08:45 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezeeverm.dll

    [2012/01/04 21:08:44 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachezclientm.exe

    [2012/01/04 21:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32write.exe

    [2012/01/04 21:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachewrite.exe

    [2012/01/04 21:08:30 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32sndvol32.exe

    [2012/01/04 21:08:30 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesndvol32.exe

    [2012/01/04 21:08:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheavwav.dll

    [2012/01/04 21:08:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32avwav.dll

    [2012/01/04 21:08:30 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:WINDOWSSystem32hticons.dll

    [2012/01/04 21:08:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheavmeter.dll

    [2012/01/04 21:08:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32avmeter.dll

    [2012/01/04 21:08:30 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:WINDOWSSystem32dllcachehtrn_jis.dll

    [2012/01/04 21:08:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcacheavtapi.dll

    [2012/01/04 21:08:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32avtapi.dll

    [2012/01/04 21:08:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32winchat.exe

    [2012/01/04 21:08:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachewinchat.exe

    [2012/01/04 21:08:17 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32getuname.dll

    [2012/01/04 21:08:17 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachegetuname.dll

    [2012/01/04 21:08:17 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecharmap.exe

    [2012/01/04 21:08:17 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32charmap.exe

    [2012/01/04 21:08:16 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachecalc.exe

    [2012/01/04 21:08:16 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32calc.exe

    [2012/01/04 21:08:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32sol.exe

    [2012/01/04 21:08:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesol.exe

    [2012/01/04 21:08:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32mshearts.exe

    [2012/01/04 21:08:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachemshearts.exe

    [2012/01/04 21:08:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32winmine.exe

    [2012/01/04 21:08:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachewinmine.exe

    [2012/01/04 21:08:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32freecell.exe

    [2012/01/04 21:08:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachefreecell.exe

    [2012/01/04 21:08:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesmierrsm.dll

    [2012/01/04 21:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesmimsgif.dll

    [2012/01/04 21:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesmierrsy.dll

    [2012/01/04 21:08:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachesnmpstup.dll

    [2012/01/04 09:28:06 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsH&R Block 2010

    [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsOwnerMy DocumentsMy Videos

    [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsAll UsersDocumentsMy Videos

    [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsOwnerMy DocumentsMy Pictures

    [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsAll UsersDocumentsMy Pictures

    [2012/01/03 21:46:13 | 000,000,000 | R--D | C] -- C:Documents and SettingsOwnerMy DocumentsMy Music

    [2012/01/03 21:46:13 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersFavorites

    [2012/01/03 21:39:47 | 000,000,000 | ---D | C] -- C:HiJack This

    [2012/01/03 21:37:50 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerStart MenuProgramsHiJackThis

    [2012/01/03 21:37:49 | 000,000,000 | ---D | C] -- C:Program FilesTrend Micro

    [2012/01/01 23:54:16 | 000,000,000 | ---D | C] -- C:Pictures

    [2012/01/01 23:31:16 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataAdobe

    [2012/01/01 23:31:04 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersTemplates

    [2011/12/31 21:13:27 | 000,000,000 | RH-D | C] -- C:Documents and SettingsOwnerRecent

    [2011/12/31 15:49:48 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataBlueSprig

    [2011/12/30 15:37:15 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerStart MenuProgramsPartyPoker.net

    [2011/12/28 08:13:58 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl

    [2011/12/21 21:07:26 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32LMRTREND.dll

    [2011/12/21 21:07:24 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:WINDOWSSystem32tm20dec.ax

    [2011/12/21 21:07:20 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dxtmsft3.dll

    [2011/12/21 21:06:38 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32unam4ie.exe

    [2011/12/21 21:06:35 | 000,000,000 | R--D | C] -- C:Documents and SettingsAll UsersDocumentsMy Music

    [2011/12/21 21:06:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32mciqtz.drv

    [2011/12/21 21:06:22 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32qcut.dll

    [2011/12/21 21:06:17 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf32.dll

    [2011/12/21 21:06:16 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf16.dll

    [2011/12/21 21:05:47 | 000,077,312 | ---- | C] (Twain Working Group) -- C:WINDOWSSystem32TWAIN_32.DLL

    [2011/12/21 20:44:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dshowext.ax

    [2011/12/21 20:44:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSystem32dllcachedshowext.ax

    [2011/12/18 20:21:37 | 000,000,000 | ---D | C] -- C:Documents and SettingsOwnerStart MenuProgramsjv16 PowerTools 2011

    [2011/12/18 20:21:18 | 000,000,000 | ---D | C] -- C:Program Filesjv16 PowerTools 2011

    [2011/12/18 20:11:51 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsMalwarebytes' Anti-Malware

    [2011/12/18 20:11:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys

    [2011/12/18 20:11:43 | 000,000,000 | ---D | C] -- C:Program FilesMalwarebytes' Anti-Malware

    [2011/12/17 10:31:39 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesHewlett-Packard

    [2011/12/17 10:27:43 | 000,061,440 | ---- | C] (HP) -- C:WINDOWSSystem32HPZinw12.exe

    [2011/12/17 10:27:42 | 000,204,800 | ---- | C] (HP) -- C:WINDOWSSystem32HPZipr12.dll

    [2011/12/17 10:27:42 | 000,094,208 | ---- | C] (HP) -- C:WINDOWSSystem32HPZipt12.dll

    [2011/12/17 10:27:42 | 000,069,632 | ---- | C] (HP) -- C:WINDOWSSystem32HPZipm12.exe

    [2011/12/17 10:27:42 | 000,057,344 | ---- | C] (HP) -- C:WINDOWSSystem32HPZisn12.dll

    [2011/12/17 10:27:41 | 000,278,584 | ---- | C] (HP) -- C:WINDOWSSystem32HPZidr12.dll

    [2011/12/17 10:24:17 | 000,180,315 | ---- | C] (HP) -- C:WINDOWSSystem32hpzsnt12.dll

    [2011/03/18 23:24:53 | 003,033,192 | ---- | C] (Piriform Ltd) -- C:Program Filesccsetup304.exe

    [2010/04/30 01:49:25 | 007,184,528 | ---- | C] (IObit ) -- C:Program Filesasc-setup.exe

    [2010/04/30 01:42:19 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:Program Filesspybotsd162.exe

    [2010/04/30 01:24:01 | 003,103,640 | ---- | C] (Javacool Software LLC ) -- C:Program Filesspywareblastersetup43.exe

    [2008/07/11 21:30:22 | 000,262,144 | ---- | C] (ZoneAlarm) -- C:Program FilesUninstall Spy Blocker.dll

     

    ========== Files - Modified Within 30 Days ==========

     

    [2012/01/08 18:32:05 | 000,000,422 | -H-- | M] () -- C:WINDOWStasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job

    [2012/01/08 18:22:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsOwnerDesktopOTL.exe

    [2012/01/08 11:45:45 | 004,374,678 | R--- | M] (Swearware) -- C:Documents and SettingsOwnerDesktopComboFix.exe

    [2012/01/08 11:09:55 | 086,269,174 | ---- | M] () -- C:WINDOWSSystem32driversAVGincavi.avm

    [2012/01/08 11:00:20 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat

    [2012/01/08 11:00:19 | 502,845,440 | -HS- | M] () -- C:hiberfil.sys

    [2012/01/07 17:07:13 | 000,000,027 | ---- | M] () -- C:WINDOWSSystem32driversetchosts

    [2012/01/06 21:05:20 | 000,571,112 | ---- | M] () -- C:WINDOWSSystem32perfh009.dat

    [2012/01/06 21:05:20 | 000,109,606 | ---- | M] () -- C:WINDOWSSystem32perfc009.dat

    [2012/01/06 20:24:25 | 000,000,316 | RHS- | M] () -- C:boot.ini

    [2012/01/06 17:32:50 | 000,026,403 | ---- | M] () -- C:WINDOWSSystem32driversAVGiavichjg.avm

    [2012/01/05 20:28:06 | 000,000,710 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopAVG 2012.lnk

    [2012/01/05 12:56:22 | 000,001,499 | ---- | M] () -- C:Documents and SettingsOwnerDesktopSolitaire.lnk

    [2012/01/05 02:36:08 | 000,000,561 | ---- | M] () -- C:Documents and SettingsOwnerDesktopHijackThis.lnk

    [2012/01/05 02:22:31 | 000,000,527 | ---- | M] () -- C:Documents and SettingsOwnerDesktopdds.lnk

    [2012/01/04 23:38:15 | 000,148,400 | ---- | M] () -- C:WINDOWSSystem32FNTCACHE.DAT

    [2012/01/04 21:11:26 | 000,004,507 | ---- | M] () -- C:WINDOWSimsins.BAK

    [2012/01/04 21:09:02 | 000,000,812 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchWindows Media Player.lnk

    [2012/01/04 21:06:57 | 000,000,057 | ---- | M] () -- C:WINDOWSSystem32mapisvc.inf

    [2012/01/04 09:28:41 | 000,001,690 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopH&R Block 2010.lnk

    [2012/01/03 16:01:54 | 000,000,823 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk

    [2012/01/03 15:31:29 | 000,000,792 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk

    [2012/01/02 01:23:26 | 000,001,463 | ---- | M] () -- C:Documents and SettingsOwnerDesktopautoruns.lnk

    [2012/01/02 00:18:41 | 000,001,364 | ---- | M] () -- C:Documents and SettingsOwnerDesktopJohnson Family.lnk

    [2012/01/02 00:18:18 | 000,001,369 | ---- | M] () -- C:Documents and SettingsOwnerDesktopFamily Pictures.lnk

    [2012/01/02 00:18:04 | 000,001,404 | ---- | M] () -- C:Documents and SettingsOwnerDesktopHinson Family Pictures.lnk

    [2012/01/02 00:17:25 | 000,001,359 | ---- | M] () -- C:Documents and SettingsOwnerDesktopPam's Wedding.lnk

    [2012/01/01 23:31:16 | 000,001,748 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopAdobe Reader 7.0.lnk

    [2012/01/01 23:30:47 | 000,526,447 | ---- | M] () -- C:Documents and SettingsOwnerMy Documentsbcertificatapp.pdf

    [2012/01/01 12:22:50 | 000,000,000 | ---- | M] () -- C:Documents and SettingsOwnerReset_IE_Windows.reg

    [2011/12/31 14:55:13 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl

    [2011/12/30 15:37:15 | 000,001,743 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchPartyPoker.net.lnk

    [2011/12/30 15:37:15 | 000,001,725 | ---- | M] () -- C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk

    [2011/12/27 17:54:27 | 000,000,177 | ---- | M] () -- C:Documents and SettingsOwnerDesktopGoogle.url

    [2011/12/26 04:55:46 | 000,000,113 | ---- | M] () -- C:WINDOWSphotoimpression.ini

    [2011/12/26 04:55:46 | 000,000,029 | ---- | M] () -- C:WINDOWSvideoimp.ini

    [2011/12/24 20:25:49 | 000,000,754 | ---- | M] () -- C:WINDOWSWORDPAD.INI

    [2011/12/23 20:54:03 | 000,000,199 | ---- | M] () -- C:Boot.bak

    [2011/12/21 21:06:57 | 000,023,392 | ---- | M] () -- C:WINDOWSSystem32nscompat.tlb

    [2011/12/21 21:06:57 | 000,016,832 | ---- | M] () -- C:WINDOWSSystem32amcompat.tlb

    [2011/12/21 21:06:14 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf32.dll

    [2011/12/21 21:06:14 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:WINDOWSSystem32w95inf16.dll

    [2011/12/21 07:14:57 | 000,001,158 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl

    [2011/12/20 19:16:55 | 000,000,762 | ---- | M] () -- C:Documents and SettingsOwnerDesktopSpywareBlaster.lnk

    [2011/12/18 20:22:16 | 000,000,022 | -HS- | M] () -- C:WINDOWSSystem5537 Data.Repository

    [2011/12/18 20:22:16 | 000,000,022 | -HS- | M] () -- C:Documents and SettingsOwnerApplication DataSys2662.Config.Repository.bin

    [2011/12/18 20:21:36 | 000,001,590 | ---- | M] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick Launchjv16 PowerTools 2011.lnk

    [2011/12/18 20:21:36 | 000,001,572 | ---- | M] () -- C:Documents and SettingsOwnerDesktopjv16 PowerTools 2011.lnk

    [2011/12/17 10:32:22 | 000,102,262 | ---- | M] () -- C:WINDOWShpoins05.dat

    [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys

     

    ========== Files Created - No Company Name ==========

     

    [2012/01/08 11:09:55 | 086,269,174 | ---- | C] () -- C:WINDOWSSystem32driversAVGincavi.avm

    [2012/01/06 21:00:34 | 502,845,440 | -HS- | C] () -- C:hiberfil.sys

    [2012/01/06 20:24:25 | 000,000,199 | ---- | C] () -- C:Boot.bak

    [2012/01/06 20:24:20 | 000,260,272 | RHS- | C] () -- C:cmldr

    [2012/01/06 17:32:49 | 000,026,403 | ---- | C] () -- C:WINDOWSSystem32driversAVGiavichjg.avm

    [2012/01/06 11:43:14 | 000,256,000 | ---- | C] () -- C:WINDOWSPEV.exe

    [2012/01/06 11:43:14 | 000,208,896 | ---- | C] () -- C:WINDOWSMBR.exe

    [2012/01/06 11:43:14 | 000,098,816 | ---- | C] () -- C:WINDOWSsed.exe

    [2012/01/06 11:43:14 | 000,080,412 | ---- | C] () -- C:WINDOWSgrep.exe

    [2012/01/06 11:43:14 | 000,068,096 | ---- | C] () -- C:WINDOWSzip.exe

    [2012/01/05 20:28:06 | 000,000,710 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopAVG 2012.lnk

    [2012/01/05 12:56:22 | 000,001,499 | ---- | C] () -- C:Documents and SettingsOwnerDesktopSolitaire.lnk

    [2012/01/05 02:36:08 | 000,000,561 | ---- | C] () -- C:Documents and SettingsOwnerDesktopHijackThis.lnk

    [2012/01/05 02:22:31 | 000,000,527 | ---- | C] () -- C:Documents and SettingsOwnerDesktopdds.lnk

    [2012/01/04 21:09:02 | 000,000,812 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchWindows Media Player.lnk

    [2012/01/04 21:09:02 | 000,000,800 | ---- | C] () -- C:Documents and SettingsOwnerStart MenuProgramsWindows Media Player.lnk

    [2012/01/04 21:08:20 | 000,065,954 | ---- | C] () -- C:WINDOWSPrairie Wind.bmp

    [2012/01/04 21:08:20 | 000,065,832 | ---- | C] () -- C:WINDOWSSanta Fe Stucco.bmp

    [2012/01/04 21:08:20 | 000,026,680 | ---- | C] () -- C:WINDOWSRiver Sumida.bmp

    [2012/01/04 21:08:20 | 000,017,362 | ---- | C] () -- C:WINDOWSRhododendron.bmp

    [2012/01/04 21:08:20 | 000,009,522 | ---- | C] () -- C:WINDOWSZapotec.bmp

    [2012/01/04 21:08:19 | 000,065,978 | ---- | C] () -- C:WINDOWSSoap Bubbles.bmp

    [2012/01/04 21:08:19 | 000,026,582 | ---- | C] () -- C:WINDOWSGreenstone.bmp

    [2012/01/04 21:08:19 | 000,017,336 | ---- | C] () -- C:WINDOWSGone Fishing.bmp

    [2012/01/04 21:08:19 | 000,017,062 | ---- | C] () -- C:WINDOWSCoffee Bean.bmp

    [2012/01/04 21:08:19 | 000,016,730 | ---- | C] () -- C:WINDOWSFeatherTexture.bmp

    [2012/01/04 21:08:19 | 000,001,272 | ---- | C] () -- C:WINDOWSBlue Lace 16.bmp

    [2012/01/04 21:08:13 | 000,049,275 | ---- | C] () -- C:WINDOWSSystem32wfospf.mib

    [2012/01/04 21:08:13 | 000,026,236 | ---- | C] () -- C:WINDOWSSystem32wins.mib

    [2012/01/04 21:08:12 | 000,038,608 | ---- | C] () -- C:WINDOWSSystem32nipx.mib

    [2012/01/04 21:08:12 | 000,034,317 | ---- | C] () -- C:WINDOWSSystem32msiprip2.mib

    [2012/01/04 21:08:12 | 000,013,767 | ---- | C] () -- C:WINDOWSSystem32msipbtp.mib

    [2012/01/04 21:08:12 | 000,004,332 | ---- | C] () -- C:WINDOWSSystem32smi.mib

    [2012/01/04 21:08:11 | 000,107,882 | ---- | C] () -- C:WINDOWSSystem32mib_ii.mib

    [2012/01/04 21:08:11 | 000,030,448 | ---- | C] () -- C:WINDOWSSystem32mcastmib.mib

    [2012/01/04 21:08:11 | 000,021,386 | ---- | C] () -- C:WINDOWSSystem32mipx.mib

    [2012/01/04 21:08:11 | 000,010,313 | ---- | C] () -- C:WINDOWSSystem32mripsap.mib

    [2012/01/04 21:08:11 | 000,000,581 | ---- | C] () -- C:WINDOWSSystem32msft.mib

    [2012/01/04 21:08:10 | 000,048,593 | ---- | C] () -- C:WINDOWSSystem32hostmib.mib

    [2012/01/04 21:08:10 | 000,026,100 | ---- | C] () -- C:WINDOWSSystem32lmmib2.mib

    [2012/01/04 21:08:10 | 000,016,617 | ---- | C] () -- C:WINDOWSSystem32authserv.mib

    [2012/01/04 21:08:10 | 000,015,799 | ---- | C] () -- C:WINDOWSSystem32ipforwd.mib

    [2012/01/04 21:08:10 | 000,004,597 | ---- | C] () -- C:WINDOWSSystem32dhcp.mib

    [2012/01/04 21:08:09 | 000,015,597 | ---- | C] () -- C:WINDOWSSystem32accserv.mib

    [2012/01/04 09:28:41 | 000,001,690 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopH&R Block 2010.lnk

    [2012/01/03 16:01:54 | 000,000,823 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk

    [2012/01/03 16:01:53 | 000,000,811 | ---- | C] () -- C:Documents and SettingsOwnerStart MenuProgramsInternet Explorer.lnk

    [2012/01/03 15:31:29 | 000,000,792 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk

    [2012/01/03 15:25:47 | 000,004,507 | ---- | C] () -- C:WINDOWSimsins.BAK

    [2012/01/02 01:23:26 | 000,001,463 | ---- | C] () -- C:Documents and SettingsOwnerDesktopautoruns.lnk

    [2012/01/02 00:16:44 | 000,001,369 | ---- | C] () -- C:Documents and SettingsOwnerDesktopFamily Pictures.lnk

    [2012/01/02 00:16:33 | 000,001,404 | ---- | C] () -- C:Documents and SettingsOwnerDesktopHinson Family Pictures.lnk

    [2012/01/02 00:16:29 | 000,001,359 | ---- | C] () -- C:Documents and SettingsOwnerDesktopPam's Wedding.lnk

    [2012/01/01 23:30:45 | 000,526,447 | ---- | C] () -- C:Documents and SettingsOwnerMy Documentsbcertificatapp.pdf

    [2012/01/01 12:22:50 | 000,000,000 | ---- | C] () -- C:Documents and SettingsOwnerReset_IE_Windows.reg

    [2011/12/30 15:37:15 | 000,001,743 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick LaunchPartyPoker.net.lnk

    [2011/12/30 15:37:15 | 000,001,725 | ---- | C] () -- C:Documents and SettingsOwnerDesktopPartyPoker.net.lnk

    [2011/12/24 20:25:48 | 000,000,754 | ---- | C] () -- C:WINDOWSWORDPAD.INI

    [2011/12/21 21:07:49 | 000,000,029 | ---- | C] () -- C:WINDOWSvideoimp.ini

    [2011/12/21 21:07:47 | 000,000,113 | ---- | C] () -- C:WINDOWSphotoimpression.ini

    [2011/12/21 21:06:26 | 000,010,240 | ---- | C] () -- C:WINDOWSSystem32vidx16.dll

    [2011/12/21 21:06:26 | 000,005,672 | ---- | C] () -- C:WINDOWSSystem32quartz.vxd

    [2011/12/18 20:22:16 | 000,000,022 | -HS- | C] () -- C:WINDOWSSystem5537 Data.Repository

    [2011/12/18 20:22:16 | 000,000,022 | -HS- | C] () -- C:Documents and SettingsOwnerApplication DataSys2662.Config.Repository.bin

    [2011/12/18 20:21:36 | 000,001,590 | ---- | C] () -- C:Documents and SettingsOwnerApplication DataMicrosoftInternet ExplorerQuick Launchjv16 PowerTools 2011.lnk

    [2011/12/18 20:21:36 | 000,001,572 | ---- | C] () -- C:Documents and SettingsOwnerDesktopjv16 PowerTools 2011.lnk

    [2011/12/17 10:25:17 | 000,102,262 | ---- | C] () -- C:WINDOWShpoins05.dat

    [2011/12/17 10:25:17 | 000,017,505 | ---- | C] () -- C:WINDOWShpomdl07.dat

    [2011/12/13 14:29:17 | 000,001,748 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopAdobe Reader 7.0.lnk

    [2011/12/13 14:29:15 | 000,002,321 | ---- | C] () -- C:Documents and SettingsAll UsersStart MenuProgramsAdobe Reader 7.0.lnk

    [2011/11/28 17:15:06 | 000,112,790 | ---- | C] () -- C:WINDOWShpoins07.dat.temp

    [2011/11/28 17:15:06 | 000,021,124 | ---- | C] () -- C:WINDOWShpomdl07.dat.temp

    [2011/10/13 22:40:28 | 000,150,058 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication DataWPFFontCache_v0400-System.dat

    [2011/08/24 09:40:24 | 000,206,411 | ---- | C] () -- C:Program Filesbowbie.com.jpg

    [2011/06/19 10:37:35 | 000,005,504 | ---- | C] () -- C:WINDOWSSystem32driversStarOpen.sys

    [2011/03/20 20:16:23 | 046,972,928 | ---- | C] () -- C:Program FileszaSetup_92_105_000_en.exe

    [2011/01/26 22:18:25 | 000,629,968 | ---- | C] () -- C:Program FilesPartyPokerNetSetup.exe

    [2010/03/14 11:28:53 | 000,000,336 | ---- | C] () -- C:Program Filestemp995.bat

    [2009/02/18 19:59:47 | 000,000,408 | ---- | C] () -- C:WINDOWSPowerReg.dat

    [2008/05/13 21:15:50 | 000,009,216 | ---- | C] () -- C:Documents and SettingsOwnerLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    [2007/12/31 22:40:03 | 000,051,716 | ---- | C] () -- C:WINDOWSSystem32pdf995mon.dll

    [2007/12/30 19:31:15 | 000,011,134 | ---- | C] () -- C:WINDOWSSystem32msvcr20.dll

    [2007/12/30 18:25:19 | 000,060,565 | ---- | C] () -- C:WINDOWSSystem32EPPICPrinterDB.dat

    [2007/12/30 18:25:19 | 000,029,114 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern1.dat

    [2007/12/30 18:25:19 | 000,021,021 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern3.dat

    [2007/12/30 18:25:19 | 000,015,670 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern5.dat

    [2007/12/30 18:25:19 | 000,013,280 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern2.dat

    [2007/12/30 18:25:19 | 000,010,673 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern4.dat

    [2007/12/30 18:25:19 | 000,004,943 | ---- | C] () -- C:WINDOWSSystem32EPPICPattern6.dat

    [2007/12/30 18:25:19 | 000,001,140 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_PT.dat

    [2007/12/30 18:25:19 | 000,001,140 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_BP.dat

    [2007/12/30 18:25:19 | 000,001,137 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_ES.dat

    [2007/12/30 18:25:19 | 000,001,130 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_FR.dat

    [2007/12/30 18:25:19 | 000,001,130 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_CF.dat

    [2007/12/30 18:25:19 | 000,001,104 | ---- | C] () -- C:WINDOWSSystem32EPPICPresetData_EN.dat

    [2007/12/30 18:25:19 | 000,000,097 | ---- | C] () -- C:WINDOWSSystem32PICSDK.ini

    [2007/12/30 18:24:24 | 000,000,058 | ---- | C] () -- C:WINDOWSSystem32EAL32.INI

    [2007/12/29 23:07:49 | 000,673,088 | ---- | C] () -- C:WINDOWSSystem32mlang.dat

    [2007/12/29 23:07:48 | 000,046,258 | ---- | C] () -- C:WINDOWSSystem32mib.bin

    [2007/12/29 23:04:10 | 000,218,003 | ---- | C] () -- C:WINDOWSSystem32dssec.dat

    [2007/12/29 23:04:04 | 000,001,804 | ---- | C] () -- C:WINDOWSSystem32dcache.bin

    [2007/12/29 23:00:33 | 000,003,840 | ---- | C] () -- C:WINDOWSSystem32driversBANTExt.sys

    [2007/12/29 22:24:30 | 000,272,128 | ---- | C] () -- C:WINDOWSSystem32perfi009.dat

    [2007/12/29 22:24:30 | 000,028,626 | ---- | C] () -- C:WINDOWSSystem32perfd009.dat

    [2007/12/29 22:24:28 | 000,004,490 | ---- | C] () -- C:WINDOWSSystem32oembios.dat

    [2007/12/29 22:24:23 | 013,107,200 | ---- | C] () -- C:WINDOWSSystem32oembios.bin

    [2007/12/29 22:24:19 | 000,000,741 | ---- | C] () -- C:WINDOWSSystem32noise.dat

    [2007/04/03 19:47:02 | 000,000,142 | ---- | C] () -- C:WINDOWSwpd99.drv

    [2007/04/03 19:46:55 | 000,691,545 | ---- | C] () -- C:WINDOWSunins000.exe

    [2007/04/03 19:46:55 | 000,002,550 | ---- | C] () -- C:WINDOWSunins000.dat

    [2007/04/03 19:46:51 | 000,000,028 | ---- | C] () -- C:WINDOWSpdf995.ini

    [2007/04/03 19:46:50 | 000,000,335 | ---- | C] () -- C:WINDOWSnsreg.dat

    [2007/04/03 19:46:50 | 000,000,010 | ---- | C] () -- C:WINDOWSmsoffice.ini

    [2007/04/03 19:46:36 | 000,006,550 | ---- | C] () -- C:WINDOWSjautoexp.dat

    [2007/04/03 19:46:35 | 000,000,044 | ---- | C] () -- C:WINDOWSEPR220.ini

    [2007/03/27 09:45:22 | 000,038,567 | ---- | C] () -- C:WINDOWSSystem32pcpbios.exe

    [2007/03/27 09:45:22 | 000,004,096 | ---- | C] () -- C:WINDOWSSystem32sysres.dll

    [2004/09/17 17:37:42 | 000,061,440 | ---- | C] () -- C:WINDOWSSystem32vuins32.dll

    [2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:WINDOWSSystem32secupd.dat

    [2003/08/07 13:01:50 | 000,237,568 | ---- | C] () -- C:WINDOWSSystem32lame_enc.dll

    [2003/01/25 05:43:47 | 000,000,061 | ---- | C] () -- C:WINDOWSsmscfg.ini

    [2003/01/25 05:43:16 | 000,000,000 | ---- | C] () -- C:WINDOWSSystem32iAlmcoin.dll

    [2003/01/24 10:36:27 | 000,073,728 | ---- | C] () -- C:WINDOWSSystem32IntroReg.dll

    [2003/01/24 10:36:25 | 000,024,576 | ---- | C] () -- C:WINDOWSSystem32syscontr.dll

    [2003/01/24 10:36:24 | 000,036,864 | ---- | C] () -- C:WINDOWSSystem32hpreg.dll

    [2003/01/24 10:27:03 | 000,008,822 | ---- | C] () -- C:WINDOWSmozver.dat

    [2003/01/24 10:18:55 | 000,000,052 | ---- | C] () -- C:WINDOWSintuprof.ini

    [2003/01/24 10:18:40 | 000,000,608 | ---- | C] () -- C:WINDOWSQUICKEN.INI

    [2003/01/24 09:41:30 | 000,266,240 | ---- | C] () -- C:WINDOWSSystem32shpshftr.dll

    [2003/01/24 09:30:21 | 000,299,073 | ---- | C] () -- C:WINDOWSSystem32PythonCOM22.dll

    [2003/01/24 09:30:21 | 000,065,536 | ---- | C] () -- C:WINDOWSSystem32PyWinTypes22.dll

    [2003/01/24 09:29:52 | 000,016,896 | ---- | C] () -- C:WINDOWSSystem32bcbmm.dll

    [2003/01/24 09:11:36 | 000,000,802 | ---- | C] () -- C:WINDOWSorun32.ini

    [2003/01/24 09:09:48 | 000,002,048 | --S- | C] () -- C:WINDOWSbootstat.dat

    [2003/01/24 09:04:56 | 000,021,640 | ---- | C] () -- C:WINDOWSSystem32emptyregdb.dat

    [2003/01/24 07:55:28 | 000,000,552 | ---- | C] () -- C:WINDOWSSystem32oeminfo.ini

    [2003/01/24 07:54:56 | 000,571,112 | ---- | C] () -- C:WINDOWSSystem32perfh009.dat

    [2003/01/24 07:54:56 | 000,109,606 | ---- | C] () -- C:WINDOWSSystem32perfc009.dat

    [2003/01/24 01:00:00 | 000,004,161 | ---- | C] () -- C:WINDOWSODBCINST.INI

    [2003/01/24 00:59:01 | 000,148,400 | ---- | C] () -- C:WINDOWSSystem32FNTCACHE.DAT

     

    ========== LOP Check ==========

     

    [2012/01/05 20:38:00 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataAVG2012

    [2011/12/31 15:49:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataBlueSprig

    [2011/11/26 11:31:53 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataCheckPoint

    [2012/01/05 20:07:57 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCommon Files

    [2010/07/16 22:06:20 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataDriver Inspector

    [2012/01/08 11:10:37 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataMFAData

    [2010/06/05 22:39:24 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPC Drivers HeadQuarters

    [2011/11/25 01:17:08 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop

    [2008/08/18 09:58:35 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Datapdf995

    [2011/02/05 16:27:57 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTaxCut

    [2012/01/05 20:30:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataAVG2012

    [2011/11/25 03:27:04 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataBabylon

    [2011/06/19 10:38:02 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataCanneverbe Limited

    [2011/11/26 11:33:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataCheckPoint

    [2011/06/25 16:34:39 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataDriverFinder

    [2011/12/12 13:29:29 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataFrostWire

    [2011/10/14 12:36:32 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataGarmin

    [2010/04/30 02:07:11 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataIObit

    [2008/05/04 21:30:02 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication Dataiolo

    [2009/03/16 17:24:11 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataLimeWire

    [2008/03/09 17:31:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication Datapdf995

    [2003/01/24 10:24:23 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataSampleView

    [2011/02/05 16:35:12 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataTaxCut

    [2008/08/22 20:44:39 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataTPA Software

    [2011/12/19 00:41:46 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataUniblue

    [2011/04/14 14:48:39 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataUnity

    [2011/12/12 13:29:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DatauTorrent

    [2003/01/24 10:09:08 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataVERITAS

    [2011/12/20 17:36:59 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataWeatherBug

    [2008/07/11 17:16:17 | 000,000,000 | ---D | M] -- C:Documents and SettingsOwnerApplication DataWinPatrol

    [2012/01/08 18:32:05 | 000,000,422 | -H-- | M] () -- C:WINDOWSTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job

     

    ========== Purity Check ==========

     

     

    < End of report >


  8. I have noticed that each time the system reboots after running these tests, that I am told by popup that the default browser is not IE. I tell it to make it the default. I have never seen that before. The system seems to be a little faster but its hard to tell. I am sure as old as the system is and amout of ram I have here is major reason for sluggishness. I wanted to be sure that it is as clean as possible.

     

    ComboFix 12-01-07.03 - Owner 01/08/2012 11:52:51.3.1 - x86

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.224 [GMT -5:00]

    Running from: c:documents and settingsOwnerDesktopComboFix.exe

    Command switches used :: c:documents and settingsOwnerDesktopCFScript.txt

    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

    .

    FILE ::

    "c:documents and settingsOwnerMy DocumentsPicMorph.exe"

    "c:windowssystem32ConTest.dll"

    .

    .

    ((((((((((((((((((((((((( Files Created from 2011-12-08 to 2012-01-08 )))))))))))))))))))))))))))))))

    .

    .

    2012-01-08 02:15 . 2012-01-08 02:15 -------- d-----w- c:program filesESET

    2012-01-07 04:55 . 2012-01-07 04:55 -------- d-----w- C:$AVG

    2012-01-06 01:30 . 2012-01-06 01:30 -------- d-----w- c:documents and settingsOwnerApplication DataAVG2012

    2012-01-06 01:25 . 2012-01-08 16:10 -------- d-----w- c:windowssystem32driversAVG

    2012-01-06 01:25 . 2012-01-06 01:38 -------- d-----w- c:documents and settingsAll UsersApplication DataAVG2012

    2012-01-06 01:07 . 2012-01-06 01:07 -------- d--h--w- c:documents and settingsAll UsersApplication DataCommon Files

    2012-01-06 01:02 . 2012-01-08 16:10 -------- d-----w- c:documents and settingsAll UsersApplication DataMFAData

    2012-01-04 02:39 . 2012-01-05 07:38 -------- d-----w- C:HiJack This

    2012-01-04 02:37 . 2012-01-04 02:37 388096 ----a-r- c:documents and settingsOwnerApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe

    2012-01-04 02:37 . 2012-01-04 02:37 -------- d-----w- c:program filesTrend Micro

    2012-01-02 04:54 . 2012-01-02 05:08 -------- d-----w- C:Pictures

    2012-01-01 17:22 . 2012-01-01 17:22 0 ----a-w- c:documents and settingsOwnerReset_IE_Windows.reg

    2011-12-31 20:49 . 2011-12-31 20:49 -------- d-----w- c:documents and settingsAll UsersApplication DataBlueSprig

    2011-12-28 13:13 . 2011-12-31 19:55 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

    2011-12-25 00:48 . 2011-12-31 01:48 -------- d-----w- c:documents and settingsAdministrator

    2011-12-22 02:07 . 1998-09-02 08:28 38160 ----a-w- c:windowssystem32LMRTREND.dll

    2011-12-22 02:07 . 1998-08-20 11:02 140800 ----a-w- c:windowssystem32tm20dec.ax

    2011-12-22 02:07 . 1998-08-27 04:51 182032 ----a-w- c:windowssystem32dxtmsft3.dll

    2011-12-22 02:06 . 1998-09-02 08:28 63488 ----a-w- c:windowssystem32unam4ie.exe

    2011-12-22 02:06 . 1998-08-17 09:21 5672 ----a-w- c:windowssystem32quartz.vxd

    2011-12-22 02:06 . 1998-08-17 09:21 10240 ----a-w- c:windowssystem32vidx16.dll

    2011-12-22 02:06 . 1998-08-17 09:21 11776 ----a-w- c:windowssystem32mciqtz.drv

    2011-12-22 02:06 . 1998-09-02 08:02 194320 ----a-w- c:windowssystem32qcut.dll

    2011-12-22 02:06 . 2011-12-22 02:06 4608 ----a-w- c:windowssystem32w95inf32.dll

    2011-12-22 02:06 . 2011-12-22 02:06 2272 ----a-w- c:windowssystem32w95inf16.dll

    2011-12-22 02:05 . 1996-07-01 05:00 77312 ----a-w- c:windowssystem32TWAIN_32.DLL

    2011-12-22 01:44 . 2008-04-14 01:12 20992 ----a-w- c:windowssystem32dshowext.ax

    2011-12-19 01:22 . 2011-12-19 01:22 22 --sha-w- c:documents and settingsOwnerApplication DataSys2662.Config.Repository.bin

    2011-12-19 01:21 . 2011-12-19 01:22 -------- d-----w- c:program filesjv16 PowerTools 2011

    2011-12-19 01:11 . 2012-01-03 20:31 -------- d-----w- c:program filesMalwarebytes' Anti-Malware

    2011-12-19 01:11 . 2011-12-10 20:24 20464 ----a-w- c:windowssystem32driversmbam.sys

    2011-12-17 15:31 . 2011-12-17 15:31 -------- d-----w- c:program filesCommon FilesHewlett-Packard

    2011-12-17 15:27 . 2004-09-29 17:08 61440 ----a-w- c:windowssystem32HPZinw12.exe

    2011-12-17 15:27 . 2004-09-29 17:15 204800 ----a-w- c:windowssystem32HPZipr12.dll

    2011-12-17 15:27 . 2004-09-29 17:14 69632 ----a-w- c:windowssystem32HPZipm12.exe

    2011-12-17 15:27 . 2004-09-29 17:09 57344 ----a-w- c:windowssystem32HPZisn12.dll

    2011-12-17 15:27 . 2004-09-29 17:09 94208 ----a-w- c:windowssystem32HPZipt12.dll

    2011-12-17 15:27 . 2004-09-29 17:12 278584 ----a-w- c:windowssystem32HPZidr12.dll

    2011-12-17 15:24 . 2005-03-18 18:32 180315 ----a-w- c:windowssystem32hpzsnt12.dll

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2011-11-23 13:25 . 2007-12-30 03:26 1859584 ----a-w- c:windowssystem32win32k.sys

    2011-11-04 19:20 . 2007-12-30 04:07 43520 ----a-w- c:windowssystem32licmgr10.dll

    2011-11-04 19:20 . 2007-12-30 04:07 1469440 ------w- c:windowssystem32inetcpl.cpl

    2011-11-04 19:20 . 2007-12-30 03:26 916992 ----a-w- c:windowssystem32wininet.dll

    2011-11-04 11:23 . 2007-12-30 10:26 385024 ----a-w- c:windowssystem32html.iec

    2011-11-01 16:07 . 2007-12-30 03:24 1288704 ----a-w- c:windowssystem32ole32.dll

    2011-10-28 05:31 . 2007-12-30 04:03 33280 ----a-w- c:windowssystem32csrsrv.dll

    2011-10-25 13:37 . 2002-08-29 08:04 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe

    2011-10-25 12:52 . 2002-08-29 08:04 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe

    2011-10-18 11:13 . 2007-12-30 04:07 186880 -c--a-w- c:windowssystem32encdec.dll

    2011-10-17 18:48 . 2011-10-17 18:48 21035 ----a-w- c:windowssystem32driversAegisP.sys

    2011-03-21 01:17 . 2011-03-21 01:16 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe

    2011-03-19 04:25 . 2011-03-19 04:24 3033192 -c--a-w- c:program filesccsetup304.exe

    2011-01-27 03:18 . 2011-01-27 03:18 629968 ----a-w- c:program filesPartyPokerNetSetup.exe

    2010-04-30 06:49 . 2010-04-30 06:49 7184528 -c--a-w- c:program filesasc-setup.exe

    2010-04-30 06:42 . 2010-04-30 06:42 16409960 ----a-w- c:program filesspybotsd162.exe

    2010-04-30 06:24 . 2010-04-30 06:24 3103640 ----a-w- c:program filesspywareblastersetup43.exe

    2010-03-14 16:29 . 2010-03-14 16:28 336 ----a-w- c:program filestemp995.bat

    2008-07-11 22:39 . 2008-07-12 02:30 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll

    .

    .

    ((((((((((((((((((((((((((((( [email protected]_01.39.40 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2003-01-24 12:54 . 2012-01-05 02:10 571112 c:windowssystem32perfh009.dat

    + 2003-01-24 12:54 . 2012-01-07 02:05 571112 c:windowssystem32perfh009.dat

    + 2003-01-24 12:54 . 2012-01-07 02:05 109606 c:windowssystem32perfc009.dat

    - 2003-01-24 12:54 . 2012-01-05 02:10 109606 c:windowssystem32perfc009.dat

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

    "Weather"="c:program filesAWSWeatherBugWeather.exe" [2004-11-08 1597440]

    .

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

    "ZoneAlarm"="c:program filesCheckPointZoneAlarmzatray.exe" [2011-11-10 73360]

    "AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2011-12-03 2415456]

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]

    "NoWinKeys"= 1 (0x1)

    "NoSMMyDocs"= 1 (0x1)

    "NoFavoritesMenu"= 1 (0x1)

    .

    [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]

    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2008-05-13 77824]

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon]

    2009-12-28 20:06 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL

    .

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]

    BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]

    "aawservice"=2 (0x2)

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]

    "MSMSGS"="c:program filesMessengermsmsgs.exe" /background

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringZoneLabsFirewall]

    "DisableMonitoring"=dword:00000001

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]

    "%windir%system32sessmgr.exe"=

    "%windir%Network Diagnosticxpnetdiag.exe"=

    .

    R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [7/11/2011 1:14 AM 23120]

    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [9/13/2011 6:30 AM 32592]

    R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [10/7/2011 6:23 AM 230608]

    R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [7/11/2011 1:14 AM 295248]

    R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [5/28/2008 9:33 AM 12872]

    R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [5/28/2008 9:33 AM 67656]

    R2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [8/2/2011 6:09 AM 192776]

    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [11/3/2011 9:44 AM 27016]

    R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [7/11/2011 1:14 AM 134608]

    R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [7/11/2011 1:14 AM 24272]

    R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [10/4/2011 6:21 AM 16720]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [3/18/2010 12:16 PM 130384]

    S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driversCoachCap.sys --> c:windowssystem32driversCoachCap.sys [?]

    S3 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]

    S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys --> c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys [?]

    S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [5/28/2008 9:33 AM 12872]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

    S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filesCheckPointZAForceFieldISWSVC.exe [11/3/2011 9:44 AM 497280]

    S4 msCMTSrvc;Content Monitoring Tool;c:windowssystem32msCMTSrvc.exe --> c:windowssystem32msCMTSrvc.exe [?]

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-01-08 c:windowsTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job

    - c:windowssystem32msfeedssync.exe [2009-03-08 09:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.facebook.com/login.php

    uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/

    mSearch Bar = hxxp://srch-qus7.hpwis.com/

    uInternet Connection Wizard,ShellNext = iexplore

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: Google Sidewiki... - c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

    DPF: DirectAnimation Java Classes - file://c:windowsJavaclassesdajava.cab

    DPF: Microsoft XML Parser for Java - file://c:windowsJavaclassesxmldso.cab

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-01-08 12:06

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(876)

    c:program filesSUPERAntiSpywareSASWINLO.DLL

    c:windowssystem32WININET.dll

    .

    - - - - - - - > 'explorer.exe'(3848)

    c:windowssystem32WININET.dll

    c:windowssystem32ieframe.dll

    c:windowssystem32webcheck.dll

    .

    Completion time: 2012-01-08 12:14:38

    ComboFix-quarantined-files.txt 2012-01-08 17:14

    ComboFix2.txt 2012-01-07 22:20

    ComboFix3.txt 2012-01-07 01:46

    .

    Pre-Run: 23,063,560,192 bytes free

    Post-Run: 23,069,503,488 bytes free

    .

    - - End Of File - - B27E0C662383CE35B430CD97907E501F


  9. Malwarebytes Anti-Malware 1.60.0.1800

    www.malwarebytes.org

    Database version: v2012.01.08.01

    Windows XP Service Pack 3 x86 NTFS

    Internet Explorer 8.0.6001.18702

    Owner :: YOUR-N3TY7ATHD5 [administrator]

    1/7/2012 8:41:48 PM

    mbam-log-2012-01-07 (20-41-48).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 178501

    Time elapsed: 16 minute(s), 10 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 0

    (No malicious items detected)

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

     

     

     

     

     

    C:Documents and SettingsOwnerMy DocumentsPicMorph.exe Win32/Toolbar.Zugo application

    C:WINDOWSsystem32ConTest.dll Win32/Adware.Ascentive application


  10. ComboFix 12-01-06.03 - Owner 01/07/2012 16:48:51.2.1 - x86

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.131 [GMT -5:00]

    Running from: c:documents and settingsOwnerDesktopComboFix.exe

    Command switches used :: c:documents and settingsOwnerDesktopCFScript.txt

    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

    .

    FILE ::

    "c:docume~1ownerlocals~1tempesihdrv.sys"

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    -------Legacy_ESIHDRV

    -------Service_esihdrv

    .

    .

    ((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))

    .

    .

    2012-01-07 04:55 . 2012-01-07 04:55 -------- d-----w- C:$AVG

    2012-01-06 01:30 . 2012-01-06 01:30 -------- d-----w- c:documents and settingsOwnerApplication DataAVG2012

    2012-01-06 01:25 . 2012-01-07 14:55 -------- d-----w- c:windowssystem32driversAVG

    2012-01-06 01:25 . 2012-01-06 01:38 -------- d-----w- c:documents and settingsAll UsersApplication DataAVG2012

    2012-01-06 01:07 . 2012-01-06 01:07 -------- d--h--w- c:documents and settingsAll UsersApplication DataCommon Files

    2012-01-06 01:02 . 2012-01-07 14:56 -------- d-----w- c:documents and settingsAll UsersApplication DataMFAData

    2012-01-04 02:39 . 2012-01-05 07:38 -------- d-----w- C:HiJack This

    2012-01-04 02:37 . 2012-01-04 02:37 388096 ----a-r- c:documents and settingsOwnerApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe

    2012-01-04 02:37 . 2012-01-04 02:37 -------- d-----w- c:program filesTrend Micro

    2012-01-03 20:31 . 2012-01-03 20:36 40776 ----a-w- c:windowssystem32driversmbamswissarmy.sys

    2012-01-02 04:54 . 2012-01-02 05:08 -------- d-----w- C:Pictures

    2012-01-01 17:22 . 2012-01-01 17:22 0 ----a-w- c:documents and settingsOwnerReset_IE_Windows.reg

    2011-12-31 20:49 . 2011-12-31 20:49 -------- d-----w- c:documents and settingsAll UsersApplication DataBlueSprig

    2011-12-28 13:13 . 2011-12-31 19:55 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

    2011-12-25 00:48 . 2011-12-31 01:48 -------- d-----w- c:documents and settingsAdministrator

    2011-12-22 02:07 . 1998-09-02 08:28 38160 ----a-w- c:windowssystem32LMRTREND.dll

    2011-12-22 02:07 . 1998-08-27 04:51 182032 ----a-w- c:windowssystem32dxtmsft3.dll

    2011-12-22 02:06 . 1998-08-17 09:21 5672 ----a-w- c:windowssystem32quartz.vxd

    2011-12-22 02:06 . 1998-08-17 09:21 11776 ----a-w- c:windowssystem32mciqtz.drv

    2011-12-22 02:06 . 1998-09-02 08:02 194320 ----a-w- c:windowssystem32qcut.dll

    2011-12-22 01:44 . 2008-04-14 01:12 20992 ----a-w- c:windowssystem32dshowext.ax

    2011-12-19 01:22 . 2011-12-19 01:22 22 --sha-w- c:documents and settingsOwnerApplication DataSys2662.Config.Repository.bin

    2011-12-19 01:21 . 2011-12-19 01:22 -------- d-----w- c:program filesjv16 PowerTools 2011

    2011-12-19 01:11 . 2012-01-03 20:31 -------- d-----w- c:program filesMalwarebytes' Anti-Malware

    2011-12-19 01:11 . 2011-12-10 20:24 20464 ----a-w- c:windowssystem32driversmbam.sys

    2011-12-17 15:31 . 2011-12-17 15:31 -------- d-----w- c:program filesCommon FilesHewlett-Packard

    2011-12-17 15:27 . 2004-09-29 17:08 61440 ----a-w- c:windowssystem32HPZinw12.exe

    2011-12-17 15:27 . 2004-09-29 17:15 204800 ----a-w- c:windowssystem32HPZipr12.dll

    2011-12-17 15:27 . 2004-09-29 17:14 69632 ----a-w- c:windowssystem32HPZipm12.exe

    2011-12-17 15:27 . 2004-09-29 17:09 57344 ----a-w- c:windowssystem32HPZisn12.dll

    2011-12-17 15:27 . 2004-09-29 17:09 94208 ----a-w- c:windowssystem32HPZipt12.dll

    2011-12-17 15:27 . 2004-09-29 17:12 278584 ----a-w- c:windowssystem32HPZidr12.dll

    2011-12-17 15:24 . 2005-03-18 18:32 180315 ----a-w- c:windowssystem32hpzsnt12.dll

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2011-12-22 02:06 . 2011-12-22 02:06 4608 ----a-w- c:windowssystem32w95inf32.dll

    2011-12-22 02:06 . 2011-12-22 02:06 2272 ----a-w- c:windowssystem32w95inf16.dll

    2011-11-23 13:25 . 2007-12-30 03:26 1859584 ----a-w- c:windowssystem32win32k.sys

    2011-11-04 19:20 . 2007-12-30 04:07 43520 ----a-w- c:windowssystem32licmgr10.dll

    2011-11-04 19:20 . 2007-12-30 04:07 1469440 ------w- c:windowssystem32inetcpl.cpl

    2011-11-04 19:20 . 2007-12-30 03:26 916992 ----a-w- c:windowssystem32wininet.dll

    2011-11-04 11:23 . 2007-12-30 10:26 385024 ----a-w- c:windowssystem32html.iec

    2011-11-01 16:07 . 2007-12-30 03:24 1288704 ----a-w- c:windowssystem32ole32.dll

    2011-10-28 05:31 . 2007-12-30 04:03 33280 ----a-w- c:windowssystem32csrsrv.dll

    2011-10-25 13:37 . 2002-08-29 08:04 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe

    2011-10-25 12:52 . 2002-08-29 08:04 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe

    2011-10-18 11:13 . 2007-12-30 04:07 186880 -c--a-w- c:windowssystem32encdec.dll

    2011-10-17 18:48 . 2011-10-17 18:48 21035 ----a-w- c:windowssystem32driversAegisP.sys

    2011-10-10 14:22 . 2007-12-30 04:07 692736 -c--a-w- c:windowssystem32inetcomm.dll

    2011-03-21 01:17 . 2011-03-21 01:16 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe

    2011-03-19 04:25 . 2011-03-19 04:24 3033192 -c--a-w- c:program filesccsetup304.exe

    2011-01-27 03:18 . 2011-01-27 03:18 629968 ----a-w- c:program filesPartyPokerNetSetup.exe

    2010-04-30 06:49 . 2010-04-30 06:49 7184528 -c--a-w- c:program filesasc-setup.exe

    2010-04-30 06:42 . 2010-04-30 06:42 16409960 ----a-w- c:program filesspybotsd162.exe

    2010-04-30 06:24 . 2010-04-30 06:24 3103640 ----a-w- c:program filesspywareblastersetup43.exe

    2010-03-14 16:29 . 2010-03-14 16:28 336 ----a-w- c:program filestemp995.bat

    2008-07-11 22:39 . 2008-07-12 02:30 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll

    .

    .

    (((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    ---- Directory of c:documents and settingsAll UsersApplication DataBlueSprig ----

    .

    2011-12-31 20:49 . 2011-12-31 20:49 22 ----a-w- c:documents and settingsAll UsersApplication DataBlueSprigJetBoostJetBoostInstallBackWork.ini

    .

    .

    ((((((((((((((((((((((((((((( [email protected]_01.39.40 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2003-01-24 12:54 . 2012-01-05 02:10 571112 c:windowssystem32perfh009.dat

    + 2003-01-24 12:54 . 2012-01-07 02:05 571112 c:windowssystem32perfh009.dat

    + 2003-01-24 12:54 . 2012-01-07 02:05 109606 c:windowssystem32perfc009.dat

    - 2003-01-24 12:54 . 2012-01-05 02:10 109606 c:windowssystem32perfc009.dat

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

    "Weather"="c:program filesAWSWeatherBugWeather.exe" [2004-11-08 1597440]

    .

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

    "ZoneAlarm"="c:program filesCheckPointZoneAlarmzatray.exe" [2011-11-10 73360]

    "AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2011-12-03 2415456]

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]

    "NoWinKeys"= 1 (0x1)

    "NoSMMyDocs"= 1 (0x1)

    "NoFavoritesMenu"= 1 (0x1)

    .

    [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]

    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2008-05-13 77824]

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon]

    2009-12-28 20:06 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL

    .

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]

    BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]

    "aawservice"=2 (0x2)

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]

    "MSMSGS"="c:program filesMessengermsmsgs.exe" /background

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringZoneLabsFirewall]

    "DisableMonitoring"=dword:00000001

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]

    "%windir%system32sessmgr.exe"=

    "%windir%Network Diagnosticxpnetdiag.exe"=

    .

    R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [7/11/2011 1:14 AM 23120]

    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [9/13/2011 6:30 AM 32592]

    R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [10/7/2011 6:23 AM 230608]

    R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [7/11/2011 1:14 AM 295248]

    R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [5/28/2008 9:33 AM 12872]

    R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [5/28/2008 9:33 AM 67656]

    R2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [8/2/2011 6:09 AM 192776]

    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [11/3/2011 9:44 AM 27016]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [3/18/2010 12:16 PM 130384]

    S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driversCoachCap.sys --> c:windowssystem32driversCoachCap.sys [?]

    S3 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]

    S3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [7/11/2011 1:14 AM 134608]

    S3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [7/11/2011 1:14 AM 24272]

    S3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [10/4/2011 6:21 AM 16720]

    S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [1/3/2012 3:31 PM 40776]

    S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys --> c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys [?]

    S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [5/28/2008 9:33 AM 12872]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

    S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filesCheckPointZAForceFieldISWSVC.exe [11/3/2011 9:44 AM 497280]

    S4 msCMTSrvc;Content Monitoring Tool;c:windowssystem32msCMTSrvc.exe --> c:windowssystem32msCMTSrvc.exe [?]

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-01-07 c:windowsTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job

    - c:windowssystem32msfeedssync.exe [2009-03-08 09:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.facebook.com/login.php

    uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/

    mSearch Bar = hxxp://srch-qus7.hpwis.com/

    uInternet Connection Wizard,ShellNext = iexplore

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: Google Sidewiki... - c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

    DPF: DirectAnimation Java Classes - file://c:windowsJavaclassesdajava.cab

    DPF: Microsoft XML Parser for Java - file://c:windowsJavaclassesxmldso.cab

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-01-07 17:08

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(876)

    c:program filesSUPERAntiSpywareSASWINLO.DLL

    c:windowssystem32WININET.dll

    .

    - - - - - - - > 'explorer.exe'(3752)

    c:windowssystem32WININET.dll

    c:windowssystem32ieframe.dll

    c:windowssystem32webcheck.dll

    .

    ------------------------ Other Running Processes ------------------------

    .

    c:progra~1AVGAVG2012avgrsx.exe

    c:program filesAVGAVG2012avgcsrvx.exe

    c:windowssystem32HPZipm12.exe

    c:windowsSystem32snmp.exe

    c:program filesAVGAVG2012avgnsx.exe

    c:program filesAVGAVG2012avgemcx.exe

    .

    **************************************************************************

    .

    Completion time: 2012-01-07 17:20:04 - machine was rebooted

    ComboFix-quarantined-files.txt 2012-01-07 22:19

    ComboFix2.txt 2012-01-07 01:46

    .

    Pre-Run: 23,285,694,464 bytes free

    Post-Run: 23,257,104,384 bytes free

    .

    - - End Of File - - 72C279DD692C0D67AC50ABE2B4A22D70


  11. whewwww Here we go.

     

    ComboFix 12-01-06.03 - Owner 01/06/2012 20:26:48.1.1 - x86 NETWORK

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.259 [GMT -5:00]

    Running from: c:documents and settingsOwnerDesktopComboFix.exe

    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:documents and settingsDefault UserWINDOWS

    c:documents and settingsOwnerLocal SettingsApplication Dataassemblytmp

    c:documents and settingsOwnermukklwmard.tmp

    c:documents and settingsOwnerWINDOWS

    C:Images

    c:program filescdbxp_setup_4.3.8.2568.exe

    c:windowssystem32configsystemprofileWINDOWS

    D:Autorun.inf

    .

    .

    ((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))

    .

    .

    2012-01-06 01:30 . 2012-01-06 01:30 -------- d-----w- c:documents and settingsOwnerApplication DataAVG2012

    2012-01-06 01:25 . 2012-01-06 22:32 -------- d-----w- c:windowssystem32driversAVG

    2012-01-06 01:25 . 2012-01-06 01:38 -------- d-----w- c:documents and settingsAll UsersApplication DataAVG2012

    2012-01-06 01:07 . 2012-01-06 01:07 -------- d--h--w- c:documents and settingsAll UsersApplication DataCommon Files

    2012-01-06 01:02 . 2012-01-06 01:42 -------- d-----w- c:documents and settingsAll UsersApplication DataMFAData

    2012-01-04 02:39 . 2012-01-05 07:38 -------- d-----w- C:HiJack This

    2012-01-04 02:37 . 2012-01-04 02:37 388096 ----a-r- c:documents and settingsOwnerApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe

    2012-01-04 02:37 . 2012-01-04 02:37 -------- d-----w- c:program filesTrend Micro

    2012-01-03 20:31 . 2012-01-03 20:36 40776 ----a-w- c:windowssystem32driversmbamswissarmy.sys

    2012-01-02 04:54 . 2012-01-02 05:08 -------- d-----w- C:Pictures

    2012-01-01 17:22 . 2012-01-01 17:22 0 ----a-w- c:documents and settingsOwnerReset_IE_Windows.reg

    2011-12-31 20:49 . 2011-12-31 20:49 -------- d-----w- c:documents and settingsAll UsersApplication DataBlueSprig

    2011-12-28 13:13 . 2011-12-31 19:55 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

    2011-12-25 00:48 . 2011-12-31 01:48 -------- d-----w- c:documents and settingsAdministrator

    2011-12-22 02:07 . 1998-09-02 08:28 38160 ----a-w- c:windowssystem32LMRTREND.dll

    2011-12-22 02:07 . 1998-08-20 11:02 140800 ----a-w- c:windowssystem32tm20dec.ax

    2011-12-22 02:07 . 1998-08-27 04:51 182032 ----a-w- c:windowssystem32dxtmsft3.dll

    2011-12-22 02:06 . 1998-09-02 08:28 63488 ----a-w- c:windowssystem32unam4ie.exe

    2011-12-22 02:06 . 1998-08-17 09:21 5672 ----a-w- c:windowssystem32quartz.vxd

    2011-12-22 02:06 . 1998-08-17 09:21 10240 ----a-w- c:windowssystem32vidx16.dll

    2011-12-22 02:06 . 1998-08-17 09:21 11776 ----a-w- c:windowssystem32mciqtz.drv

    2011-12-22 02:06 . 1998-09-02 08:02 194320 ----a-w- c:windowssystem32qcut.dll

    2011-12-22 02:06 . 2011-12-22 02:06 4608 ----a-w- c:windowssystem32w95inf32.dll

    2011-12-22 02:06 . 2011-12-22 02:06 2272 ----a-w- c:windowssystem32w95inf16.dll

    2011-12-22 02:05 . 1996-07-01 05:00 77312 ----a-w- c:windowssystem32TWAIN_32.DLL

    2011-12-22 01:44 . 2008-04-14 01:12 20992 ----a-w- c:windowssystem32dshowext.ax

    2011-12-19 01:22 . 2011-12-19 01:22 22 --sha-w- c:documents and settingsOwnerApplication DataSys2662.Config.Repository.bin

    2011-12-19 01:21 . 2011-12-19 01:22 -------- d-----w- c:program filesjv16 PowerTools 2011

    2011-12-19 01:11 . 2012-01-03 20:31 -------- d-----w- c:program filesMalwarebytes' Anti-Malware

    2011-12-19 01:11 . 2011-12-10 20:24 20464 ----a-w- c:windowssystem32driversmbam.sys

    2011-12-17 15:31 . 2011-12-17 15:31 -------- d-----w- c:program filesCommon FilesHewlett-Packard

    2011-12-17 15:27 . 2004-09-29 17:08 61440 ----a-w- c:windowssystem32HPZinw12.exe

    2011-12-17 15:27 . 2004-09-29 17:15 204800 ----a-w- c:windowssystem32HPZipr12.dll

    2011-12-17 15:27 . 2004-09-29 17:14 69632 ----a-w- c:windowssystem32HPZipm12.exe

    2011-12-17 15:27 . 2004-09-29 17:09 57344 ----a-w- c:windowssystem32HPZisn12.dll

    2011-12-17 15:27 . 2004-09-29 17:09 94208 ----a-w- c:windowssystem32HPZipt12.dll

    2011-12-17 15:27 . 2004-09-29 17:12 278584 ----a-w- c:windowssystem32HPZidr12.dll

    2011-12-17 15:24 . 2005-03-18 18:32 180315 ----a-w- c:windowssystem32hpzsnt12.dll

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2011-11-23 13:25 . 2007-12-30 03:26 1859584 ----a-w- c:windowssystem32win32k.sys

    2011-11-04 19:20 . 2007-12-30 04:07 43520 ----a-w- c:windowssystem32licmgr10.dll

    2011-11-04 19:20 . 2007-12-30 04:07 1469440 ------w- c:windowssystem32inetcpl.cpl

    2011-11-04 19:20 . 2007-12-30 03:26 916992 ----a-w- c:windowssystem32wininet.dll

    2011-11-04 11:23 . 2007-12-30 10:26 385024 ----a-w- c:windowssystem32html.iec

    2011-11-01 16:07 . 2007-12-30 03:24 1288704 ----a-w- c:windowssystem32ole32.dll

    2011-10-28 05:31 . 2007-12-30 04:03 33280 ----a-w- c:windowssystem32csrsrv.dll

    2011-10-25 13:37 . 2002-08-29 08:04 2148864 -c--a-w- c:windowssystem32ntoskrnl.exe

    2011-10-25 12:52 . 2002-08-29 08:04 2027008 -c--a-w- c:windowssystem32ntkrnlpa.exe

    2011-10-18 11:13 . 2007-12-30 04:07 186880 -c--a-w- c:windowssystem32encdec.dll

    2011-10-17 18:48 . 2011-10-17 18:48 21035 ----a-w- c:windowssystem32driversAegisP.sys

    2011-10-10 14:22 . 2007-12-30 04:07 692736 -c--a-w- c:windowssystem32inetcomm.dll

    2011-03-21 01:17 . 2011-03-21 01:16 46972928 ----a-w- c:program fileszaSetup_92_105_000_en.exe

    2011-03-19 04:25 . 2011-03-19 04:24 3033192 -c--a-w- c:program filesccsetup304.exe

    2011-01-27 03:18 . 2011-01-27 03:18 629968 ----a-w- c:program filesPartyPokerNetSetup.exe

    2010-04-30 06:49 . 2010-04-30 06:49 7184528 -c--a-w- c:program filesasc-setup.exe

    2010-04-30 06:42 . 2010-04-30 06:42 16409960 ----a-w- c:program filesspybotsd162.exe

    2010-04-30 06:24 . 2010-04-30 06:24 3103640 ----a-w- c:program filesspywareblastersetup43.exe

    2010-03-14 16:29 . 2010-03-14 16:28 336 ----a-w- c:program filestemp995.bat

    2008-07-11 22:39 . 2008-07-12 02:30 262144 -c--a-w- c:program filesUninstall Spy Blocker.dll

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

    "Weather"="c:program filesAWSWeatherBugWeather.exe" [2004-11-08 1597440]

    .

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

    "ZoneAlarm"="c:program filesCheckPointZoneAlarmzatray.exe" [2011-11-10 73360]

    "AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2011-12-03 2415456]

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]

    "NoWinKeys"= 1 (0x1)

    "NoSMMyDocs"= 1 (0x1)

    "NoFavoritesMenu"= 1 (0x1)

    .

    [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]

    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2008-05-13 77824]

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon]

    2009-12-28 20:06 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL

    .

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]

    BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]

    "aawservice"=2 (0x2)

    .

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]

    "MSMSGS"="c:program filesMessengermsmsgs.exe" /background

    .

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringZoneLabsFirewall]

    "DisableMonitoring"=dword:00000001

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]

    "%windir%system32sessmgr.exe"=

    "%windir%Network Diagnosticxpnetdiag.exe"=

    .

    R0 AVGIDSEH;AVGIDSEH;c:windowssystem32driversAVGIDSEH.sys [7/11/2011 1:14 AM 23120]

    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [9/13/2011 6:30 AM 32592]

    R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [7/11/2011 1:14 AM 295248]

    S1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [10/7/2011 6:23 AM 230608]

    S1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [5/28/2008 9:33 AM 12872]

    S1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [5/28/2008 9:33 AM 67656]

    S2 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]

    S2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [8/2/2011 6:09 AM 192776]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [3/18/2010 12:16 PM 130384]

    S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:windowssystem32driversCoachCap.sys --> c:windowssystem32driversCoachCap.sys [?]

    S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [11/3/2011 9:44 AM 27016]

    S3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversAVGIDSDriver.sys [7/11/2011 1:14 AM 134608]

    S3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversAVGIDSFilter.sys [7/11/2011 1:14 AM 24272]

    S3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversAVGIDSShim.sys [10/4/2011 6:21 AM 16720]

    S3 esihdrv;esihdrv;??c:docume~1OwnerLOCALS~1Tempesihdrv.sys --> c:docume~1OwnerLOCALS~1Tempesihdrv.sys [?]

    S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [1/3/2012 3:31 PM 40776]

    S3 PCDRDRV;Pcdr Helper Driver;??c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys --> c:progra~1PC-DOC~1DIAGNO~1PCDRDRV.sys [?]

    S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [5/28/2008 9:33 AM 12872]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

    S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:program filesCheckPointZAForceFieldISWSVC.exe [11/3/2011 9:44 AM 497280]

    S4 msCMTSrvc;Content Monitoring Tool;c:windowssystem32msCMTSrvc.exe --> c:windowssystem32msCMTSrvc.exe [?]

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-01-07 c:windowsTasksUser_Feed_Synchronization-{8D041CAF-F681-4B08-9EAD-EAC2F1451AA4}.job

    - c:windowssystem32msfeedssync.exe [2009-03-08 09:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.facebook.com/login.php

    uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/

    mSearch Bar = hxxp://srch-qus7.hpwis.com/

    uInternet Connection Wizard,ShellNext = iexplore

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: Google Sidewiki... - c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

    DPF: DirectAnimation Java Classes - file://c:windowsJavaclassesdajava.cab

    DPF: Microsoft XML Parser for Java - file://c:windowsJavaclassesxmldso.cab

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-01-06 20:39

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(568)

    c:program filesSUPERAntiSpywareSASWINLO.DLL

    c:windowssystem32WININET.dll

    .

    Completion time: 2012-01-06 20:46:55

    ComboFix-quarantined-files.txt 2012-01-07 01:46

    .

    Pre-Run: 23,529,447,424 bytes free

    Post-Run: 23,910,916,096 bytes free

    .

    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

    [boot loader]

    default=multi(0)disk(0)rdisk(0)partition(2)WINDOWS

    [operating systems]

    c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

    UnsupportedDebug="do not select this" /debug

    multi(0)disk(0)rdisk(0)partition(2)WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

    .

    - - End Of File - - A14CEB6CA480622666571F2A41DFA03F


  12. Hi Jeff... I have downloaded the ComboFix.exe three times and I get the following results. First, I downloaded it to the desktop. Double clicked on the icon on desktop and it ran green print in a gray box, and then stopped. After waiting 15 minutes, I decided it was not going to show the pop-ups and accepts as described in instructions. I disabled virus and malware scans also. I have searched C: and can find nothing about a .txt file left there by combofix. My apologies for complicating your efforts to help me.

    thanks

     

    Will


  13. GMER 1.0.15.15641 - http://www.gmer.net

    Rootkit scan 2012-01-05 12:51:37

    Windows 5.1.2600 Service Pack 3 Harddisk0DR0 -> DeviceIdeIdeDeviceP0T0L0-3 SAMSUNG_SV4002H rev.QP100-07

    Running: gmer.exe; Driver: C:DOCUME~1OwnerLOCALS~1Tempaxwoqaoc.sys

     

    ---- System - GMER 1.0.15 ----

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwConnectPort [0xF3E0D2F4]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateFile [0xF3E075CA]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateKey [0xF3E2658A]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreatePort [0xF3E0DA80]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcess [0xF3E20E4E]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcessEx [0xF3E2123C]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateSection [0xF3E2A6F6]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0xF3E0DBB6]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteFile [0xF3E081E0]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteKey [0xF3E27E3C]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteValueKey [0xF3E277B2]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDuplicateObject [0xF3E1FD8A]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey [0xF3E28794]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0xF3E2899C]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenFile [0xF3E07DF2]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenProcess [0xF3E23160]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenThread [0xF3E22D8A]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRenameKey [0xF3E2972A]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwReplaceKey [0xF3E29060]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0xF3E0CEC4]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRestoreKey [0xF3E2A0FC]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0xF3E0D59C]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0xF3E085A4]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0xF3E29C6A]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetValueKey [0xF3E26F72]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSystemDebugControl [0xF3E21EA4]

    SSDT SystemRootSystem32vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwTerminateProcess [0xF3E21C20]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!ZwYieldExecution + 12E 804E4988 12 Bytes [80, DA, E0, F3, 4E, 0E, E2, ...]

    ---- User code sections - GMER 1.0.15 ----

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53C7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52F9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5364 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51CA C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E522C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E542A C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[356] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E528E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD125 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25467E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53C7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52F9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5364 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51CA C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E522C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E542A C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E528E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDBB8 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet ExplorerIEXPLORE.EXE[1076] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E572F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53C7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52F9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5364 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51CA C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E522C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E542A C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1536] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E528E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD125 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25467E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53C7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52F9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5364 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51CA C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E522C C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E542A C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E528E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDBB8 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:Program FilesInternet Exploreriexplore.exe[1572] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E572F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    Device DriverTcpip DeviceIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

    AttachedDevice DriverTcpip DeviceIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device DriverTcpip DeviceTcp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

    AttachedDevice DriverTcpip DeviceTcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device DriverTcpip DeviceUdp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

    AttachedDevice DriverTcpip DeviceUdp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device DriverTcpip DeviceRawIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

    AttachedDevice DriverTcpip DeviceRawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device DriverTcpip DeviceIPMULTICAST vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

    AttachedDevice FileSystemFastfat Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----


  14. I did all the suggested things before posting here. I deleted old files and dumped temp files. I ran SuperAntispyware, CC Cleaner, EZ Cleaner, Malware Anti-malware and pretty much anything I could find. This machine is very sluggish and I would like to see if the problem is buried somewhere within. Thanks for all your help!

     

     

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 2:38:06 AM, on 1/5/2012

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe

    C:\Program Files\AWS\WeatherBug\Weather.exe

    C:\WINDOWS\system32\HPZipm12.exe

    C:\WINDOWS\System32\snmp.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    C:\HiJack This\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/login.php

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

    O4 - HKLM\..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe

    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1

    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Documents and Settings\Owner\Desktop\PartyPoker.net.lnk

    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Documents and Settings\Owner\Desktop\PartyPoker.net.lnk

    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)

    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

    O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)

    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

    --

    End of file - 4779 bytes

     

     

    .

    DDS (Ver_2011-08-26.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702

    Run by Owner at 2:23:16 on 2012-01-05

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.164 [GMT -5:00]

    .

    AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    FW: ZoneAlarm Free Firewall *Enabled*

    .

    ============== Running Processes ===============

    .

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe

    C:\Program Files\AWS\WeatherBug\Weather.exe

    C:\WINDOWS\system32\HPZipm12.exe

    C:\WINDOWS\System32\snmp.exe

    C:\WINDOWS\System32\svchost.exe -k imgsvc

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\WINDOWS\system32\rundll32.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.facebook.com/login.php

    uSearch Page = hxxp://www.google.com

    uDefault_Page_URL = hxxp://qus7.hpwis.com/

    uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/

    uSearch Bar = hxxp://www.google.com/ie

    mSearch Bar = hxxp://srch-qus7.hpwis.com/

    uInternet Connection Wizard,ShellNext = iexplore

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    mSearchAssistant = hxxp://www.google.com/ie

    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll

    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll

    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

    TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File

    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

    uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1

    mRun: [ZoneAlarm] c:\program files\checkpoint\zonealarm\zatray.exe

    uPolicies-explorer: NoWinKeys = 1 (0x1)

    uPolicies-explorer: NoSMMyDocs = 1 (0x1)

    uPolicies-explorer: NoFavoritesMenu = 1 (0x1)

    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {F4430FE8-2638-42e5-B849-800749B94EED} - c:\documents and settings\owner\desktop\PartyPoker.net.lnk

    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll

    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

    DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

    TCP: Interfaces\{733D3642-D733-402B-95C3-B9CFE83B7BA9} : DhcpNameServer = 209.18.47.61 209.18.47.62

    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll

    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

    Notify: avgrsstarter - avgrsstx.dll

    Notify: igfxcui - igfxsrvc.dll

    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

    Hosts: 127.0.0.1 www.spywareinfo.com

    .

    ============= SERVICES / DRIVERS ===============

    .

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-17 335240]

    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-12-30 27784]

    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-17 108552]

    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-5-28 12872]

    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-28 67656]

    R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-11-9 525840]

    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]

    R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]

    S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-17 908056]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 CoachCap;Concord EyeQ Duo 2000 USB Video Capture V1.00;c:\windows\system32\drivers\coachcap.sys --> c:\windows\system32\drivers\CoachCap.sys [?]

    S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]

    S3 esihdrv;esihdrv;\??\c:\docume~1\owner\locals~1\temp\esihdrv.sys --> c:\docume~1\owner\locals~1\temp\esihdrv.sys [?]

    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-3 40776]

    S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\pc-doc~1\diagno~1\pcdrdrv.sys --> c:\progra~1\pc-doc~1\diagno~1\PCDRDRV.sys [?]

    S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-5-28 12872]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    S4 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-17 297752]

    S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]

    S4 msCMTSrvc;Content Monitoring Tool;c:\windows\system32\mscmtsrvc.exe --> c:\windows\system32\msCMTSrvc.exe [?]

    .

    =============== File Associations ===============

    .

    regfile=regedit.exe "%1" %*

    .

    =============== Created Last 30 ================

    .

    2012-01-04 02:39:47 -------- d-----w- C:\HiJack This

    2012-01-04 02:37:50 388096 ----a-r- c:\documents and settings\owner\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

    2012-01-04 02:37:49 -------- d-----w- c:\program files\Trend Micro

    2012-01-03 20:31:38 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2012-01-02 04:54:16 -------- d-----w- C:\Pictures

    2012-01-01 17:22:50 0 ----a-w- c:\documents and settings\owner\Reset_IE_Windows.reg

    2011-12-31 20:49:48 -------- d-----w- c:\documents and settings\all users\application data\BlueSprig

    2011-12-28 13:13:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2011-12-22 02:07:26 38160 ----a-w- c:\windows\system32\LMRTREND.dll

    2011-12-22 02:07:24 140800 ----a-w- c:\windows\system32\tm20dec.ax

    2011-12-22 02:07:20 182032 ----a-w- c:\windows\system32\dxtmsft3.dll

    2011-12-22 02:06:38 63488 ----a-w- c:\windows\system32\unam4ie.exe

    2011-12-22 02:06:26 5672 ----a-w- c:\windows\system32\quartz.vxd

    2011-12-22 02:06:26 11776 ----a-w- c:\windows\system32\mciqtz.drv

    2011-12-22 02:06:26 10240 ----a-w- c:\windows\system32\vidx16.dll

    2011-12-22 02:06:22 194320 ----a-w- c:\windows\system32\qcut.dll

    2011-12-22 02:06:17 4608 ----a-w- c:\windows\system32\w95inf32.dll

    2011-12-22 02:06:16 2272 ----a-w- c:\windows\system32\w95inf16.dll

    2011-12-22 02:05:47 77312 ----a-w- c:\windows\system32\TWAIN_32.DLL

    2011-12-22 01:44:15 20992 ----a-w- c:\windows\system32\dshowext.ax

    2011-12-19 01:22:16 22 --sha-w- c:\documents and settings\owner\application data\Sys2662.Config.Repository.bin

    2011-12-19 01:21:18 -------- d-----w- c:\program files\jv16 PowerTools 2011

    2011-12-19 01:11:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-12-19 01:11:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2011-12-17 15:31:39 -------- d-----w- c:\program files\common files\Hewlett-Packard

    2011-12-17 15:27:43 61440 ----a-w- c:\windows\system32\HPZinw12.exe

    2011-12-17 15:27:42 94208 ----a-w- c:\windows\system32\HPZipt12.dll

    2011-12-17 15:27:42 69632 ----a-w- c:\windows\system32\HPZipm12.exe

    2011-12-17 15:27:42 57344 ----a-w- c:\windows\system32\HPZisn12.dll

    2011-12-17 15:27:42 204800 ----a-w- c:\windows\system32\HPZipr12.dll

    2011-12-17 15:27:41 278584 ----a-w- c:\windows\system32\HPZidr12.dll

    2011-12-17 15:24:17 180315 ----a-w- c:\windows\system32\hpzsnt12.dll

    .

    ==================== Find3M ====================

    .

    2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys

    2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll

    2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll

    2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl

    2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec

    2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll

    2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll

    2011-10-25 13:37:08 2148864 -c--a-w- c:\windows\system32\ntoskrnl.exe

    2011-10-25 12:52:02 2027008 -c--a-w- c:\windows\system32\ntkrnlpa.exe

    2011-10-18 11:13:22 186880 -c--a-w- c:\windows\system32\encdec.dll

    2011-10-17 18:48:01 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys

    2011-10-10 14:22:41 692736 -c--a-w- c:\windows\system32\inetcomm.dll

    2011-06-19 15:36:04 5015880 ----a-w- c:\program files\cdbxp_setup_4.3.8.2568.exe

    2011-03-21 01:17:08 46972928 ----a-w- c:\program files\zaSetup_92_105_000_en.exe

    2011-03-19 04:25:01 3033192 -c--a-w- c:\program files\ccsetup304.exe

    2011-01-27 03:18:38 629968 ----a-w- c:\program files\PartyPokerNetSetup.exe

    2010-04-30 06:49:25 7184528 -c--a-w- c:\program files\asc-setup.exe

    2010-04-30 06:42:28 16409960 ----a-w- c:\program files\spybotsd162.exe

    2010-04-30 06:24:07 3103640 ----a-w- c:\program files\spywareblastersetup43.exe

    2010-03-14 16:29:04 336 ----a-w- c:\program files\temp995.bat

    2008-07-11 22:39:17 262144 -c--a-w- c:\program files\Uninstall Spy Blocker.dll

    .

    ============= FINISH: 2:26:04.96 ===============

     

     

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows XP Home Edition

    Boot Device: \Device\HarddiskVolume2

    Install Date: 12/29/2007 10:25:58 PM

    System Uptime: 1/4/2012 11:37:16 PM (3 hours ago)

    .

    Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-6390

    Processor: AMD Athlon XP 2200+ | Socket A | 1798/133mhz

    .

    ==== Disk Partitions =========================

    .

    A: is Removable

    C: is FIXED (NTFS) - 33 GiB total, 22.004 GiB free.

    D: is FIXED (FAT32) - 4 GiB total, 0.782 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP454: 1/2/2012 11:11:14 PM - System Checkpoint

    RP455: 1/3/2012 3:47:20 PM - Installed Microsoft Fix it 50228

    RP456: 1/3/2012 9:37:46 PM - Installed HiJackThis

    RP457: 1/4/2012 9:26:46 AM - Installed H&R Block Deluxe + Efile + State 2010.

    RP458: 1/4/2012 9:30:47 AM - Installed H&R Block North Carolina 2010.

    .

    ==== Installed Programs ======================

    .

    .

    Adobe Flash Player 11 ActiveX

    Adobe Reader 7.0

    Adobe Shockwave Player 11

    AiO_Scan

    AVG Free 8.5

    Belarc Advisor 6.1

    CCleaner

    CCScore

    CDBurnerXP

    Coloreal

    EasyCleaner

    essvatgt

    fflink

    Garmin Communicator Plugin

    Garmin POI Loader

    Garmin USB Drivers

    H&R Block Deluxe + Efile + State 2010

    H&R Block North Carolina 2010

    HiJackThis

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Windows Media Format 11 SDK (KB929399)

    Hotfix for Windows XP (KB2158563)

    Hotfix for Windows XP (KB2443685)

    Hotfix for Windows XP (KB2570791)

    Hotfix for Windows XP (KB2633952)

    Hotfix for Windows XP (KB952287)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB961118)

    Hotfix for Windows XP (KB976098-v2)

    Hotfix for Windows XP (KB979306)

    Hotfix for Windows XP (KB981793)

    HP PSC & OfficeJet 5.3.B

    Intel® Extreme Graphics Driver Software

    Java 6 Update 3

    jv16 PowerTools 2011

    kgcbaby

    kgcbase

    kgchday

    kgchlwn

    kgcinvt

    kgckids

    kgcmove

    kgcvday

    Malwarebytes Anti-Malware version 1.60.0.1800

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 4 Client Profile

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

    Microsoft User-Mode Driver Framework Feature Pack 1.0

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Mp3 Tag Tools v1.2

    MSXML 4.0 SP2 (KB936181)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    netbrdg

    NVIDIA Windows 2000/XP Display Drivers

    OfotoXMI

    PartyPoker.net

    QFolder

    Scan

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft Windows (KB2564958)

    Security Update for Step By Step Interactive Training (KB898458)

    Security Update for Step By Step Interactive Training (KB923723)

    Security Update for Windows Internet Explorer 8 (KB2183461)

    Security Update for Windows Internet Explorer 8 (KB2360131)

    Security Update for Windows Internet Explorer 8 (KB2416400)

    Security Update for Windows Internet Explorer 8 (KB2482017)

    Security Update for Windows Internet Explorer 8 (KB2497640)

    Security Update for Windows Internet Explorer 8 (KB2510531)

    Security Update for Windows Internet Explorer 8 (KB2530548)

    Security Update for Windows Internet Explorer 8 (KB2544521)

    Security Update for Windows Internet Explorer 8 (KB2559049)

    Security Update for Windows Internet Explorer 8 (KB2586448)

    Security Update for Windows Internet Explorer 8 (KB2618444)

    Security Update for Windows Internet Explorer 8 (KB971961)

    Security Update for Windows Internet Explorer 8 (KB976325)

    Security Update for Windows Internet Explorer 8 (KB978207)

    Security Update for Windows Internet Explorer 8 (KB981332)

    Security Update for Windows Internet Explorer 8 (KB982381)

    Security Update for Windows Media Player (KB2378111)

    Security Update for Windows Media Player (KB911564)

    Security Update for Windows Media Player (KB952069)

    Security Update for Windows Media Player (KB954155)

    Security Update for Windows Media Player (KB968816)

    Security Update for Windows Media Player (KB973540)

    Security Update for Windows Media Player (KB975558)

    Security Update for Windows Media Player (KB978695)

    Security Update for Windows Media Player (KB979402)

    Security Update for Windows Media Player 6.4 (KB925398)

    Security Update for Windows Media Player 9 (KB911565)

    Security Update for Windows Media Player 9 (KB936782)

    Security Update for Windows XP (KB2079403)

    Security Update for Windows XP (KB2115168)

    Security Update for Windows XP (KB2121546)

    Security Update for Windows XP (KB2160329)

    Security Update for Windows XP (KB2229593)

    Security Update for Windows XP (KB2259922)

    Security Update for Windows XP (KB2279986)

    Security Update for Windows XP (KB2286198)

    Security Update for Windows XP (KB2296011)

    Security Update for Windows XP (KB2296199)

    Security Update for Windows XP (KB2347290)

    Security Update for Windows XP (KB2360937)

    Security Update for Windows XP (KB2387149)

    Security Update for Windows XP (KB2393802)

    Security Update for Windows XP (KB2412687)

    Security Update for Windows XP (KB2419632)

    Security Update for Windows XP (KB2423089)

    Security Update for Windows XP (KB2436673)

    Security Update for Windows XP (KB2440591)

    Security Update for Windows XP (KB2443105)

    Security Update for Windows XP (KB2476490)

    Security Update for Windows XP (KB2476687)

    Security Update for Windows XP (KB2478960)

    Security Update for Windows XP (KB2478971)

    Security Update for Windows XP (KB2479628)

    Security Update for Windows XP (KB2479943)

    Security Update for Windows XP (KB2481109)

    Security Update for Windows XP (KB2483185)

    Security Update for Windows XP (KB2485376)

    Security Update for Windows XP (KB2485663)

    Security Update for Windows XP (KB2491683)

    Security Update for Windows XP (KB2503658)

    Security Update for Windows XP (KB2503665)

    Security Update for Windows XP (KB2506212)

    Security Update for Windows XP (KB2506223)

    Security Update for Windows XP (KB2507618)

    Security Update for Windows XP (KB2507938)

    Security Update for Windows XP (KB2508272)

    Security Update for Windows XP (KB2508429)

    Security Update for Windows XP (KB2509553)

    Security Update for Windows XP (KB2511455)

    Security Update for Windows XP (KB2524375)

    Security Update for Windows XP (KB2535512)

    Security Update for Windows XP (KB2536276-v2)

    Security Update for Windows XP (KB2536276)

    Security Update for Windows XP (KB2544893-v2)

    Security Update for Windows XP (KB2544893)

    Security Update for Windows XP (KB2555917)

    Security Update for Windows XP (KB2562937)

    Security Update for Windows XP (KB2566454)

    Security Update for Windows XP (KB2567053)

    Security Update for Windows XP (KB2567680)

    Security Update for Windows XP (KB2570222)

    Security Update for Windows XP (KB2570947)

    Security Update for Windows XP (KB2592799)

    Security Update for Windows XP (KB2618451)

    Security Update for Windows XP (KB2619339)

    Security Update for Windows XP (KB2620712)

    Security Update for Windows XP (KB2624667)

    Security Update for Windows XP (KB2633171)

    Security Update for Windows XP (KB2639417)

    Security Update for Windows XP (KB923561)

    Security Update for Windows XP (KB938464)

    Security Update for Windows XP (KB941569)

    Security Update for Windows XP (KB946648)

    Security Update for Windows XP (KB950759)

    Security Update for Windows XP (KB950760)

    Security Update for Windows XP (KB950762)

    Security Update for Windows XP (KB950974)

    Security Update for Windows XP (KB951066)

    Security Update for Windows XP (KB951376-v2)

    Security Update for Windows XP (KB951376)

    Security Update for Windows XP (KB951698)

    Security Update for Windows XP (KB951748)

    Security Update for Windows XP (KB952004)

    Security Update for Windows XP (KB952954)

    Security Update for Windows XP (KB953838)

    Security Update for Windows XP (KB953839)

    Security Update for Windows XP (KB954211)

    Security Update for Windows XP (KB954459)

    Security Update for Windows XP (KB954600)

    Security Update for Windows XP (KB955069)

    Security Update for Windows XP (KB956390)

    Security Update for Windows XP (KB956391)

    Security Update for Windows XP (KB956572)

    Security Update for Windows XP (KB956744)

    Security Update for Windows XP (KB956802)

    Security Update for Windows XP (KB956803)

    Security Update for Windows XP (KB956841)

    Security Update for Windows XP (KB956844)

    Security Update for Windows XP (KB957095)

    Security Update for Windows XP (KB957097)

    Security Update for Windows XP (KB958215)

    Security Update for Windows XP (KB958644)

    Security Update for Windows XP (KB958687)

    Security Update for Windows XP (KB958690)

    Security Update for Windows XP (KB958869)

    Security Update for Windows XP (KB959426)

    Security Update for Windows XP (KB960225)

    Security Update for Windows XP (KB960714)

    Security Update for Windows XP (KB960715)

    Security Update for Windows XP (KB960803)

    Security Update for Windows XP (KB960859)

    Security Update for Windows XP (KB961371)

    Security Update for Windows XP (KB961373)

    Security Update for Windows XP (KB961501)

    Security Update for Windows XP (KB963027)

    Security Update for Windows XP (KB968537)

    Security Update for Windows XP (KB969059)

    Security Update for Windows XP (KB969897)

    Security Update for Windows XP (KB969947)

    Security Update for Windows XP (KB970238)

    Security Update for Windows XP (KB970430)

    Security Update for Windows XP (KB971468)

    Security Update for Windows XP (KB971486)

    Security Update for Windows XP (KB971557)

    Security Update for Windows XP (KB971633)

    Security Update for Windows XP (KB971657)

    Security Update for Windows XP (KB971961)

    Security Update for Windows XP (KB972270)

    Security Update for Windows XP (KB973346)

    Security Update for Windows XP (KB973354)

    Security Update for Windows XP (KB973507)

    Security Update for Windows XP (KB973525)

    Security Update for Windows XP (KB973869)

    Security Update for Windows XP (KB973904)

    Security Update for Windows XP (KB974112)

    Security Update for Windows XP (KB974318)

    Security Update for Windows XP (KB974392)

    Security Update for Windows XP (KB974571)

    Security Update for Windows XP (KB975467)

    Security Update for Windows XP (KB975560)

    Security Update for Windows XP (KB975561)

    Security Update for Windows XP (KB975562)

    Security Update for Windows XP (KB975713)

    Security Update for Windows XP (KB976325)

    Security Update for Windows XP (KB977165-v2)

    Security Update for Windows XP (KB977816)

    Security Update for Windows XP (KB977914)

    Security Update for Windows XP (KB978037)

    Security Update for Windows XP (KB978251)

    Security Update for Windows XP (KB978262)

    Security Update for Windows XP (KB978338)

    Security Update for Windows XP (KB978542)

    Security Update for Windows XP (KB978601)

    Security Update for Windows XP (KB978706)

    Security Update for Windows XP (KB979309)

    Security Update for Windows XP (KB979482)

    Security Update for Windows XP (KB979559)

    Security Update for Windows XP (KB979683)

    Security Update for Windows XP (KB979687)

    Security Update for Windows XP (KB980195)

    Security Update for Windows XP (KB980218)

    Security Update for Windows XP (KB980232)

    Security Update for Windows XP (KB980436)

    Security Update for Windows XP (KB981322)

    Security Update for Windows XP (KB981852)

    Security Update for Windows XP (KB981957)

    Security Update for Windows XP (KB981997)

    Security Update for Windows XP (KB982132)

    Security Update for Windows XP (KB982214)

    Security Update for Windows XP (KB982665)

    Security Update for Windows XP (KB982802)

    SFR

    SHASTA

    skin0001

    SKINXSDK

    Spybot - Search & Destroy 1.5.2.20

    SpywareBlaster 4.5

    staticcr

    SUPERAntiSpyware Free Edition

    tooltips

    Unity Web Player

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Windows Internet Explorer 8 (KB976662)

    Update for Windows Internet Explorer 8 (KB978506)

    Update for Windows Internet Explorer 8 (KB980182)

    Update for Windows XP (KB2141007)

    Update for Windows XP (KB2345886)

    Update for Windows XP (KB2467659)

    Update for Windows XP (KB2541763)

    Update for Windows XP (KB2616676-v2)

    Update for Windows XP (KB2641690)

    Update for Windows XP (KB951072-v2)

    Update for Windows XP (KB951978)

    Update for Windows XP (KB955759)

    Update for Windows XP (KB955839)

    Update for Windows XP (KB967715)

    Update for Windows XP (KB968389)

    Update for Windows XP (KB971029)

    Update for Windows XP (KB971737)

    Update for Windows XP (KB973687)

    Update for Windows XP (KB973815)

    Update for Windows XP (KB978207)

    VC 9.0 Runtime

    VIA Rhine-Family Fast Ethernet Adapter

    VPRINTOL

    WD Diagnostics

    WeatherBug

    WebFldrs XP

    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Internet Explorer 8

    Windows Media Format 11 runtime

    Windows XP Service Pack 3

    WinPatrol 2008

    WIRELESS

    ZoneAlarm Firewall

    ZoneAlarm Free

    ZoneAlarm Security

    ZoneAlarm Toolbar

    .

    ==== Event Viewer Messages From Past Week ========

    .

    12/31/2011 6:12:05 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

    12/30/2011 8:59:04 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

    12/30/2011 8:59:00 PM, error: Service Control Manager [7024] - The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).

    12/30/2011 8:59:00 PM, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    12/30/2011 8:59:00 PM, error: Service Control Manager [7001] - The Remote Access Auto Connection Manager service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    12/30/2011 8:59:00 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    12/30/2011 8:59:00 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    12/30/2011 8:59:00 PM, error: Service Control Manager [7000] - The Concord EyeQ Duo 2000 USB Video Capture V1.00 service failed to start due to the following error: The system cannot find the file specified.

    12/30/2011 8:58:45 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

    1/4/2012 8:27:58 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.

    1/1/2012 2:32:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: agp440 nv_agp

    1/1/2012 2:32:20 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

    .

    ==== End Of File ===========================


  15. I know these are obvious things but have you....

     

    Cleared cookies and temp Internet files

     

    Deleted any links you may have used to get to the site in question from your faves/bookmarks

     

     

    Yeah Keith Did all that also. Nothing. thank you for the suggestion


  16. Go to Internet Option (Tools -> Internet Options)

    Click the Advanced tab

    Uncheck Check for Server's Certificate Revocation (requires restart), it is under Security

    Now try visiting the site

     

     

    Thanks, INeed..and to you all. I just checked that box and it WAS unchecked. I will let it go as being a problem on Nextels end. Thanks again to you all.


  17. Yeah INeed...I tried, both at work, and at home.

     

    Add the following line at the bottom of the file, after the line: 127.0.0.1 localhost

     

    XXX.XXX.XXX.XXX yourdomain.com

     

    Obviously replacing XXX.XXX.XXX.XXX and yourdomain.com with your own IP Address and Domain Name, or that of whatever website you frequently need to go to.

     

    Bear...the above came from the text about adding a host file. How might I find out the IP address for Nextel? If I am reading that correctly, I would need to add their IP adress and domain name to bypass whatever may be blocking me?

     

    Guy, I just reset all settings back to default, as you suggested. Same thing. Access denied. I still think it is something on Nextels site. :pullhair:


  18. have you tried to just disable zone alarm and use another firewall or antivirus

     

    Yeah, MMe gtried all that. BTW.....I changed the password while online with Nextel. :P

     

    Have you tried adding it to your trusted sites ? may help.

     

    Yeah Guy...tried that also. nothing

     

    Maybe ZA is protecting you & your PC.

    disable ZA first by right clicking it, then select shutdown zone alarm

     

    Yup Law and INeed Totally shut ZA down. no affect

     

    try adding the url with the ip umber to your host file

    Yeah, Bear I coped the URL directlyinto Trusted Zone. No difference

     

    I still think it is something on Nextels Site and they dont know how to correct it without acknowledging the fact thst it is wrong. Its easier for them to shove me off into another direction......ie The PIT for help. :angry:

     

     

    I am still trying to find what is wrong, if anything, On my system. I thank each and all of you for your suggestions.

×
×
  • Create New...