Jump to content

seasun21

Members
  • Content Count

    8
  • Joined

  • Last visited

Everything posted by seasun21

  1. aswMBR Log aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-08-18 15:49:57 ----------------------------- 15:49:57.453 OS Version: Windows 5.1.2600 Service Pack 3 15:49:57.453 Number of processors: 1 586 0xD08 15:49:57.453 ComputerName: SYLVIA UserName: 15:49:58.265 Initialize success 16:05:21.921 AVAST engine defs: 13081801 17:50:37.609 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIdeDeviceP0T0L0-3 17:50:37.625 Disk 0 Vendor: FUJITSU_MHV2040AH 00000096 Size: 38154MB BusType: 3 17:50:37.859 Disk 0 MBR read successfully 17:50:37.875 Disk 0 MBR scan 17:50:37.937 Disk 0 Windows XP default MBR code 17:50:37.953 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63 17:50:37.968 Disk 0 scanning sectors +78140160 17:50:38.046 Disk 0 scanning C:WINDOWSsystem32drivers 17:50:48.671 Service scanning 17:51:16.859 Modules scanning 17:51:23.312 Disk 0 trace - called modules: 17:51:23.375 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 17:51:23.390 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0x8a7cc2c0] 17:51:23.406 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> DeviceIdeIdeDeviceP0T0L0-3[0x8a7e7d98] 17:51:23.968 AVAST engine scan C:WINDOWS 17:51:28.812 AVAST engine scan C:WINDOWSsystem32 17:53:57.984 AVAST engine scan C:WINDOWSsystem32drivers 17:54:15.078 AVAST engine scan C:Documents and SettingsAdministrator.SYLVIA 17:55:08.953 AVAST engine scan C:Documents and SettingsAll Users 17:56:22.234 Scan finished successfully 19:11:09.687 Disk 0 MBR has been saved successfully to "C:Documents and SettingsAdministrator.SYLVIADesktopMBR.dat" 19:11:09.703 The log file has been saved successfully to "C:Documents and SettingsAdministrator.SYLVIADesktopaswMBR.txt"
  2. OTL Extras.Txt log: OTL Extras logfile created on: 8/18/2013 1:59:15 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:Documents and SettingsAdministrator.SYLVIADesktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 83.12% Memory free 3.33 Gb Paging File | 3.19 Gb Available in Paging File | 95.61% Paging File free Paging file location(s): C:pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 37.26 Gb Total Space | 4.33 Gb Free Space | 11.63% Space Free | Partition Type: NTFS Computer Name: SYLVIA | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:Program FilesOperaOpera.exe (Opera Software) [HKEY_CURRENT_USERSOFTWAREClasses<extension>] .html [@ = FirefoxHTML] -- C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:Program FilesOperaOpera.exe" "%1" (Opera Software) https [open] -- "C:Program FilesOperaOpera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:Program FilesVideoLANVLCvlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:Program FilesVideoLANVLCvlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSr] "Start" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileGloballyOpenPortsList] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "67:UDP" = 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList] "%windir%Network Diagnosticxpnetdiag.exe" = %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%system32sessmgr.exe" = %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList] "%windir%Network Diagnosticxpnetdiag.exe" = %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%system32sessmgr.exe" = %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe" = C:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:Program FilesiTunesiTunes.exe" = C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:Program FilesOperaopera.exe" = C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{25D24E84-64A9-40D2-85CF-540B1C4A6D52}" = Broadcom ASF Management Applications "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS) "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{334799B1-527F-475B-AF19-658124E2BE24}" = ZoneAlarm Security "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL) "{391A94D9-20EC-44FF-9E20-3F3166FF68E4}" = TouchCopy 12 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR) "{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS) "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR) "{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Advanced Control Suite 2 "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller "{82CE6B7B-9665-4E29-8CE0-DD993484B38D}" = Intel® PROSet/Wireless WiFi Software "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK) "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile "{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN) "{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A2F3559-6776-4F67-B46E-5F973B901234}" = ZoneAlarm Antivirus "{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio "{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT) "{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY) "{AD799836-6B74-419B-A869-C326CA86ECCF}" = ZoneAlarm Firewall "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN) "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN) "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.2 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN) "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{EFE3D683-903C-4B58-AB8F-C68C69F33758}" = System Requirements Lab for Intel "{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AI RoboForm" = AI RoboForm (All Users) "CCleaner" = CCleaner "CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem "Foxit Reader_is1" = Foxit Reader "Freemake Video Downloader_is1" = Freemake Video Downloader "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{25D24E84-64A9-40D2-85CF-540B1C4A6D52}" = Broadcom ASF Management Applications "InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Advanced Control Suite 2 "Jarte_is1" = Jarte 4.3 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NIS" = Norton Internet Security "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Opera 12.15.1748" = Opera 12.15 "ProInst" = Intel PROSet Wireless "VLC media player" = VLC media player 2.0.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "winusb0100" = Microsoft WinUsb 1.0 "Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.83 "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 5/29/2013 11:33:02 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100 Description = Error - 5/29/2013 11:33:02 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100 Description = Error - 5/29/2013 11:33:02 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100 Description = Error - 5/29/2013 11:33:19 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100 Description = Error - 5/29/2013 11:33:19 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100 Description = Error - 5/29/2013 11:33:19 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100 Description = Error - 6/9/2013 7:54:34 PM | Computer Name = SYLVIA | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved Error - 6/17/2013 11:46:43 PM | Computer Name = SYLVIA | Source = crypt32 | ID = 131075 Description = Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: This operation returned because the timeout period expired. Error - 6/22/2013 10:43:40 PM | Computer Name = SYLVIA | Source = Userenv | ID = 1512 Description = Windows cannot unload your registry file. The memory used by the registry has not been freed. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. If this problem persists, contact your administrator. DETAIL - A required privilege is not held by the client. Error - 6/26/2013 10:03:36 PM | Computer Name = SYLVIA | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established [ System Events ] Error - 8/16/2013 12:40:03 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000 Description = The Zune Bus Enumerator Driver service failed to start due to the following error: %%2 Error - 8/16/2013 1:10:59 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034 Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s). Error - 8/16/2013 8:49:35 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000 Description = The avgntflt service failed to start due to the following error: %%2 Error - 8/16/2013 8:49:35 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000 Description = The Zune Bus Enumerator Driver service failed to start due to the following error: %%2 Error - 8/16/2013 8:50:09 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034 Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s). Error - 8/16/2013 8:57:11 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034 Description = The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). Error - 8/18/2013 12:42:31 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000 Description = The avgntflt service failed to start due to the following error: %%2 Error - 8/18/2013 12:42:31 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000 Description = The Zune Bus Enumerator Driver service failed to start due to the following error: %%2 Error - 8/18/2013 12:43:34 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034 Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s). Error - 8/18/2013 1:20:51 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccSet_NIS eeCtrl Fips intelppm SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI < End of report >
  3. Hello Caintry_boy, Thanks for your help. I am starting a new thread in this forum as you first indicated. I no longer have the logs from Spybot and MBAM. Here is the log from OTL.txt OTL logfile created on: 8/18/2013 1:59:15 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:Documents and SettingsAdministrator.SYLVIADesktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 83.12% Memory free 3.33 Gb Paging File | 3.19 Gb Available in Paging File | 95.61% Paging File free Paging file location(s): C:pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 37.26 Gb Total Space | 4.33 Gb Free Space | 11.63% Space Free | Partition Type: NTFS Computer Name: SYLVIA | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/08/18 13:55:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsAdministrator.SYLVIADesktopOTL.exe PRC - [2012/08/13 10:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:Program FilesOpenOffice.org 3programsoffice.exe PRC - [2012/08/13 10:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:Program FilesOpenOffice.org 3programsoffice.bin PRC - [2012/08/13 10:57:02 | 000,103,936 | ---- | M] (OpenOffice.org) -- C:Program FilesOpenOffice.org 3programswriter.exe PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:WINDOWSexplorer.exe ========== Modules (No Company Name) ========== MOD - [2012/08/31 17:26:53 | 000,985,088 | ---- | M] () -- C:Program FilesOpenOffice.org 3programlibxml2.dll MOD - [2012/08/31 17:26:53 | 000,170,496 | ---- | M] () -- C:Program FilesOpenOffice.org 3programlibxslt.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%System32hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%System32appmgmts.dll -- (AppMgmt) SRV - [2013/08/16 16:34:58 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:WINDOWSsystem32MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/10 04:48:06 | 000,101,888 | ---- | M] (Freemake) [Disabled | Stopped] -- C:Documents and SettingsAll UsersApplication DataFreemakeFreemakeUtilsServiceFreemakeUtilsService.exe -- (Freemake Improver) SRV - [2013/05/21 12:53:47 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:Program FilesNorton Internet SecurityEngine20.4.0.40ccSvcHst.exe -- (NIS) SRV - [2013/04/01 16:35:36 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:Program FilesSUPERAntiSpywareSASCORE.EXE -- (!SASCORE) SRV - [2010/08/13 09:13:32 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:Program FilesNOSbingetPlus_Helper_3004.dll -- (nosGetPlusHelper) SRV - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:Program FilesIntelWiFibinEvtEng.exe -- (EvtEng) SRV - [2009/11/03 15:45:52 | 000,348,160 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:Program FilesIntelWiFibinWLKEEPER.exe -- (WLANKEEPER) SRV - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:Program FilesIntelWiFibinS24EvMon.exe -- (S24EventMonitor) SRV - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe -- (RegSrvc) SRV - [2004/04/01 19:05:48 | 000,077,824 | ---- | M] (Broadcom Corp.) [Disabled | Stopped] -- C:WINDOWSsystem32BAsfIpM.exe -- (BAsfIpM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32Driverswdf01000.sys -- (Wdf01000) DRV - File not found [Kernel | On_Demand | Stopped] -- System32Driversusbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | On_Demand | Stopped] -- system32driversUIUSys.sys -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32DRIVERSewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32DRIVERSewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [File_System | Auto | Stopped] -- system32DRIVERSavgntflt.sys -- (avgntflt) DRV - [2013/06/17 22:00:00 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSYMEVENT.SYS -- (SymEvent) DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsBASHDefs20130715.001BHDrvx86.sys -- (BHDrvx86) DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:WINDOWSsystem32driversNIS1404000.028symefa.sys -- (SymEFA) DRV - [2013/05/22 11:34:34 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsVirusDefs20130817.006NAVEX15.SYS -- (NAVEX15) DRV - [2013/05/22 11:34:34 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsVirusDefs20130817.006NAVENG.SYS -- (NAVENG) DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:WINDOWSsystem32driversNIS1404000.028symds.sys -- (SymDS) DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028srtsp.sys -- (SRTSP) DRV - [2013/04/24 20:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028symtdi.sys -- (SYMTDI) DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028ccsetx86.sys -- (ccSet_NIS) DRV - [2013/04/01 16:35:21 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS -- (SASKUTIL) DRV - [2013/04/01 16:35:20 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS -- (SASDIFSV) DRV - [2013/03/04 21:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028ironx86.sys -- (SymIRON) DRV - [2013/03/04 21:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028srtspx.sys -- (SRTSPX) DRV - [2013/03/01 19:28:20 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsIPSDefs20130813.001IDSXpx86.sys -- (IDSxpx86) DRV - [2013/03/01 02:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys -- (eeCtrl) DRV - [2013/03/01 02:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:Program FilesSystemRequirementsLabcpudrv.sys -- (cpudrv) DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:WINDOWSsystem32driversSmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010/02/19 16:08:51 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:Program FilesSUPERAntiSpywareSASENUM.SYS -- (SASENUM) DRV - [2009/11/11 04:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversw29n51.sys -- (w29n51) DRV - [2008/08/13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:WINDOWSsystem32driverss24trans.sys -- (s24trans) DRV - [2008/05/06 02:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:WINDOWSsystem32driversASPI32.SYS -- (Aspi32) DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driverswinusb.sys -- (WinUSB) DRV - [2006/05/10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversb57xp32.sys -- (b57w2k) DRV - [2006/03/29 09:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driverspfc.sys -- (pfc) DRV - [2005/09/28 21:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversApfiltr.sys -- (ApfiltrService) DRV - [2005/05/03 16:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversHSF_DPV.SYS -- (HSF_DPV) DRV - [2005/05/03 16:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversHSFHWICH.sys -- (HSFHWICH) DRV - [2005/05/03 16:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversHSF_CNXT.sys -- (winachsf) DRV - [2005/03/10 17:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSTAC97.sys -- (STAC97) DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversafc.sys -- (Afc) DRV - [2005/01/27 19:10:44 | 000,015,680 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversbtpmw32.sys -- (BCMTPM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = IE - HKLM..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - [email protected]/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF32_11_8_800_94.dll () FF - [email protected]/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.) FF - [email protected]/iTunes,version=: File not found FF - [email protected]/iTunes,version=1.0: C:Program FilesiTunesMozilla Pluginsnpitunes.dll () FF - [email protected]/FFApi: File not found FF - [email protected]/Foxit Reader Plugin,version=1.0,application/pdf: C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll (Foxit Corporation) FF - [email protected]/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll (Foxit Corporation) FF - [email protected]/WPF,version=3.5: c:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation) FF - [email protected]/getPlus+®,version=1.6.2.90: C:Program FilesNOSbinnp_gp.dll (NOS Microsystems Ltd.) FF - [email protected]/nprphtml5videoshim;version=1.0.0.0: C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.) FF - [email protected]/vlc,version=2.0.7: C:Program FilesVideoLANVLCnpvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{3112ca9c-de6d-4884-a869-9855de68056c}: C:Documents and SettingsAll UsersApplication DataGoogleToolbar for Firefox{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/14 18:55:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{22119944-ED35-4ab1-910B-E619EA06A115}: C:Program FilesSiber SystemsAI RoboFormFirefox [2010/03/02 13:43:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22coFFPlgn [2013/08/18 12:44:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22IPSFFPlgn [2013/03/02 17:03:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 21.0extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2013/05/29 21:36:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 21.0extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2013/05/31 21:18:05 | 000,000,000 | ---D | M] [2013/08/11 14:17:04 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMozillaExtensions [2013/08/13 21:45:46 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions [2013/05/21 12:53:50 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxbrowserextensions [2013/05/21 12:53:50 | 000,000,000 | ---D | M] (Default) -- C:Program FilesMozilla Firefoxbrowserextensions{972ce4c6-7e08-4474-a285-3208198ce6fd} [2010/06/20 16:01:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Filesmozilla firefoxpluginsnpdeployJava1.dll O1 HOSTS File: ([2002/09/03 12:34:19 | 000,000,734 | ---- | M]) - C:WINDOWSsystem32driversetchosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesNorton Internet SecurityEngine20.4.0.40coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program FilesNorton Internet SecurityEngine20.4.0.40ipsipsbho.dll (Symantec Corporation) O3 - HKLM..Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - No CLSID value found. O3 - HKLM..Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesNorton Internet SecurityEngine20.4.0.40coieplg.dll (Symantec Corporation) O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found. O4 - Startup: C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartupOpenOffice.org 3.4.1.lnk = C:Program FilesOpenOffice.org 3programquickstart.exe () O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerInfodelivery present O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html () O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility) O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam) O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{8CD372E7-3897-4701-8B7C-6DF8B8EF4E4C}: DhcpNameServer = 192.168.1.1 O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:WINDOWSexplorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) - C:WINDOWSsystem32userinit.exe (Microsoft Corporation) O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/02/02 14:44:25 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (ጘ타Ð桐×椡×갬) O34 - HKLM BootExecute: ("Ü椱×") O34 - HKLM BootExecute: (ER) O34 - HKLM BootExecute: ("댰Պޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒal SettingsTemporary Internet FilesContent.IE5") O34 - HKLM BootExecute: (>) O34 - HKLM BootExecute: ("댰ՊҰ") O34 - HKLM BootExecute: ® O34 - HKLM BootExecute: (http://download.iolo.net/sm/11/std/en/iolo/app_update/SystemMechanic_11.7.1.31.exe) O34 - HKLM BootExecute: (nts.) O34 - HKLM BootExecute: (댰Պ痰θ蠨θ폈θθ笘θ쟀θ韸θθꋸθ겘θ그θꘐθθ꧘θ퀀θθ) O34 - HKLM BootExecute: (start.) O34 - HKLM BootExecute: (.) O34 - HKLM BootExecute: (l) O35 - HKLM..comfile [open] -- "%1" %* O35 - HKLM..exefile [open] -- "%1" %* O37 - HKLM...com [@ = comfile] -- "%1" %* O37 - HKLM...exe [@ = exefile] -- "%1" %* O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%System32appmgmts.dll File not found NetSvcs: HidServ - %SystemRoot%System32hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2013/08/18 13:55:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsAdministrator.SYLVIADesktopOTL.exe [2013/08/18 13:33:53 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataJarte [2013/08/14 20:09:30 | 000,000,000 | ---D | C] -- C:Program FilesWise [2013/08/14 16:11:49 | 017,018,248 | ---- | C] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerInstaller.exe [2013/08/14 15:34:36 | 000,000,000 | -H-D | C] -- C:WINDOWSPIF [2013/08/13 21:02:35 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataSpybot - Search & Destroy [2013/08/13 21:01:23 | 000,000,000 | ---D | C] -- C:Program FilesSpybot - Search & Destroy 2 [2013/08/13 20:53:40 | 000,000,000 | RH-D | C] -- C:Documents and SettingsAdministrator.SYLVIARecent [2013/08/13 20:52:10 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsCC-registry-backup [2013/08/12 19:41:17 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataWise Registry Cleaner [2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsMy Videos [2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsMy Pictures [2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsMy Music [2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsAdministrative Tools [2013/08/12 16:36:46 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataVS Revo Group [2013/08/12 16:27:22 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataVS Revo Group [2013/08/12 13:53:45 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication Dataiolo [2013/08/11 14:49:34 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsDownloads [2013/08/11 14:23:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMacromedia [2013/08/11 14:23:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataAdobe [2013/08/11 14:16:43 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataMozilla [2013/08/11 14:16:43 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMozilla [2013/08/11 13:58:32 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataOpera [2013/08/11 13:58:32 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpera [2013/08/11 13:53:40 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpenOffice.org [2013/08/11 13:29:28 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMalwarebytes [2013/08/11 13:17:20 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsMalwarebytes' Anti-Malware [2013/08/11 13:17:17 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys [2013/08/11 13:17:17 | 000,000,000 | ---D | C] -- C:Program FilesMalwarebytes' Anti-Malware [2013/08/11 12:26:29 | 000,000,000 | RH-D | C] -- C:Documents and SettingsAdministrator.SYLVIASendTo [2013/08/11 12:26:29 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartup [2013/08/11 12:26:29 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart Menu [2013/08/11 12:26:29 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsAccessories [2013/08/11 12:26:29 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIAPrintHood [2013/08/11 12:26:29 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIANetHood [2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy Documents [2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataIntel [2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAFavorites [2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIADesktop [2013/08/11 12:24:10 | 000,000,000 | -HSD | C] -- C:Documents and SettingsAdministrator.SYLVIAIETldCache [2013/08/11 12:22:45 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataMicrosoft [2013/08/11 12:22:41 | 000,000,000 | --SD | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMicrosoft [2013/08/11 12:22:41 | 000,000,000 | RH-D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication Data [2013/08/11 12:22:41 | 000,000,000 | -HSD | C] -- C:Documents and SettingsAdministrator.SYLVIACookies [2013/08/11 12:22:39 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal Settings [2013/08/11 12:22:38 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIATemplates [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32sv-SE [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32nb-NO [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ms-MY [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32hu-HU [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32fi-FI [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32el-GR [2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32da-DK [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32zh-TW [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32zh-CN [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ru-RU [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32pl-PL [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ko-KR [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ja-JP [2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32cs-CZ [2013/08/08 21:57:34 | 000,000,000 | ---D | C] -- C:Program FilesZune [2011/04/20 18:28:47 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:Program Filesmspaint.exe ========== Files - Modified Within 30 Days ========== [2013/08/18 13:55:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsAdministrator.SYLVIADesktopOTL.exe [2013/08/18 13:36:12 | 000,001,366 | ---- | M] () -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsOLD TIMER.rtf [2013/08/18 13:19:08 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat [2013/08/18 13:09:32 | 000,000,830 | ---- | M] () -- C:WINDOWStasksAdobe Flash Player Updater.job [2013/08/18 13:08:32 | 000,001,324 | ---- | M] () -- C:WINDOWSSystem32d3d9caps.dat [2013/08/18 12:42:22 | 000,000,282 | ---- | M] () -- C:WINDOWStasksSmartDefrag_Startup.job [2013/08/18 12:42:22 | 000,000,280 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-776561741-1078145449-682003330-1004.job [2013/08/18 12:42:22 | 000,000,272 | ---- | M] () -- C:WINDOWStasksASC4_PerformanceMonitor.job [2013/08/18 12:42:15 | 000,002,206 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl [2013/08/16 16:34:58 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerApp.exe [2013/08/16 16:34:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl [2013/08/15 21:20:45 | 000,002,946 | ---- | M] () -- C:WINDOWSwininit.ini [2013/08/14 20:09:31 | 000,000,880 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopWise Registry Cleaner.lnk [2013/08/14 19:40:17 | 000,000,682 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopCCleaner.lnk [2013/08/14 19:31:52 | 000,074,703 | ---- | M] () -- C:WINDOWSSystem32mfc45.dat [2013/08/14 16:11:54 | 017,018,248 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerInstaller.exe [2013/08/11 13:54:28 | 000,000,864 | ---- | M] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartupOpenOffice.org 3.4.1.lnk [2013/08/11 13:17:24 | 000,000,784 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk [2013/08/11 11:55:29 | 000,000,386 | ---- | M] () -- C:WINDOWSSystem32ioloBootDefrag.cfg [2013/07/29 08:00:00 | 000,000,284 | ---- | M] () -- C:WINDOWStasksAppleSoftwareUpdate.job [2013/07/27 23:23:25 | 000,002,524 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopAmazon Cloud Player.lnk [2013/07/27 01:32:00 | 000,000,288 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-776561741-1078145449-682003330-1004.job ========== Files Created - No Company Name ========== [2013/08/18 13:36:12 | 000,001,366 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsOLD TIMER.rtf [2013/08/13 21:45:45 | 000,002,946 | ---- | C] () -- C:WINDOWSwininit.ini [2013/08/12 19:41:08 | 000,000,880 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopWise Registry Cleaner.lnk [2013/08/11 13:54:27 | 000,000,864 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartupOpenOffice.org 3.4.1.lnk [2013/08/11 13:17:23 | 000,000,784 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk [2013/08/11 12:22:42 | 000,001,599 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsRemote Assistance.lnk [2013/08/11 12:22:42 | 000,000,792 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsWindows Media Player.lnk [2013/07/27 23:23:25 | 000,002,524 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopAmazon Cloud Player.lnk [2013/06/14 00:09:01 | 000,001,324 | ---- | C] () -- C:WINDOWSSystem32d3d9caps.dat [2012/08/11 19:46:00 | 000,003,072 | ---- | C] () -- C:WINDOWSSystem32iacenc.dll [2012/08/09 01:42:36 | 000,074,703 | ---- | C] () -- C:WINDOWSSystem32mfc45.dat [2011/02/18 01:26:51 | 001,753,014 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication DataWPFFontCache_v0400-S-1-5-21-776561741-1078145449-682003330-1004-0.dat [2011/02/07 23:31:16 | 000,313,798 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication DataWPFFontCache_v0400-System.dat [2010/10/14 17:51:02 | 000,001,940 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication Data{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/03/31 21:40:24 | 000,000,088 | RHS- | C] () -- C:Documents and SettingsAll UsersApplication DataBB9CC2F1A8.sys [2010/03/31 21:40:23 | 000,002,828 | -HS- | C] () -- C:Documents and SettingsAll UsersApplication DataKGyGaAvL.sys ========== ZeroAccess Check ========== [2010/02/02 19:49:04 | 000,000,227 | RHS- | M] () -- C:WINDOWSassemblyDesktop.ini [HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] [HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32] [HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] "" = %SystemRoot%System32shdocvw.dll -- [2011/02/17 09:51:57 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32] "" = C:WINDOWSSystem32wbemfastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32] "" = C:WINDOWSSystem32wbemwbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013/08/12 14:49:31 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication Dataiolo [2013/08/18 13:59:04 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataJarte [2013/08/11 13:53:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpenOffice.org [2013/08/11 13:58:32 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpera [2013/08/12 19:43:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataWise Registry Cleaner [2013/05/29 21:21:38 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data188F1432-103A-4ffb-80F1-36B633C5C9E1 [2010/09/06 13:32:11 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Dataagi [2011/04/14 14:38:42 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataAVAST Software [2011/07/29 01:25:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataCheckPoint [2013/01/12 20:35:57 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataCloud Software LTD [2013/05/06 16:01:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Dataconytinuetuossave [2012/12/31 14:40:49 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataFreemake [2011/07/05 21:18:06 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataGoodSync [2013/07/16 00:52:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataHitmanPro [2013/05/04 18:08:42 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataInstallMate [2013/06/19 21:04:21 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataIObit [2011/12/19 21:02:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataLinksys [2013/08/14 00:15:44 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop [2013/08/12 16:38:16 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataRazer [2010/03/02 13:43:12 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataRoboForm [2010/11/10 22:55:55 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataScanSoft [2010/12/31 11:04:18 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataSpeedBit [2010/09/03 21:44:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTEMP [2013/08/12 16:27:22 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataVS Revo Group [2010/03/15 17:14:20 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataWhite Sky, Inc [2012/12/06 19:22:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataWindSolutions [2010/04/03 13:41:19 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataWinZip [2010/11/09 13:49:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/06/20 14:25:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data~0 ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%*.exe > < MD5 for: AGP440.SYS > [2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSDriver Cachei386sp3.cab:AGP440.sys [2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSServicePackFilesi386sp3.cab:AGP440.sys [2008/04/14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:WINDOWSServicePackFilesi386agp440.sys [2008/04/14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:WINDOWSsystem32driversagp440.sys < MD5 for: ATAPI.SYS > [2002/09/03 13:04:09 | 010,158,890 | ---- | M] () .cab file -- C:WINDOWSDriver Cachei386sp1.cab:atapi.sys [2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSDriver Cachei386sp3.cab:atapi.sys [2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSServicePackFilesi386sp3.cab:atapi.sys [2002/09/03 12:27:33 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:WINDOWS$NtServicePackUninstall$atapi.sys [2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSServicePackFilesi386atapi.sys [2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSsystem32dllcacheatapi.sys [2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSsystem32driversatapi.sys [2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSsystem32ReinstallBackups0007DriverFilesi386atapi.sys < MD5 for: EVENTLOG.DLL > [2008/04/14 06:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:WINDOWSServicePackFilesi386eventlog.dll [2008/04/14 06:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:WINDOWSsystem32eventlog.dll [2002/09/03 12:32:41 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:WINDOWS$NtServicePackUninstall$eventlog.dll < MD5 for: NETLOGON.DLL > [2008/04/14 06:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:WINDOWSServicePackFilesi386netlogon.dll [2008/04/14 06:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:WINDOWSsystem32netlogon.dll [2002/09/03 12:48:22 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:WINDOWS$NtServicePackUninstall$netlogon.dll < MD5 for: SCECLI.DLL > [2002/09/03 12:58:25 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:WINDOWS$NtServicePackUninstall$scecli.dll [2008/04/14 06:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:WINDOWSServicePackFilesi386scecli.dll [2008/04/14 06:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:WINDOWSsystem32scecli.dll < %systemroot%*. /mp /s > < %systemroot%system32*.dll /lockedfiles > < %systemroot%Tasks*.job /lockedfiles > < %systemroot%system32drivers*.sys /lockedfiles > < %systemroot%System32config*.sav > [2010/02/02 09:30:19 | 000,094,208 | ---- | M] () -- C:WINDOWSSystem32configdefault.sav [2010/02/02 09:30:19 | 000,602,112 | ---- | M] () -- C:WINDOWSSystem32configsoftware.sav [2010/02/02 09:30:18 | 000,409,600 | ---- | M] () -- C:WINDOWSSystem32configsystem.sav < %systemroot%system32drivers*.sys /90 > [2013/06/17 22:00:00 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:WINDOWSsystem32driversSYMEVENT.SYS ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:Documents and SettingsAll UsersApplication DataTEMP:D2F2F703 < End of report >
  4. Waiting for an answer to my last post. Is there any other option or suggestion? Thanks
  5. Thank you so much for replying so promtly. I followed your instructions and tried to run DDS even in safe mode, and the result is always the same: It stops processing at about 80%, hangs for a while then, my computer freezes and I have to shut down and reboot.
  6. Can someone please help me? I am working on an win xp Sp3, home edition laptop that up until about a week ago was working like a charm. However, something seems to have gone bad , and Isuspect it's a virus I can't get rid of.CPU is running at 100%, I get error messages when I try to install software; especially any kind of diagnostic software...When I try to open some programs, I get error messages such as: "The application or DLL name.DLL is not a valid windows Image. Please check this against your installation diskette.""the server threw an exception, clas ID xxxxxx" "xxxxxx is not a valid win32 application""Access violation at address xxxxxxx in module xxxxxx"I've run Spybot and malawarebytes, and they've found and removed malware. My Norton anti virus only finds cookies, and I am unable to install or run any other virus scanners, even online scanners such as ESET return an error message. Regards, Sylvia
×
×
  • Create New...