Problem with Embarq/Century Link Online Security

View previous topic View next topic Go down

Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Thu 08 Jul 2010, 2:27 am

hello,

recently I have been unable to use my computer for more than 5-10 minutes at a time. As soon as I log in, a window for Embarq Online Security pops up (sometimes it says Century Link Online Security) and begins to install itself. Then it says "detecting conflicting programs" and finds AVG Free 8.5, which it then proceeds to remove. if I cancel the process and try to continue using my computer, it will automatically turn the computer off and I must restart the process all over again. I have waited for it remove AVG Free to see if the problem would be resolved, but upon restarting the computer after removal of the program, it does the exact same thing and AVG Free is still on my computer. I used to have Embarq as my ISP until they were bought out by Century Link so I have not used their services in months, but this had never appeared until last week. I am not entirely sure if it is malware or adware, but I have never experienced anything like this before, please help!

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Belahzur on Thu 08 Jul 2010, 3:20 am

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Thu 08 Jul 2010, 6:32 am

I will be unable to run this scan for a few days. I am currently using my son's computer and will not return home until Friday, whereupon I will scan and post the log results.

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Sat 10 Jul 2010, 4:33 pm

OTL Extras logfile created on: 7/9/2010 9:24:49 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = F:\PC FIXES
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 634.00 Mb Available Physical Memory | 62.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.09 Gb Total Space | 46.91 Gb Free Space | 45.51% Space Free | Partition Type: NTFS
Drive D: | 8.69 Gb Total Space | 1.18 Gb Free Space | 13.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3.76 Gb Total Space | 0.01 Gb Free Space | 0.35% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VARGASCOMPUTER
Current User Name: Grandma Vargas
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{403D1635-97FB-4434-AA65-A93744A8730B}" = lport=139 | protocol=6 | dir=in | app=system |
"{4F651D2F-9A12-4C43-B86F-E063304AC568}" = rport=139 | protocol=6 | dir=out | app=system |
"{6DB6453B-88E1-4CB6-A0E6-AFA4AB402FF2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90FFBDD8-003B-42F8-AB66-6D6AFEDB43A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{ABB8D635-4C7D-46D5-A6EE-3D7D64B46773}" = lport=445 | protocol=6 | dir=in | app=system |
"{CCF61ECC-DD98-4ABA-9DDA-691B33B1CDE6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D984730A-33D7-49E7-95B4-666B2E11A64C}" = rport=137 | protocol=17 | dir=out | app=system |
"{DEFC1C33-B1C7-4730-A66A-0C465AC0A8DC}" = rport=138 | protocol=17 | dir=out | app=system |
"{EA5B70AF-2A1E-4B00-A1AC-0C84C881158C}" = lport=137 | protocol=17 | dir=in | app=system |
"{EC3545B3-873C-4BA3-BF25-A2C4E950EC6C}" = rport=445 | protocol=6 | dir=out | app=system |
"{EFA41794-D0B0-41CA-ABE9-86AE343151E4}" = lport=138 | protocol=17 | dir=in | app=system |
"{F1880360-C3A7-44D1-89C4-C79E8A63152B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F4197172-B098-4E8D-9114-5A501102532B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0285AEED-EB75-4EA5-9912-5855EA63F881}" = protocol=6 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{0A233D88-E7C2-406B-A097-176627D08E1B}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{0C2838E7-EF41-4367-B0AF-17E669FEEF3E}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0EDB530C-DEDF-4F9C-8137-240C421F334D}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{3CD83778-02D9-40F4-86D7-D2D221497F0A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{485F585C-B4B4-4C00-B2CD-449CFA259F67}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4CCFE93D-2FDB-4602-9882-7D9A80A03502}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5A755C33-CC63-4EFA-9DC7-B5D6FC468732}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6278B1B3-36F9-4C46-9705-B999AC6883F1}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{66861C9D-320C-4441-A643-566A40A5EC29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{69A4CAF0-56EB-4036-AB37-9F933CD287BD}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{77BE16C8-A4AA-4100-98B6-25F13086A331}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{7A61962A-D5E7-4DD9-83BA-3F494C799EC1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7CA35BFE-1033-47E1-AC7D-7F87D562788B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{95D77D6B-E9BF-4187-AE34-607CED0054A7}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{AEEDA546-27D7-41CE-80BD-813BCE678EA8}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{AFD266CA-7FE8-4132-A0F3-8B3895540633}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B1AE2ADB-28A7-4DE8-8701-CC026C866B36}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B64035B2-9D95-4172-ABE6-04C109FA3859}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{D4FC2812-4E67-4F74-BB17-6D056096222D}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{D67D8ED9-55F3-4BDC-B3DC-DB5E2650D05F}" = protocol=17 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{D81E9433-57DC-4C99-A88E-ACDC2E4C408D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D88B1DE6-CA39-4A27-8E5E-29B34546A156}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E78D3E56-EEBD-46A8-9FBE-98549448AE7E}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{EA993BC1-3F91-4E67-8DE8-DF14679F7098}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{F95E545C-8C0C-465B-81DF-97BB725F4431}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F9827320-E6B9-47E1-950A-2065C4A9A21E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{38CA6F44-6817-4D54-9EAC-A147D77485D6}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{762BFFF5-DA8F-460B-9E78-718138479BA6}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{F58AFF61-C8A1-4D34-80AD-94DA1CC9F2F5}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{8E7948C2-B707-43A3-9A17-FA2D77574D18}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{CEADAA5A-47CF-416B-86A9-902E7A73DC7C}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{FFFC4531-D421-41A0-BA8C-EEB7C937229E}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{14AF024E-2E3B-49D0-A175-D1C1A06B155A}" = muvee autoProducer 6.0
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE11B98-C61C-4692-9E0E-59934761C3BE}" = 2Wire Wireless Manager
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{663E217E-FC26-4249-9E8E-F190CD63E737}" = TaxCut Premium + State 2007
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C22B40-6D12-4439-80DC-CAB3313EADA5}" = dj_sf_software_req
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = MyDSC2
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6ADA0E4-9451-43EB-B86E-878AD9E68D4F}" = LightScribe 1.6.45.1
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E0C18BB0-32CA-4679-B422-9B9FA825378F}" = HP Deskjet Printer Driver Software 9.0
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F233CA97-817E-4DC2-9D76-04A2A8D96687}" = RegistrySmart
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F9001C89-8036-4673-9577-E7CD8564807C}" = The Print Shop 20
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG8Uninstall" = AVG Free 8.5
"BitLord" = BitLord 1.1
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"ENTERPRISE" = Microsoft Office Enterprise 2007
"F-Secure Product 444" =
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Moraff's_Maximum_Mahjongg_1.0" = Moraff's Maximum MahJongg 1.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.4)" = Mozilla Firefox (3.6.4)
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PBS KIDS PLAY" = PBS KIDS PLAY!
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Pdf995" = Pdf995 (installed by TaxCut)
"PdfEdit995" = PdfEdit995 (installed by TaxCut)
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"PRJPRO" = Microsoft Office Project Professional 2007
"QuickTime" = QuickTime
"RealPlayer 12.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"Shockwave" = Shockwave
"SoftwareStarterGuide-DCSD40_46" = Canon Digital Camera Solution Disk 40-46 Software Starter Guide
"Ultimate Mahjongg" = Ultimate Mahjongg
"VirtualAssistant" = Uninstall VirtualAssistant
"VISPRO" = Microsoft Office Visio Professional 2007
"WebDesigner" = Microsoft Expression Web
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WildTangent hp Master Uninstall" = HP Games
"WT025174" = AstroPop Deluxe
"WT076782" = Kitten Sanctuary
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/31/2009 2:40:15 PM | Computer Name = VargasComputer | Source = EventSystem | ID = 4621
Description =

Error - 8/3/2009 12:30:04 AM | Computer Name = VargasComputer | Source = EventSystem | ID = 4621
Description =

Error - 8/5/2009 2:37:13 PM | Computer Name = VargasComputer | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-08-05 11:37:10-07:00 vargascomputer VargasComputer\Grandpa
Vargas F-Secure Anti-Virus Scanning of \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\YAHOO!\MESSENGER\YMSGLITE.DLL
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 8/6/2009 5:56:00 PM | Computer Name = VargasComputer | Source = EventSystem | ID = 4622
Description =

Error - 8/6/2009 5:56:01 PM | Computer Name = VargasComputer | Source = EventSystem | ID = 4622
Description =

Error - 8/7/2009 4:52:17 PM | Computer Name = VargasComputer | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-08-07 13:52:17-07:00 vargascomputer VargasComputer\Grandma
Vargas F-Secure Anti-Virus Scanning of \DEVICE\HARDDISKVOLUME1\WINDOWS\SYSTEM32\SIRENACM.DLL
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 8/7/2009 4:53:51 PM | Computer Name = VargasComputer | Source = Application Hang | ID = 1002
Description = The program EasyShare.exe version 6.40.53.95 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 85c Start Time: 01ca17a0fa32bdf2 Termination Time: 15

Error - 8/10/2009 7:59:06 PM | Computer Name = VargasComputer | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-08-10 16:59:01-07:00 vargascomputer VargasComputer\Grandpa
Vargas F-Secure Anti-Virus Scanning of \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\EMBARQ
ONLINE SECURITY\ANTI-VIRUS\FSCHED.DLL was aborted due to exceeded scanning time
limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

Error - 8/14/2009 12:10:58 PM | Computer Name = VargasComputer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 8/15/2009 1:53:49 PM | Computer Name = VargasComputer | Source = EventSystem | ID = 4621
Description =

[ Media Center Events ]
Error - 4/18/2008 6:40:50 PM | Computer Name = VargasComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/9/2008 10:20:01 AM | Computer Name = VargasComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 2/23/2009 10:35:31 PM | Computer Name = VargasComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7026
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:19 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:20 AM | Computer Name = VargasComputer | Source = Service Control Manager | ID = 7001
Description =

Error - 7/10/2010 12:22:24 AM | Computer Name = VargasComputer | Source = DCOM | ID = 10005
Description =


< End of report >

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Sat 10 Jul 2010, 4:33 pm

OTL logfile created on: 7/9/2010 9:24:49 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = F:\PC FIXES
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 634.00 Mb Available Physical Memory | 62.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.09 Gb Total Space | 46.91 Gb Free Space | 45.51% Space Free | Partition Type: NTFS
Drive D: | 8.69 Gb Total Space | 1.18 Gb Free Space | 13.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3.76 Gb Total Space | 0.01 Gb Free Space | 0.35% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VARGASCOMPUTER
Current User Name: Grandma Vargas
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/15 13:28:46 | 000,561,664 | ---- | M] (OldTimer Tools) -- F:\PC FIXES\OTL.exe
PRC - [2008/10/28 23:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/20 23:52:47 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe


========== Modules (SafeList) ==========

MOD - [2010/04/15 13:28:46 | 000,561,664 | ---- | M] (OldTimer Tools) -- F:\PC FIXES\OTL.exe
MOD - [2008/01/19 00:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/29 08:30:29 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/20 23:52:47 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/01 04:42:56 | 000,113,304 | ---- | M] (F-Secure Corporation) [Auto | Stopped] -- C:\Program Files\EMBARQ Online Security\Common\FSMA32.EXE -- (FSMA)
SRV - [2007/11/01 04:42:16 | 000,453,216 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files\EMBARQ Online Security\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2007/11/01 04:42:04 | 000,047,800 | ---- | M] (F-Secure Corporation) [Auto | Stopped] -- C:\Program Files\EMBARQ Online Security\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2007/11/01 04:41:52 | 000,461,408 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files\EMBARQ Online Security\FSAUA\program\fsaua.exe -- (FSAUA)
SRV - [2007/03/05 21:57:30 | 000,538,096 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\System32\dlbacoms.exe -- (dlba_device)
SRV - [2007/01/19 13:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)


========== Driver Services (SafeList) ==========

DRV - [2009/08/29 08:30:46 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/29 08:30:45 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/06/30 15:02:36 | 000,077,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\EMBARQ Online Security\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:04:16 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/04/22 16:35:50 | 000,060,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2007/11/01 04:42:12 | 000,034,752 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2007/11/01 04:42:06 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\EMBARQ Online Security\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2007/11/01 04:42:06 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\EMBARQ Online Security\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2007/11/01 04:42:06 | 000,012,896 | ---- | M] () [Kernel | System | Stopped] -- C:\Program Files\EMBARQ Online Security\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/01 17:20:40 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2007/08/24 20:39:56 | 001,899,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/08/24 20:39:56 | 001,899,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007/07/11 03:21:00 | 001,793,880 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/03 12:21:08 | 000,029,056 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2007/04/11 15:33:06 | 000,079,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007/04/11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/04/11 15:32:38 | 000,063,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007/04/11 15:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/03/27 19:06:02 | 000,857,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2007/03/05 14:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 02:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 02:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "[You must be registered and logged in to see this link.]
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..network.proxy.no_proxies_on: "localhost"

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/06/26 09:37:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/26 09:37:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/26 09:37:53 | 000,000,000 | ---D | M]

[2008/09/20 22:55:18 | 000,000,000 | ---D | M] -- C:\Users\Grandma Vargas.VargasComputer\AppData\Roaming\mozilla\Extensions
[2010/07/02 20:33:08 | 000,000,000 | ---D | M] -- C:\Users\Grandma Vargas.VargasComputer\AppData\Roaming\mozilla\Firefox\Profiles\7sa5c3ct.default\extensions
[2009/09/03 08:52:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Grandma Vargas.VargasComputer\AppData\Roaming\mozilla\Firefox\Profiles\7sa5c3ct.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/13 16:27:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2008/09/20 20:29:22 | 000,265,449 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 9197 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Embarq Toolbar) - {4E7BD74F-2B8D-469E-92BE-BF2DFE9AAE2C} - C:\PROGRA~1\EMBARQ~2\EMBARQ~1.DLL File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Embarq Toolbar) - {4E7BD74F-2B8D-469E-92BE-BF2DFE9AAE2C} - C:\PROGRA~1\EMBARQ~2\EMBARQ~1.DLL File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Embarq Toolbar) - {4E7BD74F-2B8D-469E-92BE-BF2DFE9AAE2C} - C:\PROGRA~1\EMBARQ~2\EMBARQ~1.DLL File not found
O4 - HKLM..\Run: [2Wire Wireless Manager] C:\Program Files\2Wire Wireless Manager\2Wire.exe (2Wire)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Grandma Vargas.VargasComputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\EMBARQ Online Security\FSPS\program\fslsp.dll (F-Secure Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} [You must be registered and logged in to see this link.] (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.116.46.115 24.205.224.36 24.205.192.61
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Grandma Vargas.VargasComputer\Pictures\Photo Mess\459780-R1-07-8_1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Grandma Vargas.VargasComputer\Pictures\Photo Mess\459780-R1-07-8_1.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/07 23:17:39 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/09 21:24:40 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Grandma Vargas.VargasComputer\Desktop\OTL.exe
[2010/07/02 20:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/06/26 09:39:14 | 000,000,000 | ---D | C] -- C:\Users\Grandma Vargas.VargasComputer\Documents\Downloads
[2010/06/26 09:38:18 | 000,000,000 | ---D | C] -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\Real
[2010/06/26 09:37:35 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/06/26 09:37:28 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/06/26 09:37:28 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/06/26 09:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/06/26 09:36:41 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/06/26 09:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/06/26 09:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/06/26 09:34:21 | 000,000,000 | ---D | C] -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\Google
[2010/06/26 09:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/06/26 07:30:23 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/06/26 07:30:23 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/06/26 07:30:19 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/06/26 07:30:17 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/06/26 07:30:16 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/06/26 07:15:29 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/06/26 07:15:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/06/26 07:15:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/06/24 22:53:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/06/24 22:52:59 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/06/24 21:57:37 | 000,000,000 | ---D | C] -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\HP
[2010/06/11 23:12:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/06/11 23:12:07 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/06/11 23:12:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/06/11 23:11:40 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/06/11 23:11:39 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/06/11 23:11:39 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/06/11 23:11:38 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/06/11 23:11:38 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/06/11 23:11:38 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/06/11 23:11:38 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/06/11 23:11:38 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/06/11 23:11:37 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/06/11 23:11:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/06/11 23:11:36 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/06/11 23:11:20 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/06/11 23:11:00 | 002,036,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2007/01/30 15:47:52 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbapmui.dll
[2007/01/30 15:46:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbaserv.dll
[2007/01/30 15:38:18 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbacomm.dll
[2007/01/30 15:36:30 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbalmpm.dll
[2007/01/30 15:35:00 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbaiesc.dll
[2007/01/30 15:32:06 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbapplc.dll
[2007/01/30 15:31:08 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbacomc.dll
[2007/01/30 15:30:30 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbaprox.dll
[2007/01/30 15:22:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbainpa.dll
[2007/01/30 15:21:46 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbausb1.dll
[2007/01/30 15:17:02 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbahbn3.dll

========== Files - Modified Within 30 Days ==========

[2010/07/09 21:21:19 | 000,524,288 | -HS- | M] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat{5ec25053-8bda-11df-8d31-fcea51f03b22}.TMContainer00000000000000000002.regtrans-ms
[2010/07/09 21:21:18 | 000,524,288 | -HS- | M] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat{5ec25053-8bda-11df-8d31-fcea51f03b22}.TMContainer00000000000000000001.regtrans-ms
[2010/07/09 21:21:18 | 000,065,536 | -HS- | M] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat{5ec25053-8bda-11df-8d31-fcea51f03b22}.TM.blf
[2010/07/09 21:20:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/09 21:18:14 | 003,145,728 | -HS- | M] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat
[2010/07/09 21:18:03 | 061,808,162 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/07/09 21:15:48 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{481D9FCD-B455-466A-A1E5-E328AFE9101F}.job
[2010/07/09 21:15:00 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{52F58391-5CBE-4DCF-8B62-10E31BB558E0}.job
[2010/07/09 21:13:52 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/07/09 21:11:52 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/09 21:10:42 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/09 21:10:41 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/02 20:36:50 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/02 20:35:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/02 20:33:52 | 000,524,288 | -HS- | M] () -- C:\Users\Grandma Vargas.VargasComputer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/02 20:33:52 | 000,065,536 | -HS- | M] () -- C:\Users\Grandma Vargas.VargasComputer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/02 20:26:58 | 001,705,569 | -H-- | M] () -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\IconCache.db
[2010/07/02 20:19:33 | 061,608,586 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm.old
[2010/06/26 16:11:09 | 000,000,680 | ---- | M] () -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\d3d9caps.dat
[2010/06/26 10:22:05 | 000,000,039 | ---- | M] () -- C:\Windows\vbaddin.ini
[2010/06/26 09:37:45 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/06/26 09:37:35 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/06/26 09:37:28 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/06/26 09:37:28 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/06/26 09:36:41 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/06/26 08:28:54 | 000,726,334 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/26 08:28:54 | 000,619,282 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/26 08:28:54 | 000,110,638 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/12 06:30:50 | 000,786,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2010/07/09 21:21:19 | 000,524,288 | -HS- | C] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat{5ec25053-8bda-11df-8d31-fcea51f03b22}.TMContainer00000000000000000002.regtrans-ms
[2010/07/09 21:21:18 | 000,524,288 | -HS- | C] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat{5ec25053-8bda-11df-8d31-fcea51f03b22}.TMContainer00000000000000000001.regtrans-ms
[2010/07/09 21:21:18 | 000,065,536 | -HS- | C] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.dat{5ec25053-8bda-11df-8d31-fcea51f03b22}.TM.blf
[2010/06/26 13:37:03 | 000,000,680 | ---- | C] () -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\d3d9caps.dat
[2010/06/26 09:37:45 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/06/26 09:35:14 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/26 09:34:43 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/26 09:34:42 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/04/22 15:21:43 | 000,034,752 | ---- | C] () -- C:\Windows\System32\drivers\fses.sys
[2008/02/03 19:09:54 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/02/03 09:26:18 | 000,000,142 | ---- | C] () -- C:\Windows\wpd99.drv
[2008/02/03 09:26:17 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2008/01/26 23:06:51 | 000,000,223 | ---- | C] () -- C:\Windows\dellstat.ini
[2007/12/29 12:07:19 | 000,000,890 | ---- | C] () -- C:\Users\Grandma Vargas\AppData\Roaming\wklnhst.dat
[2007/12/29 09:01:40 | 000,006,656 | ---- | C] () -- C:\Users\Grandma Vargas.VargasComputer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/29 08:43:15 | 000,000,020 | -HS- | C] () -- C:\Users\Grandma Vargas.VargasComputer\ntuser.ini
[2007/12/29 08:43:14 | 000,524,288 | -HS- | C] () -- C:\Users\Grandma Vargas\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2007/12/29 08:43:14 | 000,524,288 | -HS- | C] () -- C:\Users\Grandma Vargas\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2007/12/29 08:43:14 | 000,262,144 | -H-- | C] () -- C:\Users\Grandma Vargas\ntuser.dat.LOG1
[2007/12/29 08:43:14 | 000,065,536 | -HS- | C] () -- C:\Users\Grandma Vargas\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2007/12/29 08:43:14 | 000,000,000 | -H-- | C] () -- C:\Users\Grandma Vargas\ntuser.dat.LOG2
[2007/12/29 08:43:13 | 003,145,728 | -HS- | C] () -- C:\Users\Grandma Vargas\ntuser.dat
[2007/08/24 20:46:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/08/07 23:04:08 | 000,006,092 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/08/07 22:51:43 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1277.dll
[2007/08/07 22:43:08 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/08/07 22:43:08 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/05/14 05:28:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/02/26 19:08:32 | 000,479,232 | ---- | C] () -- C:\Windows\System32\dlbajswr.dll
[2007/02/26 19:08:26 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbacur.dll
[2007/02/26 18:59:24 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbacu.dll
[2007/02/26 18:59:12 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbautil.dll
[2007/02/22 23:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbacoin.dll
[2006/12/13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:25:21 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/12/16 20:15:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbavs.dll
[2005/09/13 22:27:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbacnv4.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:7838B9E0
< End of report >

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Sat 10 Jul 2010, 4:34 pm

Sorry for taking so long, but I finally got the scan completed. Thanks in advance

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Belahzur on Sun 11 Jul 2010, 5:20 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Sun 18 Jul 2010, 11:56 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4322

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 7.0.6001.18000

7/17/2010 5:37:37 PM
mbam-log-2010-07-17 (17-37-37).txt

Scan type: Quick scan
Objects scanned: 166823
Time elapsed: 14 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58fa5318502c61e40bb21991aecb25e5 (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61bef09e2d118194e96583c90b1516ac (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7e5ead8fa251c5a45a24533a7762dc9e (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9de13aa5855d8404b8e108518d8a827b (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\bc59f3451579e1940a4c1d66df324d81 (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\d3fbc9a707fa89d43a63227c7e3b0b6d (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\e6f73c824f88eb9409fcf5976f4c9c4b (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\programdata\microsoft\windows\start menu\programs\registrysmart\(default) (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Grandma Vargas.VargasComputer\downloads\MyWebFaceSetup2.3.50.56_2.GRfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\Grandma Vargas.VargasComputer\downloads\MyWebFaceSetup2.3.67.1.NoSA.NoHP.GRfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.



I apologize for the length of time between posts, commuting back and forth to a usable computer is quite stressful....

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sneakyone on Mon 19 Jul 2010, 6:53 am

Hi,

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Mon 19 Jul 2010, 9:42 am

ComboFix 10-07-16.02 - Grandma Vargas 07/18/2010 15:18:54.1.1 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1015.486 [GMT -7:00]
Running from: c:\users\Grandma Vargas.VargasComputer\Desktop\commy.exe
Command switches used :: /stepdel
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: F-Secure Anti-Virus 7.30 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: F-Secure Anti-Virus 7.30 *disabled* (Updated) {0651C4B0-1D7E-4682-B965-2E9523C483A5}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\AutoRun.inf
c:\windows\xpsp1hfm.log

.
((((((((((((((((((((((((( Files Created from 2010-06-18 to 2010-07-18 )))))))))))))))))))))))))))))))
.

2010-07-18 22:31 . 2010-07-18 22:31 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-07-18 22:31 . 2010-07-18 22:31 -------- d-----w- c:\users\Grandpa Vargas\AppData\Local\temp
2010-07-18 22:31 . 2010-07-18 22:32 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Local\temp
2010-07-18 22:31 . 2010-07-18 22:31 -------- d-----w- c:\users\Grandma Vargas\AppData\Local\temp
2010-07-18 22:31 . 2010-07-18 22:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-18 22:13 . 2010-07-18 22:14 -------- d-----w- C:\32788R22FWJFW
2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- C:\commy
2010-07-18 00:22 . 2010-07-18 00:22 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Roaming\Malwarebytes
2010-07-18 00:22 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-18 00:22 . 2010-07-18 00:22 -------- d-----w- c:\programdata\Malwarebytes
2010-07-18 00:22 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-18 00:22 . 2010-07-18 00:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-03 03:12 . 2010-07-03 03:12 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-06-26 20:37 . 2010-07-18 21:57 680 ----a-w- c:\users\Grandma Vargas.VargasComputer\AppData\Local\d3d9caps.dat
2010-06-26 16:38 . 2010-06-26 16:38 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Local\Real
2010-06-26 16:37 . 2010-06-26 16:37 -------- d-----w- c:\program files\Common Files\xing shared
2010-06-26 16:36 . 2010-06-26 16:37 -------- d-----w- c:\program files\Common Files\Real
2010-06-26 16:34 . 2010-06-26 16:34 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Google
2010-06-26 16:34 . 2010-06-26 16:38 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Local\Google
2010-06-26 16:34 . 2010-06-26 16:35 -------- d-----w- c:\program files\Google
2010-06-26 14:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll
2010-06-26 14:30 . 2010-04-14 17:46 428544 ----a-w- c:\windows\system32\EncDec.dll
2010-06-26 14:15 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-26 14:15 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-26 14:15 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-26 14:15 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-26 14:15 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-25 05:53 . 2010-04-16 16:05 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-25 05:52 . 2010-04-16 14:17 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-25 04:57 . 2010-06-25 04:57 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Local\HP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-18 08:08 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-11 19:21 . 2008-04-22 22:19 -------- d-----w- c:\program files\EMBARQ Online Security
2010-07-10 04:17 . 2010-07-18 00:45 2068320 ----a-w- c:\programdata\avg8\update\backup\avgcorex.dll
2010-07-10 04:17 . 2010-07-18 00:45 2722656 ----a-w- c:\programdata\avg8\update\backup\avgresf.dll
2010-07-10 04:17 . 2010-07-18 00:45 3537760 ----a-w- c:\programdata\avg8\update\backup\avgui.exe
2010-07-10 04:16 . 2010-07-18 00:45 2048352 ----a-w- c:\programdata\avg8\update\backup\avgtray.exe
2010-07-10 04:12 . 2010-07-18 00:43 1146208 ----a-w- c:\programdata\avg8\update\backup\avgupd.exe
2010-07-03 03:39 . 2008-08-12 18:30 -------- d-----w- c:\programdata\avg8
2010-07-03 03:39 . 2008-04-22 22:18 -------- d-----w- c:\programdata\fssg
2010-06-26 17:25 . 2008-02-04 01:48 -------- d-----w- c:\programdata\Microsoft Help
2010-06-26 17:15 . 2007-08-08 06:21 -------- d-----w- c:\program files\Microsoft Works
2010-06-26 16:37 . 2010-06-26 16:37 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-06-26 16:37 . 2010-06-26 16:37 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-06-26 16:37 . 2010-06-26 16:37 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-06-26 16:37 . 2010-06-26 16:37 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-06-26 16:37 . 2010-06-26 16:37 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-06-26 16:37 . 2010-06-26 16:37 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-06-26 16:37 . 2010-06-26 16:37 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-06-26 16:37 . 2010-06-26 16:37 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-06-26 16:37 . 2010-06-26 16:37 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-06-26 16:37 . 2007-08-08 06:16 -------- d-----w- c:\program files\Real
2010-06-26 14:16 . 2008-02-04 01:57 -------- d-----w- c:\program files\Microsoft.NET
2010-06-25 05:14 . 2008-02-03 16:26 -------- d-----w- c:\programdata\pdf995
2010-06-25 01:24 . 2009-12-03 16:24 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Roaming\ZoomBrowser EX
2010-06-23 15:09 . 2009-12-19 00:07 -------- d-----w- c:\users\Grandma Vargas.VargasComputer\AppData\Roaming\CameraWindowDC
2010-05-26 16:16 . 2010-06-12 06:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:25 . 2010-06-12 06:12 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 21:14 . 2009-10-03 00:11 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 18:42 . 2010-06-12 06:11 833024 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 18:37 . 2010-06-12 06:11 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 16:53 . 2010-06-12 06:11 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 13:53 . 2010-06-12 06:11 2036224 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 18:14 . 2010-04-29 18:14 19 ----a-w- c:\windows\popcinfo.dat
2010-04-29 17:58 . 2008-11-30 06:19 2523560 ----a-w- c:\programdata\WildTangent\My HP Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2010-04-24 16:02 . 2010-04-24 16:02 690952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-04-23 13:55 . 2010-05-27 17:05 2048 ----a-w- c:\windows\system32\tzres.dll
2008-01-10 18:17 . 2008-01-10 18:17 22 --sha-w- c:\windows\SMINST\HPCD.sys
2007-08-08 06:30 . 2007-08-08 06:23 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"2Wire Wireless Manager"="c:\program files\2Wire Wireless Manager\2Wire.exe" [2007-10-02 61440]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-26 202256]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]

c:\users\Grandma Vargas.VargasComputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish Media Detector.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish Media Detector.lnk
backup=c:\windows\pss\Snapfish Media Detector.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-12 05:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
2010-07-18 00:43 2048352 ----a-w- c:\progra~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbarqVALite_McciTrayApp]
2007-05-29 15:35 1005152 ----a-w- c:\program files\EmbarqVALite\VirtualAssistantHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager]
2007-11-01 11:42 182936 ----a-w- c:\program files\EMBARQ Online Security\Common\FSM32.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB]
2007-11-01 11:42 739936 ----a-w- c:\program files\EMBARQ Online Security\FSGUI\tnbutil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 18:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-08-25 03:54 154136 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-05-24 20:13 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
2007-04-18 15:01 65536 ----a-w- c:\hp\support\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-08-25 03:54 141848 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 22:32 56080 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2007-04-11 22:32 56080 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-01-19 20:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]
2007-02-15 11:59 118784 ----a-w- c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-08-25 03:54 129560 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-07-06 11:06 4669440 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]
2007-04-07 09:56 54936 ----a-w- c:\windows\System32\jureg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-29 335240]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2007-11-01 34752]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-04-22 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\EMBARQ Online Security\Anti-Virus\minifilter\fsvista.sys [2007-11-01 12896]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-29 297752]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 136176]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-03-28 857600]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\EMBARQ Online Security\Anti-Virus\minifilter\fsgk.sys [2009-06-30 77824]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 dlba_device;dlba_device;c:\windows\system32\dlbacoms.exe [2007-03-06 538096]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\EMBARQ Online Security\Anti-Virus\Win2K\FSfilter.sys [2007-11-01 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\EMBARQ Online Security\Anti-Virus\Win2K\FSrec.sys [2007-11-01 25184]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - ECACHE
.
Contents of the 'Scheduled Tasks' folder

2010-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 16:34]

2010-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 16:34]

2010-07-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2822533757-1512537892-3082155675-1001.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 05:09]

2010-07-18 c:\windows\Tasks\User_Feed_Synchronization-{481D9FCD-B455-466A-A1E5-E328AFE9101F}.job
- c:\windows\system32\msfeedssync.exe [2008-09-29 07:33]

2010-07-18 c:\windows\Tasks\User_Feed_Synchronization-{52F58391-5CBE-4DCF-8B62-10E31BB558E0}.job
- c:\windows\system32\msfeedssync.exe [2008-09-29 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = localhost
LSP: c:\program files\EMBARQ Online Security\FSPS\program\fslsp.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\Grandma Vargas.VargasComputer\AppData\Roaming\Mozilla\Firefox\Profiles\7sa5c3ct.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-RunOnce- - (no file)
MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-07-18 15:32
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-07-18 15:38:22
ComboFix-quarantined-files.txt 2010-07-18 22:38

Pre-Run: 51,274,805,248 bytes free
Post-Run: 53,833,887,744 bytes free

- - End Of File - - 68A98C0C74969B94AF1204407A8D3E02

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sneakyone on Mon 19 Jul 2010, 9:49 am

Hi,

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Fri 23 Jul 2010, 4:07 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=f79db29ef24038408472d14f345be5cc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-23 03:39:26
# local_time=2010-07-22 08:39:26 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 61196262 61196262 0 0
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 0 116456026 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=232135
# found=3
# cleaned=3
# scan_time=7869
C:\Users\Grandma Vargas.VargasComputer\Downloads\setupxv problem.exe Win32/Adware.RegistrySmart application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Grandma Vargas.VargasComputer\Downloads\setupxv.exe Win32/Adware.RegistrySmart application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H60YWMEB\oU2773a43bHd641d370V0100f070006R2f0d7b0a108T9dc9f27f201l0409Kfa261733317[1].pdf JS/Exploit.Pdfka.NTY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sneakyone on Fri 23 Jul 2010, 4:10 pm

Hi,

Your computer is now clean. Now, time to remove the tools used, and update your computer to prevent vulnerability.

Updating System Restore
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE.


You now have a clean restore point.

To get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do a calculation of temporary/old files, and then display a dialogue box.
  • Select the More Options Tab.
  • At the bottom will be a System Restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done.


========

Removing the tools
Now, to remove all of the tools we used and the files and folders they created, please do the following:

Download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


============

Service Pack upgrade
Please consider upgrading to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

More info about SP3: [You must be registered and logged in to see this link.]

=====

Update Programs
Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.



Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Java (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

========

color=green]Here are some prevention tips I have provided:[/color]

1. Don't download files from untrusted websites or websites that seem suspious.

2. Don't use torrents they are a good way to get lots of malware.

3. Don't download and use cracks/warez/keygens they are illegal and are another good way to contract malware.

4. Disable autorun XP or Vista/7

5. Always make sure you have the latest Windows updates. windowsupdate.microsoft.com

6. Don't ever click on the links inside of a popup.

7. Make sure you know what you install you can make sure it is not know for being a virus by just simply searching about it on google.

8. Use a Site Advisor so you don't go to sites that will infect you. Mcafee Siteadvisor

9. Also there are many holes and flaws in Internet Explorer I recommend using Firefox 3 to keep you more safe.

10. Always keep your Java and Adobe updated.

11. Don't fall for the Scareware. What is Scareware? it is a website made to download a rogue Antivirus on your system that will scare you into buying their fake software due to false detections.

12. Always have a Firewall and a Antivirus.

Thanks for choosing GeekPolice, see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?

For more information please visit [You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Mon 26 Jul 2010, 7:52 am

I tried to follow instructions as you advised. However, 1st problem with the instructions I followed were; I could not create a restore point. the only option I had was to choose a restore point listed. I chose the 18th of July as my restore point. I am concerned about this because your message to me was dated on 24 July when you txt me and said my computer was clean. There were no later dates to choose from. The earliest point was 23 June but I believe that was the problem date. My next problem was with trying to get rid of the bad ones When I got to clicking the system restore box with Cleanup button, I clicked. I did not get a warning message but instead asked me if I really wanted to delete the files. there were no ok buttons to push. It was either yes or no. So I did that. Now I am concerned that I did something wrong, that I may have let the malware come back to my pc by picking the wrong date. I did not want to go further without consulting with you and be advised on what I should do next.

Thanks for your help. This Grandma appreciates your help

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sneakyone on Mon 26 Jul 2010, 7:58 am

Hi,

You did it right, you can continue on, the malware shouldn't come back no matter what now, unless you get infected again from a bad site or download.



I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Fri 30 Jul 2010, 5:45 am

I am confused about installing windows xp sp3. I have the windows vista software and from what I can tell on the web link, it requires that your system must have windows xp running. There is an option for vista users and it also says in that page that there are no more support for vista. So I am not sure what I should be doing? I am so sorry that I am so computer illiterate My son is the one who gave me this computer so I can keep in touch with him. I don't know much at all. Can u please continue to help me?

Grandma loves you

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sneakyone on Fri 30 Jul 2010, 6:44 am

Hi.

I am confused about installing windows xp sp3. I have the windows vista software and from what I can tell on the web link, it requires that your system must have windows xp running. There is an option for vista users and it also says in that page that there are no more support for vista. So I am not sure what I should be doing? I am so sorry that I am so computer illiterate

No worries, your machine is fully patched then.

My son is the one who gave me this computer so I can keep in touch with him. I don't know much at all. Can u please continue to help me?

What issues are you currently having?



I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Sat 31 Jul 2010, 8:20 am

Ok, thanks. My question is; do I still download the Windows service pack 3 now ? Do I install it for the windows xp or for the vista program? My pc is using the vista program which was on when my children purchased me this pc.
Sorry again for being stupid about this but I do appreciate your help very very very much.

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by squeakv1952 on Sat 31 Jul 2010, 9:46 am

Me again I just was trying to uninstall earlier versions of Java and Adobe Reader and it is not letting me. It keeps asking me if I want to allow a sender who asking me permission to log on publiser or something like that. My options are to cancel I don't know the sender or "I know this sender and accept" It is always coming on to ask me this question. I dont know if it is the Adobe, or Java trying to stop me from uninstalling it or not. Now I can't seem to download the latest update on either of these. what am I doing wrong?

squeakv1952

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-06-26
Operating System : Vista

View user profile

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sneakyone on Sat 31 Jul 2010, 10:17 am

Hi.

Nope, you don't need to get XP Service pack 3 since you have Vista.

Me again I just was trying to uninstall earlier versions of Java and Adobe Reader and it is not letting me. It keeps asking me if I want to allow a sender who asking me permission to log on publiser or something like that.

Not sure about that, try downloading Revo Uninstaller from here and try that: [You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Problem with Embarq/Century Link Online Security

Post by Sponsored content Today at 6:22 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum