After Anti-Malware

View previous topic View next topic Go down

After Anti-Malware

Post by jailgypsy on Sat Jan 30, 2010 3:10 am

First, let me say thank you for helping me get rid of my viruses. Product worked well. Now, though I have a problem with my other applications accessing the internet. Firefox and Internet Explorer work fine, but my Napster app, my WOW app won't connect. Any ideas?

Thanks,

Jailgypsy

jailgypsy
Beginner
Beginner

Status :
Online
Offline

Posts : 4
Joined : 2010-01-19
OS : windows xp

View user profile

Back to top Go down

Re: After Anti-Malware

Post by Belahzur on Sat Jan 30, 2010 5:03 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: After Anti-Malware

Post by jailgypsy on Sat Jan 30, 2010 6:24 pm

Ok. Here is the OTL

OTL logfile created on: 1/30/2010 10:13:48 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Dad\Desktop\Firefox Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 63.99 Gb Free Space | 50.00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7.81 Mb Total Space | 0.07 Mb Free Space | 0.95% Space Free | Partition Type: NTFS
Drive G: | 170.09 Gb Total Space | 170.00 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1.90 Gb Total Space | 0.01 Gb Free Space | 0.31% Space Free | Partition Type: FAT

Computer Name: HOME
Current User Name: Dad
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/30 10:13:00 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dad\Desktop\Firefox Downloads\OTL.exe
PRC - [2010/01/01 09:35:11 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/12/11 08:24:20 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/11 08:24:20 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/10/26 16:08:58 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/10/26 16:08:58 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/10/26 16:08:55 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/10/05 17:24:10 | 000,323,280 | ---- | M] (Napster) -- C:\Program Files\Napster\napster.exe
PRC - [2009/09/22 11:09:02 | 000,156,672 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Replay Media Catcher\FLVSrvc.exe
PRC - [2009/07/22 22:44:50 | 001,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/03/09 04:19:15 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/05/27 09:50:30 | 000,413,696 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2008/05/15 10:54:20 | 001,192,088 | ---- | M] () -- C:\Program Files\CE\nmSvc.exe
PRC - [2008/05/15 10:54:12 | 000,270,488 | ---- | M] () -- C:\Program Files\CE\nmFlt.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/03 15:43:46 | 000,252,424 | ---- | M] (Avid Technology, Inc.) -- C:\WINDOWS\system32\MAFWTray.exe
PRC - [2007/07/24 14:17:08 | 000,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/10/22 11:22:00 | 000,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/06/14 16:18:48 | 000,221,184 | ---- | M] (InstallShield Software Corporation) -- c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2004/06/14 16:18:22 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/06/14 16:18:08 | 000,471,040 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2001/08/23 04:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


========== Modules (SafeList) ==========

MOD - [2010/01/30 10:13:00 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dad\Desktop\Firefox Downloads\OTL.exe
MOD - [2010/01/24 15:08:28 | 000,012,800 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\Dad\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/10/26 16:08:55 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/05/20 00:50:20 | 002,772,302 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/03/09 04:19:15 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/11/06 12:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/07/24 14:17:08 | 000,229,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/22 11:22:00 | 000,159,810 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2009/11/09 19:24:57 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/10/26 16:09:08 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/10/26 16:09:08 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/24 14:05:06 | 000,206,256 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/06/24 21:02:29 | 000,020,747 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2008/04/13 10:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 10:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/03/03 15:43:42 | 000,193,032 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mafw.sys -- (MAFW)
DRV - [2007/11/13 02:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/06 12:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/07/26 03:00:00 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/11/06 17:04:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006/10/22 11:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/11/24 18:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/09/20 09:00:54 | 001,302,332 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2005/06/18 01:48:46 | 000,019,968 | ---- | M] (WikiTek Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ss.sys -- (StreamSurge) StreamSurge Driver (miniport)
DRV - [2005/01/27 14:31:06 | 000,260,352 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/09/28 21:11:46 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2004/09/28 21:11:42 | 000,051,120 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2004/09/28 21:10:16 | 000,021,744 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Belkin\F5D9050\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/02/03 08:47:26 | 000,019,076 | R--- | M] (emagic Soft- und Hardware GmbH, Germany) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\EMGICUSB.sys -- (EmgicUsb)
DRV - [2003/02/03 08:47:25 | 000,012,564 | R--- | M] (emagic Soft- und Hardware GmbH, Germany) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\EMGM4U2K.sys -- (EMGM4U2K)
DRV - [2001/09/04 08:01:40 | 000,029,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Dad\Local Settings\Temp\gtermddo.sys -- (gtermddo)
DRV - [2001/08/23 04:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}:1.0.3.93
FF - prefs.js..extensions.enabledItems: {0FFCC8D1-8198-4b2f-9A96-2B4D4A65ECC9}:5.8.809.8522
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.12514
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.60
FF - prefs.js..extensions.enabledItems: {B2CC8349-7B22-4FB8-97DE-D7D565F1E973}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="


FF - HKLM\software\mozilla\Firefox\extensions\\{B2CC8349-7B22-4FB8-97DE-D7D565F1E973}: C:\Documents and Settings\Dad\Local Settings\Application Data\{B2CC8349-7B22-4FB8-97DE-D7D565F1E973} [2009/03/13 00:08:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/11 08:25:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/24 21:39:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/24 21:44:00 | 000,000,000 | ---D | M]

[2008/06/27 23:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Mozilla\Extensions
[2010/01/29 21:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions
[2009/02/08 14:50:57 | 000,000,000 | ---D | M] (Google Gadget Plugin) -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\{0FFCC8D1-8198-4b2f-9A96-2B4D4A65ECC9}
[2009/12/21 14:35:27 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}
[2009/07/25 17:02:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/25 19:24:07 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2009/01/03 15:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\iaplayer@instantaction.com
[2008/11/27 21:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\moveplayer@movenetworks.com
[2009/04/28 19:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\extensions\statusbar@toodledo.com
[2008/12/12 10:23:54 | 000,002,158 | ---- | M] () -- C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\amer8p2l.default\searchplugins\MySpace.xml
[2010/01/29 21:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/30 10:11:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\browserhighlighter@ebay.com
[2009/04/26 16:55:28 | 000,279,888 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2009/06/25 15:19:53 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/10/05 17:24:10 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npstrlnk.dll
[2008/12/17 02:08:31 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2009/03/10 08:30:50 | 005,817,072 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ScorchPDFWrapper.dll

O1 HOSTS File: ([2009/11/09 07:37:57 | 000,000,149 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 193.169.12.50 winsecure2009.microsoft.com
O1 - Hosts: 193.169.12.50 winsecure2009.com
O1 - Hosts: 193.169.12.50 [You must be registered and logged in to see this link.]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {6D1B467E-FBF9-4608-BE7A-6DD368440C65} - C:\WINDOWS\System32\bidisp.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MAFWTaskbarApp] C:\WINDOWS\system32\MAFWTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\MAFWTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [NMSVC] C:\Program Files\CE\nmSvc.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nmNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} [You must be registered and logged in to see this link.] (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.146 68.87.85.98
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/24 20:56:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{cfa89920-d33c-11de-a613-00173f741bed}\Shell\AutoRun\command - "" = H:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{cfa89920-d33c-11de-a613-00173f741bed}\Shell\Setup FlipShare\command - "" = H:\Setup_FlipShare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 23:26:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/24 23:26:30 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/24 23:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/24 22:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dad\.SunDownloadManager
[2010/01/24 21:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/01/24 21:44:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dad\Application Data\InstallShield
[2010/01/24 21:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Napster Shared
[2010/01/24 21:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Napster
[2010/01/24 13:39:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dad\My Documents\Pictures 1-24-10
[2010/01/19 13:26:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dad\Application Data\Malwarebytes
[2010/01/19 13:26:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/19 07:46:48 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/01/18 23:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dad\Local Settings\Application Data\jlkaql
[2010/01/13 06:48:09 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/10 21:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Groove Monkee
[2009/12/31 13:52:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dad\Desktop\NYE 10
[2009/12/31 12:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\Replay Music 3
[2009/12/31 12:34:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Replay Music
[2009/10/26 16:07:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/10/26 16:07:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/10/26 16:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/10/26 16:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/11/08 21:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2008/11/08 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2008/08/13 13:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/06/27 23:15:05 | 001,632,537 | ---- | C] (Macromedia, Inc.) -- C:\Program Files\UltimateMetronome.exe
[2005/05/11 22:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Dad\My Documents\*.tmp files -> C:\Documents and Settings\Dad\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/30 09:13:56 | 054,887,337 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/30 08:18:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dad\Local Settings\Application Data\prvlcl.dat
[2010/01/26 21:34:58 | 000,009,261 | ---- | M] () -- C:\Documents and Settings\Dad\My Documents\february 10.xlsx
[2010/01/24 23:26:34 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/24 22:35:10 | 000,011,723 | ---- | M] () -- C:\Documents and Settings\Dad\My Documents\math page 1-24-10.docx
[2010/01/24 21:47:00 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/24 21:46:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 21:45:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 21:45:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 21:43:38 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\Dad\NTUSER.DAT
[2010/01/24 21:39:06 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Napster.lnk
[2010/01/24 21:29:11 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/01/24 21:29:05 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/24 19:13:40 | 001,963,406 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\kids.jpg
[2010/01/24 19:13:34 | 000,000,337 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\My Documents.lnk
[2010/01/24 15:04:08 | 001,484,886 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\Piper and Tay.JPG
[2010/01/24 14:54:53 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Dad\ntuser.ini
[2010/01/24 13:58:11 | 001,291,901 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\Piper and Taylor.jpg
[2010/01/24 04:02:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2010/01/23 18:55:20 | 001,535,704 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\DSCN0919.JPG
[2010/01/23 18:50:50 | 001,539,727 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\DSCN0916.JPG
[2010/01/23 14:53:04 | 000,011,857 | ---- | M] () -- C:\Documents and Settings\Dad\My Documents\Book3.xlsx
[2010/01/22 23:33:50 | 000,117,276 | ---- | M] () -- C:\Documents and Settings\Dad\My Documents\Penny%20Stocks_01.2005.pdf
[2010/01/20 08:13:22 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/01/14 03:03:13 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/10 23:29:39 | 000,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2010/01/10 23:29:35 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/05 07:13:08 | 000,010,572 | ---- | M] () -- C:\Documents and Settings\Dad\My Documents\matrix.docx
[2009/12/31 12:34:46 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Replay Music 3.lnk
[2009/12/31 12:28:46 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Dad\Desktop\set list 4.doc
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Dad\My Documents\*.tmp files -> C:\Documents and Settings\Dad\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/26 21:34:57 | 000,009,261 | ---- | C] () -- C:\Documents and Settings\Dad\My Documents\february 10.xlsx
[2010/01/24 23:26:34 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/24 22:35:09 | 000,011,723 | ---- | C] () -- C:\Documents and Settings\Dad\My Documents\math page 1-24-10.docx
[2010/01/24 21:39:06 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Napster.lnk
[2010/01/24 21:29:11 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/01/24 21:29:05 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/24 19:13:40 | 001,963,406 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\kids.jpg
[2010/01/24 19:13:34 | 000,000,337 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\My Documents.lnk
[2010/01/24 18:58:03 | 001,539,727 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\DSCN0916.JPG
[2010/01/24 18:57:05 | 001,535,704 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\DSCN0919.JPG
[2010/01/24 13:58:11 | 001,291,901 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\Piper and Taylor.jpg
[2010/01/24 13:55:39 | 001,484,886 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\Piper and Tay.JPG
[2010/01/22 23:33:50 | 000,117,276 | ---- | C] () -- C:\Documents and Settings\Dad\My Documents\Penny%20Stocks_01.2005.pdf
[2010/01/05 07:13:07 | 000,010,572 | ---- | C] () -- C:\Documents and Settings\Dad\My Documents\matrix.docx
[2009/12/31 12:35:32 | 000,003,591 | ---- | C] () -- C:\Documents and Settings\Dad\Application Data\ReplayMusicLog.log
[2009/12/31 12:34:46 | 000,001,623 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Replay Music 3.lnk
[2009/12/31 12:23:29 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Dad\Desktop\set list 4.doc
[2009/11/09 07:38:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dad\Local Settings\Application Data\prvlcl.dat
[2009/10/20 09:31:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\uyovonejecuxiqiv.dll
[2009/10/20 08:25:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\odabahukuruboho.dll
[2009/10/20 07:19:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\evuyipidurayape.dll
[2009/10/20 06:13:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\owapujil.dll
[2009/10/20 05:07:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ekiwepazucowo.dll
[2009/10/20 04:01:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\iyowanomohag.dll
[2009/10/20 02:55:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\egosijeg.dll
[2009/10/20 01:49:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\edipaqekojotohu.dll
[2009/10/20 00:43:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\avefunanerulat.dll
[2009/10/19 23:37:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ohojehuco.dll
[2009/10/19 22:31:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\esiyaqox.dll
[2009/10/19 21:25:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\igupinukonej.dll
[2009/10/19 20:19:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\eburiqowaqi.dll
[2009/10/19 18:07:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\eheyukeb.dll
[2009/10/19 17:02:01 | 000,001,691 | ---- | C] () -- C:\WINDOWS\epodiqatarive.dll
[2009/10/19 15:55:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\agobojeb.dll
[2009/10/19 14:49:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ecaniqedukicuhu.dll
[2009/10/19 13:43:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\emahuqaj.dll
[2009/10/19 12:37:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\onevayadepiriq.dll
[2009/10/19 11:32:01 | 000,001,691 | ---- | C] () -- C:\WINDOWS\umibeqov.dll
[2009/10/19 10:25:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ayejecaz.dll
[2009/10/19 09:19:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\umehuyur.dll
[2009/10/19 07:07:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\olabekey.dll
[2009/10/19 06:01:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\osikutegefixi.dll
[2009/10/19 04:55:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\urehiheh.dll
[2009/10/19 03:49:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\unifoceqozuz.dll
[2009/10/19 02:43:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\opojaqap.dll
[2009/10/19 01:37:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ehijecuxiqivoq.dll
[2009/10/19 00:31:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ujipucovotuket.dll
[2009/10/18 23:25:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ujiwopozekawe.dll
[2009/10/18 22:19:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\usoneyul.dll
[2009/10/18 21:13:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\atokahubozerahe.dll
[2009/10/18 20:07:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\awujugabor.dll
[2009/10/18 19:01:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\utiyihitamaga.dll
[2009/10/18 17:55:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\oneculenelanave.dll
[2009/10/18 16:49:57 | 000,001,691 | ---- | C] () -- C:\WINDOWS\axivafecuj.dll
[2009/10/18 15:43:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\udisusevihego.dll
[2009/10/18 14:37:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\omarivikikikodu.dll
[2009/10/18 13:31:59 | 000,001,691 | ---- | C] () -- C:\WINDOWS\eluqolez.dll
[2009/10/18 12:25:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\utafejelap.dll
[2009/10/18 11:19:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ukecevez.dll
[2009/10/18 10:13:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\irixaxetetedapes.dll
[2009/10/18 09:07:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\afivoxan.dll
[2009/10/18 08:01:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\idowiducenafida.dll
[2009/10/18 06:56:02 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ujecaxojuxapiv.dll
[2009/10/18 05:50:00 | 000,001,691 | ---- | C] () -- C:\WINDOWS\agikodad.dll
[2009/10/18 04:44:02 | 000,001,691 | ---- | C] () -- C:\WINDOWS\aridadujo.dll
[2009/10/18 03:37:59 | 000,001,691 | ---- | C] () -- C:\WINDOWS\ocumojokesiyovup.dll
[2009/10/18 02:31:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\adacudir.dll
[2009/10/18 01:25:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\usilijefed.dll
[2009/10/18 00:19:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\oqepikebegukop.dll
[2009/10/17 23:13:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\iyimodetakobi.dll
[2009/10/17 22:07:58 | 000,001,691 | ---- | C] () -- C:\WINDOWS\onicakihevatepin.dll
[2009/10/17 21:01:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ikazuduqiyaloqe.dll
[2009/10/17 19:55:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\obuwelijosi.dll
[2009/10/17 18:49:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\igatekud.dll
[2009/10/17 17:43:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\itekidupa.dll
[2009/10/17 16:37:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ejelokuzoxuf.dll
[2009/10/17 15:31:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\udefakoroxaz.dll
[2009/10/17 14:25:59 | 000,003,033 | ---- | C] () -- C:\WINDOWS\izayudaf.dll
[2009/10/17 13:19:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\azajokesiyovup.dll
[2009/10/17 12:13:59 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uxayodegexino.dll
[2009/10/17 11:08:01 | 000,003,033 | ---- | C] () -- C:\WINDOWS\eyarivehamiro.dll
[2009/10/17 10:01:59 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ibocuraq.dll
[2009/10/17 08:56:07 | 000,003,033 | ---- | C] () -- C:\WINDOWS\oqakapak.dll
[2009/10/17 07:49:59 | 000,003,033 | ---- | C] () -- C:\WINDOWS\oxutaniq.dll
[2009/10/17 06:43:59 | 000,003,033 | ---- | C] () -- C:\WINDOWS\epugonajeroyo.dll
[2009/10/17 05:37:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ixoqiqamalanunev.dll
[2009/10/17 04:31:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ahefaner.dll
[2009/10/17 03:25:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\iyitaqunuh.dll
[2009/10/17 02:19:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\egigotob.dll
[2009/10/17 01:13:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\icutecoqajete.dll
[2009/10/17 00:07:59 | 000,003,033 | ---- | C] () -- C:\WINDOWS\eboweqoh.dll
[2009/10/16 23:01:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\acukojotohunica.dll
[2009/10/16 21:55:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\itonocop.dll
[2009/10/16 20:49:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\akidiqadun.dll
[2009/10/16 19:43:58 | 000,003,033 | ---- | C] () -- C:\WINDOWS\akimicelo.dll
[2009/10/16 01:54:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\efikuyas.dll
[2009/10/16 00:48:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\aqigatagacut.dll
[2009/10/15 23:42:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\aduvinas.dll
[2009/10/15 22:36:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ekireqijolozik.dll
[2009/10/15 21:30:16 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uvilutiholurac.dll
[2009/10/15 20:24:09 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ixigocixafesu.dll
[2009/10/15 19:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\eqiduqir.dll
[2009/10/15 18:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\avimucor.dll
[2009/10/15 17:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\olizicesojo.dll
[2009/10/15 16:00:05 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ewaqaquzuw.dll
[2009/10/15 14:54:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ohepeyam.dll
[2009/10/15 13:48:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ofetetabejuy.dll
[2009/10/15 12:42:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\iwelahacafof.dll
[2009/10/15 11:36:06 | 000,003,033 | ---- | C] () -- C:\WINDOWS\udiqekoj.dll
[2009/10/15 10:30:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\evudihoduc.dll
[2009/10/15 09:24:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\efitucivireba.dll
[2009/10/15 08:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\arineceki.dll
[2009/10/15 07:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\awiqapiwesonoces.dll
[2009/10/15 06:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\iduxucemuco.dll
[2009/10/15 05:00:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\eqatuhes.dll
[2009/10/15 03:54:05 | 000,003,033 | ---- | C] () -- C:\WINDOWS\oraneputehobek.dll
[2009/10/15 02:48:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\editanabo.dll
[2009/10/15 01:42:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ewewahatewis.dll
[2009/10/15 00:36:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ukokicuh.dll
[2009/10/14 23:30:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ejenijuduligejo.dll
[2009/10/14 22:24:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uradehipen.dll
[2009/10/14 21:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ofumejiz.dll
[2009/10/14 20:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\iqecipisozoqocef.dll
[2009/10/14 19:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\amagiqinicimayob.dll
[2009/10/14 18:00:04 | 000,003,033 | ---- | C] () -- C:\WINDOWS\atipaniyawe.dll
[2009/10/14 16:54:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\omamohagiqinic.dll
[2009/10/14 15:48:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\agacenay.dll
[2009/10/14 14:42:04 | 000,003,033 | ---- | C] () -- C:\WINDOWS\esiwoniq.dll
[2009/10/14 13:36:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ucixoyiviyifani.dll
[2009/10/14 12:30:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\amugemid.dll
[2009/10/14 11:24:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\abajolij.dll
[2009/10/14 10:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\izewilul.dll
[2009/10/14 09:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uxinajaz.dll
[2009/10/14 08:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\inesukas.dll
[2009/10/14 07:00:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\unaxupetozu.dll
[2009/10/14 05:54:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ojovuneb.dll
[2009/10/14 04:48:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\azahehat.dll
[2009/10/14 03:42:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\utazubijaxe.dll
[2009/10/14 02:36:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ezodumokaba.dll
[2009/10/14 01:30:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ibugusudihoso.dll
[2009/10/14 00:24:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\umetewisucejalaf.dll
[2009/10/13 23:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ojofosiziwawazu.dll
[2009/10/13 22:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\opigedeyoxiya.dll
[2009/10/13 21:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\abuvoxanetixivum.dll
[2009/10/13 20:00:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\alukejub.dll
[2009/10/13 15:36:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ebujodivo.dll
[2009/10/13 14:30:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\aqavukov.dll
[2009/10/13 13:24:04 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ovotidalumihudu.dll
[2009/10/13 12:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\eyufuxuzedesuv.dll
[2009/10/13 11:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\omokukas.dll
[2009/10/13 10:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\okugadagakusa.dll
[2009/10/13 09:00:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\iyaqiracevenupeh.dll
[2009/10/13 07:54:07 | 000,003,033 | ---- | C] () -- C:\WINDOWS\eqewelij.dll
[2009/10/13 06:48:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\afaxevokoxa.dll
[2009/10/13 05:42:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\utinorixatabiv.dll
[2009/10/13 04:36:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ukuqadiru.dll
[2009/10/13 03:30:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\izofakor.dll
[2009/10/13 02:24:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\erozires.dll
[2009/10/13 01:18:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\udezupew.dll
[2009/10/13 00:12:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ejopekam.dll
[2009/10/12 23:06:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ujiriveha.dll
[2009/10/12 22:00:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\azolapeyamole.dll
[2009/10/12 20:54:03 | 000,003,033 | ---- | C] () -- C:\WINDOWS\aponeniq.dll
[2009/10/12 19:37:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uhasesox.dll
[2009/10/12 18:31:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\anoheraf.dll
[2009/10/12 17:25:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\edocowoziq.dll
[2009/10/12 16:19:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uloxigot.dll
[2009/10/12 15:13:19 | 000,003,033 | ---- | C] () -- C:\WINDOWS\olimeqaguvimupa.dll
[2009/10/12 14:07:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\anoxixoyenevud.dll
[2009/10/12 13:01:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\etewipiqowaliyun.dll
[2009/10/12 11:55:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\igelebinurif.dll
[2009/10/12 10:49:18 | 000,003,033 | ---- | C] () -- C:\WINDOWS\efobituk.dll
[2009/10/12 09:43:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\axaxagij.dll
[2009/10/12 08:37:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ejuwuwul.dll
[2009/10/12 07:31:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ikanedevacuqew.dll
[2009/10/12 06:25:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ayozifuloruzi.dll
[2009/10/12 05:19:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\epixidetayolaxay.dll
[2009/10/12 04:13:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ofayaxubexu.dll
[2009/10/12 03:07:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\evepodat.dll
[2009/10/12 02:01:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ajifajah.dll
[2009/10/12 00:55:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ihizixoc.dll
[2009/10/11 23:49:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ahiyelovawub.dll
[2009/10/11 22:43:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\egepejideduvaka.dll
[2009/10/11 21:37:19 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ebewadilak.dll
[2009/10/11 20:31:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\otasodef.dll
[2009/10/11 19:25:17 | 000,003,033 | ---- | C] () -- C:\WINDOWS\abomanewohisiquy.dll
[2009/10/11 16:31:48 | 000,003,033 | ---- | C] () -- C:\WINDOWS\anidijipat.dll
[2009/10/10 11:56:04 | 000,003,033 | ---- | C] () -- C:\WINDOWS\avohagiqinicimay.dll
[2009/10/10 10:49:54 | 000,003,033 | ---- | C] () -- C:\WINDOWS\udipomuk.dll
[2009/10/10 09:43:54 | 000,003,033 | ---- | C] () -- C:\WINDOWS\ewikamodetakobi.dll
[2009/10/10 08:37:56 | 000,003,033 | ---- | C] () -- C:\WINDOWS\esolesolas.dll
[2009/10/10 07:31:54 | 000,003,033 | ---- | C] () -- C:\WINDOWS\enehumevixipa.dll
[2009/10/09 18:19:54 | 000,003,033 | ---- | C] () -- C:\WINDOWS\uhexaziguquxuza.dll
[2009/07/11 23:41:15 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Dad\Application Data\PnkBstrK.sys
[2009/07/11 23:33:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\leverage.drm.log
[2009/03/15 02:01:50 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/05 02:18:07 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Dad\Application Data\Settings.cfg
[2008/12/26 13:29:03 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008/12/26 13:29:03 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008/12/26 13:29:03 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/26 13:29:03 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/11/17 21:34:28 | 000,000,065 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/09/24 22:17:24 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2008/09/04 06:45:28 | 000,038,451 | ---- | C] () -- C:\Documents and Settings\Dad\Application Data\Microsoft Excel 97-2003.ADR
[2008/09/04 06:45:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/09/04 06:44:21 | 000,038,472 | ---- | C] () -- C:\Documents and Settings\Dad\Application Data\Comma Separated Values (Windows).ADR
[2008/08/16 04:00:31 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/07/04 22:04:40 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/06/28 23:02:42 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dad\Local Settings\Application Data\fusioncache.dat
[2008/06/27 22:29:02 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008/06/27 22:24:21 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/06/26 13:31:35 | 000,180,376 | ---- | C] () -- C:\WINDOWS\System32\CESpy.dll
[2008/06/26 13:31:35 | 000,118,936 | ---- | C] () -- C:\WINDOWS\System32\nmNsp.dll
[2008/06/26 00:07:50 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/25 11:07:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Dad\Application Data\$_hpcst$.hpc
[2008/06/24 21:02:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\F5D9050.dll
[2008/02/18 22:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/11/06 12:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/10/22 11:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 11:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 11:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 11:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 11:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 11:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 11:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:DFC5A2B2
< End of report >

jailgypsy
Beginner
Beginner

Status :
Online
Offline

Posts : 4
Joined : 2010-01-19
OS : windows xp

View user profile

Back to top Go down

Re: After Anti-Malware

Post by jailgypsy on Sat Jan 30, 2010 6:25 pm

Here is the Extras

OTL Extras logfile created on: 1/30/2010 10:13:48 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Dad\Desktop\Firefox Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 63.99 Gb Free Space | 50.00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7.81 Mb Total Space | 0.07 Mb Free Space | 0.95% Space Free | Partition Type: NTFS
Drive G: | 170.09 Gb Total Space | 170.00 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1.90 Gb Total Space | 0.01 Gb Free Space | 0.31% Space Free | Partition Type: FAT

Computer Name: HOME
Current User Name: Dad
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Napster\napster.exe" = C:\Program Files\Napster\napster.exe:*:Enabled:napster -- (Napster)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{147567F0-8575-4BE0-B5B3-62706C67FA5A}" = EZXCocktail
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1864B4F0-7777-4A57-9930-C2B307597966}" = RealGuitar 2.1L
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 13
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}" = EZdrummer
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5AC5ED2E-2936-4B54-A429-703F9034938E}" = Covenant Eyes
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{5F4B558D-8AEB-4DEE-AAB3-C00D1D9A86BA}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CDC26F7-D6BF-442A-B599-0075A48310F7}" = SA32xx Device Manager
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9922FE96-6803-498D-A6AD-4EB5A3B956A5}" = Belkin Wireless G Plus MIMO USB Network Adapter
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}" = WinZip 11.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9CF5E60-42B1-489B-A0E2-9A6EE3DEB969}" = FireWire Family
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F1670367-C07F-411f-A196-79D2C65CBEC0}" = PS8200
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"AceFTP 3 Freeware" = AceFTP 3 Freeware
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Auralia 2.1" = Auralia 2.1
"AVG9Uninstall" = AVG Free 9.0
"BOSS Fonts Manager" = BOSS Fonts Manager
"CA_VMN_antispyware" = CA VMN Anti-Spyware (remove only)
"Cakewalk VST Adapter 4" = Cakewalk VST Adapter 4
"Cakewalk VST Adapter 4.5.1.0" = Cakewalk VST Adapter 4.5.1.0
"CUZ4_is1" = CAM UnZip 4.42
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DreamStation DXi2" = DreamStation DXi2
"Elevayta Klean Boy_is1" = Elevayta Klean Boy V5.04
"FileZilla Client" = FileZilla Client 3.3.0.1
"FLV Player" = FLV Player 2.0 (build 25)
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"FW" = Firewire 410 1.0.1.6
"Groove Monkee Sample Pack" = Groove Monkee Sample Pack
"HarBal Equalization System_is1" = HarBal Equalization System 1.5
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"iZotope Ozone 4_is1" = iZotope Ozone 4
"LameACM" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Musicnotes Player_is1" = Musicnotes Player V1.23.2
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Service Center" = Native Instruments Service Center
"NVIDIA Drivers" = NVIDIA Drivers
"PROPLUS" = Microsoft Office Professional Plus 2007
"Replay Media Catcher 2.40" = Replay Media Catcher 2.40
"Replay Media Catcher 3.11" = Replay Media Catcher 3.11
"Replay Music3.93" = Replay Music
"ReValver_is1" = ReValver
"SONAR6Producer_is1" = SONAR 6.2 Producer Edition
"Spyware Doctor" = Spyware Doctor 6.1
"SWiSH Jukebox2" = SWiSH Jukebox2
"SWiSH Max2" = SWiSH Max2
"SWiSH Max3" = SWiSH Max3
"SystemRequirementsLab" = System Requirements Lab
"WAV to MP3 Encoder" = WAV to MP3 Encoder
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.0.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/24/2009 11:50:43 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application SWiSHjukebox.exe, version 2009.6.19.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/24/2009 11:51:19 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application SWiSHjukebox.exe, version 2009.6.19.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/1/2009 1:49:27 AM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application SONARPDR.exe, version 15.2.0.359, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/9/2009 2:40:55 AM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/9/2009 2:40:55 AM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/16/2009 2:37:58 AM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application napster.exe, version 4.6.2.2, faulting module
nmsvtree.dll, version 0.0.0.0, fault address 0x00001030.

Error - 12/19/2009 2:40:05 AM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 12.0.6504.5000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/31/2009 7:04:43 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application mediacatcher.exe, version 3.11.0.0, faulting
module musicdnslib.dll, version 1.9.0.0, fault address 0x0000365d.

Error - 1/4/2010 2:08:45 AM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application replaymusic.exe, version 3.9.3.0, faulting module
replaymusic.exe, version 3.9.3.0, fault address 0x0000d655.

Error - 1/21/2010 3:32:21 AM | Computer Name = HOME | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Word.

[ OSession Events ]
Error - 9/6/2008 6:13:05 PM | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4171
seconds with 420 seconds of active time. This session ended with a crash.

Error - 9/6/2008 6:45:24 PM | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1071
seconds with 180 seconds of active time. This session ended with a crash.

Error - 9/6/2008 7:09:40 PM | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 49
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/14/2009 7:28:34 AM | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/14/2009 1:56:07 PM | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/14/2009 1:56:13 PM | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/22/2010 7:16:59 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic MT4 configuration node service failed to start due to the
following error: %%1058

Error - 1/24/2010 5:35:49 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic USB kernel driver service failed to start due to the following
error: %%1058

Error - 1/24/2010 5:35:49 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic MT4 configuration node service failed to start due to the
following error: %%1058

Error - 1/24/2010 5:48:26 PM | Computer Name = HOME | Source = Print | ID = 6161
Description = The document HP Image Zone Print Job [1/24/2010 1:47 PM 20.187] owned
by Dad failed to print on printer HP Photosmart 8200 Series. Data type: NT EMF
1.008. Size of the spool file in bytes: 6497000. Number of bytes printed: 0. Total
number of pages in the document: 1. Number of pages printed: 0. Client machine:
\\HOME. Win32 error code returned by the print processor: 2 (0x2).

Error - 1/24/2010 5:49:17 PM | Computer Name = HOME | Source = Print | ID = 6161
Description = The document Test Page owned by Dad failed to print on printer HP
Photosmart 8200 Series. Data type: NT EMF 1.008. Size of the spool file in bytes:
77760. Number of bytes printed: 0. Total number of pages in the document: 1. Number
of pages printed: 0. Client machine: \\HOME. Win32 error code returned by the print
processor: 2 (0x2).

Error - 1/24/2010 6:56:00 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic USB kernel driver service failed to start due to the following
error: %%1058

Error - 1/24/2010 6:56:00 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic MT4 configuration node service failed to start due to the
following error: %%1058

Error - 1/25/2010 1:45:52 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic USB kernel driver service failed to start due to the following
error: %%1058

Error - 1/25/2010 1:45:52 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The emagic MT4 configuration node service failed to start due to the
following error: %%1058

Error - 1/26/2010 1:52:40 AM | Computer Name = HOME | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.11 on
the Network Card with network address 00173F741BED.


< End of report >

jailgypsy
Beginner
Beginner

Status :
Online
Offline

Posts : 4
Joined : 2010-01-19
OS : windows xp

View user profile

Back to top Go down

Re: After Anti-Malware

Post by Belahzur on Sat Jan 30, 2010 7:15 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum