Jump to content
Sign in to follow this  
seasun21

Lots of error messages & unable to install or run security softwar

Recommended Posts

Hello Caintry_boy,

 

Thanks for your help. I am starting a new thread in this forum as you first indicated. I no longer have the logs from Spybot and MBAM.

 

Here is the log from OTL.txt

 

OTL logfile created on: 8/18/2013 1:59:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:Documents and SettingsAdministrator.SYLVIADesktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 83.12% Memory free
3.33 Gb Paging File | 3.19 Gb Available in Paging File | 95.61% Paging File free
Paging file location(s): C:pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 37.26 Gb Total Space | 4.33 Gb Free Space | 11.63% Space Free | Partition Type: NTFS

Computer Name: SYLVIA | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/18 13:55:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsAdministrator.SYLVIADesktopOTL.exe
PRC - [2012/08/13 10:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:Program FilesOpenOffice.org 3programsoffice.exe
PRC - [2012/08/13 10:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:Program FilesOpenOffice.org 3programsoffice.bin
PRC - [2012/08/13 10:57:02 | 000,103,936 | ---- | M] (OpenOffice.org) -- C:Program FilesOpenOffice.org 3programswriter.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:WINDOWSexplorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/31 17:26:53 | 000,985,088 | ---- | M] () -- C:Program FilesOpenOffice.org 3programlibxml2.dll
MOD - [2012/08/31 17:26:53 | 000,170,496 | ---- | M] () -- C:Program FilesOpenOffice.org 3programlibxslt.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%System32hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%System32appmgmts.dll -- (AppMgmt)
SRV - [2013/08/16 16:34:58 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:WINDOWSsystem32MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/10 04:48:06 | 000,101,888 | ---- | M] (Freemake) [Disabled | Stopped] -- C:Documents and SettingsAll UsersApplication DataFreemakeFreemakeUtilsServiceFreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/05/21 12:53:47 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:Program FilesNorton Internet SecurityEngine20.4.0.40ccSvcHst.exe -- (NIS)
SRV - [2013/04/01 16:35:36 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:Program FilesSUPERAntiSpywareSASCORE.EXE -- (!SASCORE)
SRV - [2010/08/13 09:13:32 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:Program FilesNOSbingetPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:Program FilesIntelWiFibinEvtEng.exe -- (EvtEng)
SRV - [2009/11/03 15:45:52 | 000,348,160 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:Program FilesIntelWiFibinWLKEEPER.exe -- (WLANKEEPER)
SRV - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:Program FilesIntelWiFibinS24EvMon.exe -- (S24EventMonitor)
SRV - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe -- (RegSrvc)
SRV - [2004/04/01 19:05:48 | 000,077,824 | ---- | M] (Broadcom Corp.) [Disabled | Stopped] -- C:WINDOWSsystem32BAsfIpM.exe -- (BAsfIpM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32Driverswdf01000.sys -- (Wdf01000)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32Driversusbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32driversUIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32DRIVERSewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32DRIVERSewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | Auto | Stopped] -- system32DRIVERSavgntflt.sys -- (avgntflt)
DRV - [2013/06/17 22:00:00 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsBASHDefs20130715.001BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:WINDOWSsystem32driversNIS1404000.028symefa.sys -- (SymEFA)
DRV - [2013/05/22 11:34:34 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsVirusDefs20130817.006NAVEX15.SYS -- (NAVEX15)
DRV - [2013/05/22 11:34:34 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsVirusDefs20130817.006NAVENG.SYS -- (NAVENG)
DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:WINDOWSsystem32driversNIS1404000.028symds.sys -- (SymDS)
DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028srtsp.sys -- (SRTSP)
DRV - [2013/04/24 20:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028symtdi.sys -- (SYMTDI)
DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/04/01 16:35:21 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS -- (SASKUTIL)
DRV - [2013/04/01 16:35:20 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS -- (SASDIFSV)
DRV - [2013/03/04 21:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028ironx86.sys -- (SymIRON)
DRV - [2013/03/04 21:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:WINDOWSsystem32driversNIS1404000.028srtspx.sys -- (SRTSPX)
DRV - [2013/03/01 19:28:20 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22DefinitionsIPSDefs20130813.001IDSXpx86.sys -- (IDSxpx86)
DRV - [2013/03/01 02:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys -- (eeCtrl)
DRV - [2013/03/01 02:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:Program FilesSystemRequirementsLabcpudrv.sys -- (cpudrv)
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:WINDOWSsystem32driversSmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/02/19 16:08:51 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:Program FilesSUPERAntiSpywareSASENUM.SYS -- (SASENUM)
DRV - [2009/11/11 04:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversw29n51.sys -- (w29n51)
DRV - [2008/08/13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:WINDOWSsystem32driverss24trans.sys -- (s24trans)
DRV - [2008/05/06 02:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:WINDOWSsystem32driversASPI32.SYS -- (Aspi32)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driverswinusb.sys -- (WinUSB)
DRV - [2006/05/10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversb57xp32.sys -- (b57w2k)
DRV - [2006/03/29 09:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driverspfc.sys -- (pfc)
DRV - [2005/09/28 21:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversApfiltr.sys -- (ApfiltrService)
DRV - [2005/05/03 16:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversHSF_DPV.SYS -- (HSF_DPV)
DRV - [2005/05/03 16:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversHSFHWICH.sys -- (HSFHWICH)
DRV - [2005/05/03 16:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversHSF_CNXT.sys -- (winachsf)
DRV - [2005/03/10 17:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSTAC97.sys -- (STAC97)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversafc.sys -- (Afc)
DRV - [2005/01/27 19:10:44 | 000,015,680 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversbtpmw32.sys -- (BCMTPM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant =
IE - HKLM..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF - [email protected]/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF32_11_8_800_94.dll ()
FF - [email protected]/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)
FF - [email protected]/iTunes,version=: File not found
FF - [email protected]/iTunes,version=1.0: C:Program FilesiTunesMozilla Pluginsnpitunes.dll ()
FF - [email protected]/FFApi: File not found
FF - [email protected]/Foxit Reader Plugin,version=1.0,application/pdf: C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll (Foxit Corporation)
FF - [email protected]/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll (Foxit Corporation)
FF - [email protected]/WPF,version=3.5: c:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)
FF - [email protected]/getPlus+®,version=1.6.2.90: C:Program FilesNOSbinnp_gp.dll (NOS Microsystems Ltd.)
FF - [email protected]/nprphtml5videoshim;version=1.0.0.0: C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.)
FF - [email protected]/vlc,version=2.0.7: C:Program FilesVideoLANVLCnpvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{3112ca9c-de6d-4884-a869-9855de68056c}: C:Documents and SettingsAll UsersApplication DataGoogleToolbar for Firefox{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/14 18:55:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{22119944-ED35-4ab1-910B-E619EA06A115}: C:Program FilesSiber SystemsAI RoboFormFirefox [2010/03/02 13:43:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22coFFPlgn [2013/08/18 12:44:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_20.2.1.22IPSFFPlgn [2013/03/02 17:03:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 21.0extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2013/05/29 21:36:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 21.0extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2013/05/31 21:18:05 | 000,000,000 | ---D | M]

[2013/08/11 14:17:04 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMozillaExtensions
[2013/08/13 21:45:46 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions
[2013/05/21 12:53:50 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxbrowserextensions
[2013/05/21 12:53:50 | 000,000,000 | ---D | M] (Default) -- C:Program FilesMozilla Firefoxbrowserextensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/06/20 16:01:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Filesmozilla firefoxpluginsnpdeployJava1.dll

O1 HOSTS File: ([2002/09/03 12:34:19 | 000,000,734 | ---- | M]) - C:WINDOWSsystem32driversetchosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesNorton Internet SecurityEngine20.4.0.40coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program FilesNorton Internet SecurityEngine20.4.0.40ipsipsbho.dll (Symantec Corporation)
O3 - HKLM..Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - No CLSID value found.
O3 - HKLM..Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesNorton Internet SecurityEngine20.4.0.40coieplg.dll (Symantec Corporation)
O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found.
O4 - Startup: C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartupOpenOffice.org 3.4.1.lnk = C:Program FilesOpenOffice.org 3programquickstart.exe ()
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerInfodelivery present
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html ()
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)


O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{8CD372E7-3897-4701-8B7C-6DF8B8EF4E4C}: DhcpNameServer = 192.168.1.1
O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:WINDOWSexplorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) - C:WINDOWSsystem32userinit.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/02 14:44:25 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (ጘ타Ð桐×椡×갬)
O34 - HKLM BootExecute: ("Ü椱×")
O34 - HKLM BootExecute: (ER)
O34 - HKLM BootExecute: ("댰Պޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒޒal SettingsTemporary Internet FilesContent.IE5")
O34 - HKLM BootExecute: (>)
O34 - HKLM BootExecute: ("댰ՊҰ")
O34 - HKLM BootExecute: ®
O34 - HKLM BootExecute: (http://download.iolo.net/sm/11/std/en/iolo/app_update/SystemMechanic_11.7.1.31.exe)
O34 - HKLM BootExecute: (nts.)
O34 - HKLM BootExecute: (댰Պ痰θ蠨θ폈θθ笘θ쟀θ韸θθꋸθ겘θ그θꘐθθ꧘θ퀀θθ)
O34 - HKLM BootExecute: (start.)
O34 - HKLM BootExecute: (.)
O34 - HKLM BootExecute: (l)
O35 - HKLM..comfile [open] -- "%1" %*
O35 - HKLM..exefile [open] -- "%1" %*
O37 - HKLM...com [@ = comfile] -- "%1" %*
O37 - HKLM...exe [@ = exefile] -- "%1" %*
O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%System32appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%System32hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
System Restore Service not available.

========== Files/Folders - Created Within 30 Days ==========

[2013/08/18 13:55:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsAdministrator.SYLVIADesktopOTL.exe
[2013/08/18 13:33:53 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataJarte
[2013/08/14 20:09:30 | 000,000,000 | ---D | C] -- C:Program FilesWise
[2013/08/14 16:11:49 | 017,018,248 | ---- | C] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerInstaller.exe
[2013/08/14 15:34:36 | 000,000,000 | -H-D | C] -- C:WINDOWSPIF
[2013/08/13 21:02:35 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataSpybot - Search & Destroy
[2013/08/13 21:01:23 | 000,000,000 | ---D | C] -- C:Program FilesSpybot - Search & Destroy 2
[2013/08/13 20:53:40 | 000,000,000 | RH-D | C] -- C:Documents and SettingsAdministrator.SYLVIARecent
[2013/08/13 20:52:10 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsCC-registry-backup
[2013/08/12 19:41:17 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataWise Registry Cleaner
[2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsMy Videos
[2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsMy Pictures
[2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsMy Music
[2013/08/12 16:48:10 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsAdministrative Tools
[2013/08/12 16:36:46 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataVS Revo Group
[2013/08/12 16:27:22 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataVS Revo Group
[2013/08/12 13:53:45 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication Dataiolo
[2013/08/11 14:49:34 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsDownloads
[2013/08/11 14:23:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMacromedia
[2013/08/11 14:23:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataAdobe
[2013/08/11 14:16:43 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataMozilla
[2013/08/11 14:16:43 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMozilla
[2013/08/11 13:58:32 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataOpera
[2013/08/11 13:58:32 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpera
[2013/08/11 13:53:40 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpenOffice.org
[2013/08/11 13:29:28 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMalwarebytes
[2013/08/11 13:17:20 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersStart MenuProgramsMalwarebytes' Anti-Malware
[2013/08/11 13:17:17 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys
[2013/08/11 13:17:17 | 000,000,000 | ---D | C] -- C:Program FilesMalwarebytes' Anti-Malware
[2013/08/11 12:26:29 | 000,000,000 | RH-D | C] -- C:Documents and SettingsAdministrator.SYLVIASendTo
[2013/08/11 12:26:29 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartup
[2013/08/11 12:26:29 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart Menu
[2013/08/11 12:26:29 | 000,000,000 | R--D | C] -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsAccessories
[2013/08/11 12:26:29 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIAPrintHood
[2013/08/11 12:26:29 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIANetHood
[2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAMy Documents
[2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataIntel
[2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIAFavorites
[2013/08/11 12:26:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIADesktop
[2013/08/11 12:24:10 | 000,000,000 | -HSD | C] -- C:Documents and SettingsAdministrator.SYLVIAIETldCache
[2013/08/11 12:22:45 | 000,000,000 | ---D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal SettingsApplication DataMicrosoft
[2013/08/11 12:22:41 | 000,000,000 | --SD | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataMicrosoft
[2013/08/11 12:22:41 | 000,000,000 | RH-D | C] -- C:Documents and SettingsAdministrator.SYLVIAApplication Data
[2013/08/11 12:22:41 | 000,000,000 | -HSD | C] -- C:Documents and SettingsAdministrator.SYLVIACookies
[2013/08/11 12:22:39 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIALocal Settings
[2013/08/11 12:22:38 | 000,000,000 | -H-D | C] -- C:Documents and SettingsAdministrator.SYLVIATemplates
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32sv-SE
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32nb-NO
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ms-MY
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32hu-HU
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32fi-FI
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32el-GR
[2013/08/08 23:36:08 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32da-DK
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32zh-TW
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32zh-CN
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ru-RU
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32pl-PL
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ko-KR
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32ja-JP
[2013/08/08 23:36:07 | 000,000,000 | ---D | C] -- C:WINDOWSSystem32cs-CZ
[2013/08/08 21:57:34 | 000,000,000 | ---D | C] -- C:Program FilesZune
[2011/04/20 18:28:47 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:Program Filesmspaint.exe

========== Files - Modified Within 30 Days ==========

[2013/08/18 13:55:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsAdministrator.SYLVIADesktopOTL.exe
[2013/08/18 13:36:12 | 000,001,366 | ---- | M] () -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsOLD TIMER.rtf
[2013/08/18 13:19:08 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat
[2013/08/18 13:09:32 | 000,000,830 | ---- | M] () -- C:WINDOWStasksAdobe Flash Player Updater.job
[2013/08/18 13:08:32 | 000,001,324 | ---- | M] () -- C:WINDOWSSystem32d3d9caps.dat
[2013/08/18 12:42:22 | 000,000,282 | ---- | M] () -- C:WINDOWStasksSmartDefrag_Startup.job
[2013/08/18 12:42:22 | 000,000,280 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-776561741-1078145449-682003330-1004.job
[2013/08/18 12:42:22 | 000,000,272 | ---- | M] () -- C:WINDOWStasksASC4_PerformanceMonitor.job
[2013/08/18 12:42:15 | 000,002,206 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl
[2013/08/16 16:34:58 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerApp.exe
[2013/08/16 16:34:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl
[2013/08/15 21:20:45 | 000,002,946 | ---- | M] () -- C:WINDOWSwininit.ini
[2013/08/14 20:09:31 | 000,000,880 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopWise Registry Cleaner.lnk
[2013/08/14 19:40:17 | 000,000,682 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopCCleaner.lnk
[2013/08/14 19:31:52 | 000,074,703 | ---- | M] () -- C:WINDOWSSystem32mfc45.dat
[2013/08/14 16:11:54 | 017,018,248 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerInstaller.exe
[2013/08/11 13:54:28 | 000,000,864 | ---- | M] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartupOpenOffice.org 3.4.1.lnk
[2013/08/11 13:17:24 | 000,000,784 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk
[2013/08/11 11:55:29 | 000,000,386 | ---- | M] () -- C:WINDOWSSystem32ioloBootDefrag.cfg
[2013/07/29 08:00:00 | 000,000,284 | ---- | M] () -- C:WINDOWStasksAppleSoftwareUpdate.job
[2013/07/27 23:23:25 | 000,002,524 | ---- | M] () -- C:Documents and SettingsAll UsersDesktopAmazon Cloud Player.lnk
[2013/07/27 01:32:00 | 000,000,288 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-776561741-1078145449-682003330-1004.job

========== Files Created - No Company Name ==========

[2013/08/18 13:36:12 | 000,001,366 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAMy DocumentsOLD TIMER.rtf
[2013/08/13 21:45:45 | 000,002,946 | ---- | C] () -- C:WINDOWSwininit.ini
[2013/08/12 19:41:08 | 000,000,880 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopWise Registry Cleaner.lnk
[2013/08/11 13:54:27 | 000,000,864 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsStartupOpenOffice.org 3.4.1.lnk
[2013/08/11 13:17:23 | 000,000,784 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopMalwarebytes Anti-Malware.lnk
[2013/08/11 12:22:42 | 000,001,599 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsRemote Assistance.lnk
[2013/08/11 12:22:42 | 000,000,792 | ---- | C] () -- C:Documents and SettingsAdministrator.SYLVIAStart MenuProgramsWindows Media Player.lnk
[2013/07/27 23:23:25 | 000,002,524 | ---- | C] () -- C:Documents and SettingsAll UsersDesktopAmazon Cloud Player.lnk
[2013/06/14 00:09:01 | 000,001,324 | ---- | C] () -- C:WINDOWSSystem32d3d9caps.dat
[2012/08/11 19:46:00 | 000,003,072 | ---- | C] () -- C:WINDOWSSystem32iacenc.dll
[2012/08/09 01:42:36 | 000,074,703 | ---- | C] () -- C:WINDOWSSystem32mfc45.dat
[2011/02/18 01:26:51 | 001,753,014 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication DataWPFFontCache_v0400-S-1-5-21-776561741-1078145449-682003330-1004-0.dat
[2011/02/07 23:31:16 | 000,313,798 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication DataWPFFontCache_v0400-System.dat
[2010/10/14 17:51:02 | 000,001,940 | ---- | C] () -- C:Documents and SettingsLocalServiceLocal SettingsApplication Data{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/03/31 21:40:24 | 000,000,088 | RHS- | C] () -- C:Documents and SettingsAll UsersApplication DataBB9CC2F1A8.sys
[2010/03/31 21:40:23 | 000,002,828 | -HS- | C] () -- C:Documents and SettingsAll UsersApplication DataKGyGaAvL.sys

========== ZeroAccess Check ==========

[2010/02/02 19:49:04 | 000,000,227 | RHS- | M] () -- C:WINDOWSassemblyDesktop.ini

[HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

[HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]

[HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
"" = %SystemRoot%System32shdocvw.dll -- [2011/02/17 09:51:57 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]
"" = C:WINDOWSSystem32wbemfastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]
"" = C:WINDOWSSystem32wbemwbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/08/12 14:49:31 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication Dataiolo
[2013/08/18 13:59:04 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataJarte
[2013/08/11 13:53:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpenOffice.org
[2013/08/11 13:58:32 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataOpera
[2013/08/12 19:43:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsAdministrator.SYLVIAApplication DataWise Registry Cleaner
[2013/05/29 21:21:38 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010/09/06 13:32:11 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Dataagi
[2011/04/14 14:38:42 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataAVAST Software
[2011/07/29 01:25:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataCheckPoint
[2013/01/12 20:35:57 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataCloud Software LTD
[2013/05/06 16:01:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Dataconytinuetuossave
[2012/12/31 14:40:49 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataFreemake
[2011/07/05 21:18:06 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataGoodSync
[2013/07/16 00:52:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataHitmanPro
[2013/05/04 18:08:42 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataInstallMate
[2013/06/19 21:04:21 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataIObit
[2011/12/19 21:02:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataLinksys
[2013/08/14 00:15:44 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop
[2013/08/12 16:38:16 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataRazer
[2010/03/02 13:43:12 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataRoboForm
[2010/11/10 22:55:55 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataScanSoft
[2010/12/31 11:04:18 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataSpeedBit
[2010/09/03 21:44:51 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTEMP
[2013/08/12 16:27:22 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataVS Revo Group
[2010/03/15 17:14:20 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataWhite Sky, Inc
[2012/12/06 19:22:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataWindSolutions
[2010/04/03 13:41:19 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataWinZip
[2010/11/09 13:49:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/20 14:25:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data~0

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%*.exe >

< MD5 for: AGP440.SYS >
[2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSDriver Cachei386sp3.cab:AGP440.sys
[2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSServicePackFilesi386sp3.cab:AGP440.sys
[2008/04/14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:WINDOWSServicePackFilesi386agp440.sys
[2008/04/14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:WINDOWSsystem32driversagp440.sys

< MD5 for: ATAPI.SYS >
[2002/09/03 13:04:09 | 010,158,890 | ---- | M] () .cab file -- C:WINDOWSDriver Cachei386sp1.cab:atapi.sys
[2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSDriver Cachei386sp3.cab:atapi.sys
[2008/04/14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:WINDOWSServicePackFilesi386sp3.cab:atapi.sys
[2002/09/03 12:27:33 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:WINDOWS$NtServicePackUninstall$atapi.sys
[2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSServicePackFilesi386atapi.sys
[2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSsystem32dllcacheatapi.sys
[2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSsystem32driversatapi.sys
[2008/04/14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:WINDOWSsystem32ReinstallBackups0007DriverFilesi386atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 06:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:WINDOWSServicePackFilesi386eventlog.dll
[2008/04/14 06:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:WINDOWSsystem32eventlog.dll
[2002/09/03 12:32:41 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:WINDOWS$NtServicePackUninstall$eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 06:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:WINDOWSServicePackFilesi386netlogon.dll
[2008/04/14 06:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:WINDOWSsystem32netlogon.dll
[2002/09/03 12:48:22 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:WINDOWS$NtServicePackUninstall$netlogon.dll

< MD5 for: SCECLI.DLL >
[2002/09/03 12:58:25 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:WINDOWS$NtServicePackUninstall$scecli.dll
[2008/04/14 06:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:WINDOWSServicePackFilesi386scecli.dll
[2008/04/14 06:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:WINDOWSsystem32scecli.dll

< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >
[2010/02/02 09:30:19 | 000,094,208 | ---- | M] () -- C:WINDOWSSystem32configdefault.sav
[2010/02/02 09:30:19 | 000,602,112 | ---- | M] () -- C:WINDOWSSystem32configsoftware.sav
[2010/02/02 09:30:18 | 000,409,600 | ---- | M] () -- C:WINDOWSSystem32configsystem.sav

< %systemroot%system32drivers*.sys /90 >
[2013/06/17 22:00:00 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:WINDOWSsystem32driversSYMEVENT.SYS

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:Documents and SettingsAll UsersApplication DataTEMP:D2F2F703

< End of report >

 

 

Share this post


Link to post
Share on other sites

OTL Extras.Txt log:

 

OTL Extras logfile created on: 8/18/2013 1:59:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:Documents and SettingsAdministrator.SYLVIADesktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 83.12% Memory free
3.33 Gb Paging File | 3.19 Gb Available in Paging File | 95.61% Paging File free
Paging file location(s): C:pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 37.26 Gb Total Space | 4.33 Gb Free Space | 11.63% Space Free | Partition Type: NTFS

Computer Name: SYLVIA | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:Program FilesOperaOpera.exe (Opera Software)

[HKEY_CURRENT_USERSOFTWAREClasses<extension>]
.html [@ = FirefoxHTML] -- C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:Program FilesOperaOpera.exe" "%1" (Opera Software)
https [open] -- "C:Program FilesOperaOpera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:Program FilesVideoLANVLCvlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:Program FilesVideoLANVLCvlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSr]
"Start" = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileGloballyOpenPortsList]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
"%windir%Network Diagnosticxpnetdiag.exe" = %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%system32sessmgr.exe" = %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
"%windir%Network Diagnosticxpnetdiag.exe" = %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%system32sessmgr.exe" = %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe" = C:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:Program FilesiTunesiTunes.exe" = C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:Program FilesOperaopera.exe" = C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25D24E84-64A9-40D2-85CF-540B1C4A6D52}" = Broadcom ASF Management Applications
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{334799B1-527F-475B-AF19-658124E2BE24}" = ZoneAlarm Security
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{391A94D9-20EC-44FF-9E20-3F3166FF68E4}" = TouchCopy 12
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Advanced Control Suite 2
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{82CE6B7B-9665-4E29-8CE0-DD993484B38D}" = Intel® PROSet/Wireless WiFi Software
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A2F3559-6776-4F67-B46E-5F973B901234}" = ZoneAlarm Antivirus
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{AD799836-6B74-419B-A869-C326CA86ECCF}" = ZoneAlarm Firewall
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EFE3D683-903C-4B58-AB8F-C68C69F33758}" = System Requirements Lab for Intel
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AI RoboForm" = AI RoboForm (All Users)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"Foxit Reader_is1" = Foxit Reader
"Freemake Video Downloader_is1" = Freemake Video Downloader
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{25D24E84-64A9-40D2-85CF-540B1C4A6D52}" = Broadcom ASF Management Applications
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Advanced Control Suite 2
"Jarte_is1" = Jarte 4.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Opera 12.15.1748" = Opera 12.15
"ProInst" = Intel PROSet Wireless
"VLC media player" = VLC media player 2.0.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.83
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/29/2013 11:33:02 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100
Description =

Error - 5/29/2013 11:33:02 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100
Description =

Error - 5/29/2013 11:33:02 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100
Description =

Error - 5/29/2013 11:33:19 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100
Description =

Error - 5/29/2013 11:33:19 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100
Description =

Error - 5/29/2013 11:33:19 PM | Computer Name = SYLVIA | Source = Bonjour Service | ID = 100
Description =

Error - 6/9/2013 7:54:34 PM | Computer Name = SYLVIA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

Error - 6/17/2013 11:46:43 PM | Computer Name = SYLVIA | Source = crypt32 | ID = 131075
Description = Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: This operation returned because the timeout period expired.

Error - 6/22/2013 10:43:40 PM | Computer Name = SYLVIA | Source = Userenv | ID = 1512
Description = Windows cannot unload your registry file. The memory used by the registry
has not been freed. This is often caused by services running as a user account,
try configuring the services to run in either the LocalService or NetworkService
account. If this problem persists, contact your administrator. DETAIL - A required
privilege is not held by the client.

Error - 6/26/2013 10:03:36 PM | Computer Name = SYLVIA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

[ System Events ]
Error - 8/16/2013 12:40:03 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000
Description = The Zune Bus Enumerator Driver service failed to start due to the
following error: %%2

Error - 8/16/2013 1:10:59 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034
Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/16/2013 8:49:35 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000
Description = The avgntflt service failed to start due to the following error: %%2

Error - 8/16/2013 8:49:35 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000
Description = The Zune Bus Enumerator Driver service failed to start due to the
following error: %%2

Error - 8/16/2013 8:50:09 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034
Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/16/2013 8:57:11 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/18/2013 12:42:31 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000
Description = The avgntflt service failed to start due to the following error: %%2

Error - 8/18/2013 12:42:31 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7000
Description = The Zune Bus Enumerator Driver service failed to start due to the
following error: %%2

Error - 8/18/2013 12:43:34 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7034
Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/18/2013 1:20:51 PM | Computer Name = SYLVIA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx86 ccSet_NIS eeCtrl Fips intelppm SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI


< End of report >

Share this post


Link to post
Share on other sites

aswMBR Log

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-08-18 15:49:57
-----------------------------
15:49:57.453 OS Version: Windows 5.1.2600 Service Pack 3
15:49:57.453 Number of processors: 1 586 0xD08
15:49:57.453 ComputerName: SYLVIA UserName:
15:49:58.265 Initialize success
16:05:21.921 AVAST engine defs: 13081801
17:50:37.609 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIdeDeviceP0T0L0-3
17:50:37.625 Disk 0 Vendor: FUJITSU_MHV2040AH 00000096 Size: 38154MB BusType: 3
17:50:37.859 Disk 0 MBR read successfully
17:50:37.875 Disk 0 MBR scan
17:50:37.937 Disk 0 Windows XP default MBR code
17:50:37.953 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
17:50:37.968 Disk 0 scanning sectors +78140160
17:50:38.046 Disk 0 scanning C:WINDOWSsystem32drivers
17:50:48.671 Service scanning
17:51:16.859 Modules scanning
17:51:23.312 Disk 0 trace - called modules:
17:51:23.375 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
17:51:23.390 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0x8a7cc2c0]
17:51:23.406 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> DeviceIdeIdeDeviceP0T0L0-3[0x8a7e7d98]
17:51:23.968 AVAST engine scan C:WINDOWS
17:51:28.812 AVAST engine scan C:WINDOWSsystem32
17:53:57.984 AVAST engine scan C:WINDOWSsystem32drivers
17:54:15.078 AVAST engine scan C:Documents and SettingsAdministrator.SYLVIA
17:55:08.953 AVAST engine scan C:Documents and SettingsAll Users
17:56:22.234 Scan finished successfully
19:11:09.687 Disk 0 MBR has been saved successfully to "C:Documents and SettingsAdministrator.SYLVIADesktopMBR.dat"
19:11:09.703 The log file has been saved successfully to "C:Documents and SettingsAdministrator.SYLVIADesktopaswMBR.txt"

Share this post


Link to post
Share on other sites

Hello seasun21

 

Thank you for posting the requested logs. I will check through them and get back to you later today :)

 

JonTom

Share this post


Link to post
Share on other sites

Hello seasun21 and :wp:

My name is JonTom

  • [*]Malware Logs can sometimes take a lot of time to research and interpret. [*]Please be patient while I try to assist with your problem. If at any time you do not understand what is required,
please ask for further explanation. [*]Please note that there is no "Quick Fix" to modern malware infections and we may need to use several different approaches to get your system clean. [*]Read every reply you receive carefully and thoroughly before carrying out the instructions. You may also find it helpful to print out the instructions you receive, as in some instances you may have to disconnect your computer from the Internet. [*]PLEASE NOTE: If you do not reply after 3 days your thread will be closed.

Nothing obvious is showing up in your system logs so we will have to do a little digging.

What do the error messages that you receive say exactly? Are you receiving any popups or redirects? Can you remember the name of the malware detected by MBAM?

You appear to have a number of registry cleaners installed. We do not recommend the use of registry cleaners as they can sometimes cause more harm than good. Please do not perform any more registry cleans while we work together.

  • [*]
Security Programs
  • [*]I can see from your log that you have a number of real-time security programs running, namely
ZoneAlarm Antivirus and Norton Internet Security. [*]Whilst both of these programs provide good security, they may clash with each other which can leave your system vulnerable to infection. [*]You are advised to remove one of these programs. [*]Please make sure that you only have ONE Firewall and ONE real-time Antivirus running on your system.

[*]CKScanner

  • [*]Download
CKScanner by askey127 from here and save it to your Desktop. [*]Double click CKScanner.exe then click on Search For Files. [*]When the cursor hourglass disappears, click Save List To File. [*]A message box will verify the file saved. [*]Double click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply

[*]Junkware Removal Tool

Please download Junkware Removal Tool by clicking here and save it to your desktop.

  • [*]Shutdown your antivirus to avoid any conflicts. [*]Double click
JRT.exe to run the tool. [*]The tool will open and start scanning your system. [*]Please be patient as this can take a while to complete. [*]On completion, a log (JRT.txt) is saved to your desktop and will automatically open. [*]Post the contents of JRT.txt into your next message.

Please post the CKScanner log and the Junkware Removal Tool log in your next reply along with the answers to my questions :)

 

Share this post


Link to post
Share on other sites

Due to a lack of response this thread is now closed.

 

If you need further assistance please begin a new thread.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...