Hardly used computer at all since last GeekPolice visit and its slower than ever

View previous topic View next topic Go down

Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by funlovinguy2424 on 27th August 2011, 5:42 pm

Hardly used computer at all since last GeekPolice visit and its slower than ever.

I want to get my computer clean so i can store everything on an external hard drive. but i dont want to corrupt a brand new 3tb drive a just bought. My computer is moving agonizingly slow Sad tearing

Please help



OTL logfile created on: 8/27/2011 12:15:00 PM - Run 2
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\RT\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.98 Mb Total Physical Memory | 77.99 Mb Available Physical Memory | 17.45% Memory free
1.05 Gb Paging File | 0.54 Gb Available in Paging File | 50.99% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.87 Gb Total Space | 0.51 Gb Free Space | 0.91% Space Free | Partition Type: NTFS
Drive D: | 74.47 Gb Total Space | 8.43 Gb Free Space | 11.32% Space Free | Partition Type: NTFS

Computer Name: SCHOOL_TIME | User Name: RT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/27 12:13:43 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RT\My Documents\Downloads\OTL (1).com
PRC - [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.) -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/07/21 16:20:08 | 000,161,336 | ---- | M] (Google) -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/25 10:05:52 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/08 11:52:32 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/09/29 14:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2001/08/17 22:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/05 21:21:25 | 000,400,440 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\ppgooglenaclpluginchrome.dll
MOD - [2011/08/05 21:21:24 | 004,118,072 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011/08/05 21:20:23 | 000,300,088 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\Locales\en-US.dll
MOD - [2011/08/05 21:19:58 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011/08/05 21:19:56 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011/08/05 21:19:55 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
MOD - [2011/08/05 19:29:30 | 006,338,720 | ---- | M] () -- C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\13.0.782.112\gcswf32.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/08/02 15:18:50 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2004/09/29 14:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/08/27 10:25:06 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8089039F-E63D-4BB9-94A3-C50E7FF4235C}\MpKsl28fbebcc.sys -- (MpKsl28fbebcc)
DRV - [2011/08/21 02:45:41 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8089039F-E63D-4BB9-94A3-C50E7FF4235C}\MpKsl44eec3b4.sys -- (MpKsl44eec3b4)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/03/28 19:53:26 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2005/08/02 15:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/01/31 05:20:03 | 000,211,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005/01/31 05:12:46 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/05/16 19:46:15 | 000,347,648 | R--- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanUIG.sys -- (WlanUIG)
DRV - [2003/12/19 04:00:00 | 000,006,656 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cinemsup.sys -- (Cinemsup)
DRV - [2003/07/01 02:41:00 | 000,107,648 | R--- | M] (Cisco-Linksys LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vnetusbl.sys -- (USBNET)
DRV - [2001/08/17 07:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 07:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 07:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 07:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001/05/14 20:15:40 | 000,010,368 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [1999/12/17 03:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@freetoolsassociation.com/ActiveGS: undefinednpActiveGS.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\RT\Application Data\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@freetoolsassociation.com/ActiveGS: undefinednpActiveGS.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\RT\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\RT\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\RT\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\RT\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/06/25 10:08:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/05 01:30:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/05 01:30:19 | 000,000,000 | ---D | M]

[2008/11/16 14:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RT\Application Data\Mozilla\Extensions
[2011/05/05 01:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RT\Application Data\Mozilla\Firefox\Profiles\oqyoymet.default\extensions
[2008/02/25 05:41:35 | 000,001,877 | ---- | M] () -- C:\Documents and Settings\RT\Application Data\Mozilla\Firefox\Profiles\oqyoymet.default\searchplugins\aolsearch.xml
[2011/05/05 01:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/03 18:48:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/05/03 18:48:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 11:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2006/07/07 00:22:00 | 000,806,912 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npActiveGS.dll
[2011/05/03 18:48:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2003/01/15 19:39:16 | 000,036,864 | ---- | M] (WildTangent) -- C:\Program Files\mozilla firefox\plugins\npWTHost.dll
[2011/02/27 17:55:07 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Drop Down Deals\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [Aim6] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [You must be registered and logged in to see this link.] (Office Update Installation Engine)
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} [You must be registered and logged in to see this link.] (InstallShield Setup Player 2K2)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} [You must be registered and logged in to see this link.] (Facebook Photo Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} [You must be registered and logged in to see this link.] (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} [You must be registered and logged in to see this link.] (ACNPlayer2 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} [You must be registered and logged in to see this link.] (SproutLauncherCtrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\RT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\RT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/05 13:16:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/05/04 22:02:22 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2007/07/04 18:57:51 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/05/04 22:02:22 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{f354704e-62eb-11e0-ab92-0060b3ec0a2f}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: DIAGENT - hkey= - key= - C:\Program Files\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE (Creative Technology Ltd)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: LogitechSoftwareUpdate - hkey= - key= - C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
MsConfig - StartUpReg: LogitechVideoRepair - hkey= - key= - C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
MsConfig - StartUpReg: LogitechVideoTray - hkey= - key= - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NBKeyScan - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: aux1 - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: aux2 - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.ctmp3 - C:\WINDOWS\system32\ctmp3.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/14 23:07:07 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/14 23:06:28 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2008/02/20 22:32:47 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\RT\Application Data\pcouffin.sys
[2007/09/03 17:49:10 | 000,347,648 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\WlanUIG.sys
[2005/09/03 11:27:22 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2005/09/02 18:21:44 | 000,059,392 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\RT\Application Data\*.tmp files -> C:\Documents and Settings\RT\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/27 11:45:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/27 11:42:04 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-602609370-725345543-1007UA.job
[2011/08/27 11:24:15 | 000,002,239 | ---- | M] () -- C:\Documents and Settings\RT\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/27 11:24:13 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\RT\Desktop\Google Chrome.lnk
[2011/08/27 10:30:28 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/08/27 10:24:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/27 10:24:52 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/27 10:24:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/21 20:42:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-602609370-725345543-1007Core.job
[2011/08/21 10:46:04 | 000,896,950 | ---- | M] () -- C:\Documents and Settings\RT\Desktop\209_034.jpg
[2011/08/20 05:30:04 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy.job
[2011/08/15 03:16:11 | 000,891,258 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/15 03:16:11 | 000,249,406 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/15 03:11:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\RT\Application Data\*.tmp files -> C:\Documents and Settings\RT\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/21 10:46:15 | 000,896,950 | ---- | C] () -- C:\Documents and Settings\RT\Desktop\209_034.jpg
[2011/05/14 03:04:49 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\RT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/05 17:13:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/26 05:35:15 | 000,000,124 | ---- | C] () -- C:\WINDOWS\System32\srcr.dat
[2009/12/09 01:18:51 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/08/09 20:25:17 | 000,084,316 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/11/24 02:44:24 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008/02/20 22:32:47 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\RT\Application Data\inst.exe
[2008/02/20 22:32:47 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\RT\Application Data\pcouffin.cat
[2008/02/20 22:32:47 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\RT\Application Data\pcouffin.inf
[2008/02/20 18:46:17 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/12/19 18:00:55 | 000,035,327 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2007/12/04 15:06:18 | 000,000,026 | ---- | C] () -- C:\WINDOWS\WAR2R.INI
[2007/10/02 19:46:08 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\RT\Local Settings\Application Data\fusioncache.dat
[2007/09/07 14:32:09 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/09/07 13:54:44 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2007/09/07 13:54:04 | 000,000,248 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2007/09/05 17:37:24 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\VERMONT1.DLL
[2007/09/05 17:37:24 | 000,012,416 | ---- | C] () -- C:\WINDOWS\System32\VRX1.DLL
[2007/09/05 17:37:23 | 000,107,520 | ---- | C] () -- C:\WINDOWS\System32\SIMANT.DLL
[2007/09/04 20:54:44 | 000,001,734 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/30 15:01:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UninstallBeetle.exe
[2006/07/03 18:37:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2006/05/07 23:28:36 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2005/11/28 18:23:12 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/11/28 18:16:53 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/12 20:14:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/11/10 23:21:20 | 000,001,372 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
[2005/10/23 13:28:17 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\BurnData.bin
[2005/09/24 13:08:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2005/09/03 02:38:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2005/09/02 18:50:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/02 18:18:30 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\sfman.dat
[2005/09/02 18:18:30 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2005/09/02 18:11:49 | 000,000,184 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/09/02 18:04:18 | 000,031,743 | ---- | C] () -- C:\WINDOWS\System32\fxcode.dat
[2005/08/30 18:29:38 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/30 16:05:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/30 16:00:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/30 08:48:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 08:47:42 | 000,270,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/02 15:24:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/02/28 14:17:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/12/19 04:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2003/04/04 13:59:08 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ACNePlayer.dll
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 07:00:00 | 000,891,258 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 07:00:00 | 000,249,406 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/09/02 23:10:48 | 000,008,628 | ---- | C] () -- C:\Program Files\AppleWin.GID
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/05/03 01:22:26 | 000,576,512 | ---- | M] (AVAST Software) -- C:\Documents and Settings\RT\Desktop\aswMBR.exe
[2010/05/23 10:09:00 | 000,135,360 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\RT\Desktop\FixBlast.exe
[2011/05/04 22:01:41 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\RT\Desktop\Flash_Disinfector.exe
[2008/06/02 04:49:40 | 000,904,912 | ---- | M] () -- C:\Documents and Settings\RT\Desktop\Google Updater.exe
[2011/05/02 19:31:20 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\RT\Desktop\t9r3n8qw.exe
[2011/05/05 21:08:56 | 000,504,657 | ---- | M] () -- C:\Documents and Settings\RT\Desktop\unhide.exe

< %PROGRAMFILES%\Common Files\*.* >
[2003/08/27 16:19:18 | 000,036,963 | R--- | M] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/04/14 11:25:40 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/04/14 11:25:55 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/04/14 11:25:59 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/05/01 20:15:13 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2006/01/25 22:50:26 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2008/02/24 19:58:22 | 000,000,000 | ---D | M] -- C:\Program Files\AIM6
[2005/11/28 18:24:10 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2005/09/03 02:28:01 | 000,000,000 | ---D | M] -- C:\Program Files\AOpen
[2007/09/04 22:24:22 | 000,000,000 | ---D | M] -- C:\Program Files\apple
[2008/11/20 04:01:54 | 000,000,000 | ---D | M] -- C:\Program Files\BitZipper
[2010/02/11 04:14:59 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/11/02 11:33:26 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/08/05 13:12:58 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2005/09/02 18:21:51 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2005/09/02 16:11:13 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2005/09/02 18:24:00 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2011/02/27 17:55:25 | 000,000,000 | ---D | M] -- C:\Program Files\Drop Down Deals
[2008/02/20 19:54:38 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Decrypter
[2008/02/20 15:13:13 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Shrink
[2010/01/10 17:52:16 | 000,000,000 | ---D | M] -- C:\Program Files\DVDFab 6
[2010/08/14 20:52:34 | 000,000,000 | ---D | M] -- C:\Program Files\DVDFab 7
[2011/05/07 15:56:24 | 000,000,000 | ---D | M] -- C:\Program Files\DVDFab 8
[2009/12/26 06:08:36 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2005/09/03 14:54:23 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2009/12/26 06:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\InstallShield Installation Information
[2005/11/12 20:13:52 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/08/15 03:10:19 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/11/27 19:19:49 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2006/01/18 19:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/05/01 18:10:51 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/12/26 06:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2011/04/24 10:02:09 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/19 17:24:13 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2010/01/05 02:52:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2005/09/02 18:49:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/05/07 21:36:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2007/09/09 03:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005/08/05 13:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2005/09/02 18:48:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/08/14 22:43:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2005/09/02 18:48:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2008/11/21 17:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2005/09/02 18:49:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 03:16:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/05/05 01:30:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/08/15 03:11:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2005/08/05 13:12:45 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/08/05 13:12:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2005/10/10 20:46:44 | 000,000,000 | ---D | M] -- C:\Program Files\MyWebSearchWB
[2008/11/19 16:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2005/09/02 18:57:57 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2010/12/16 22:01:59 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2008/04/10 21:31:28 | 000,000,000 | ---D | M] -- C:\Program Files\PassAlong
[2007/09/03 17:24:57 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2006/01/18 19:18:42 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2008/06/25 10:05:09 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/08/15 03:11:13 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/09/05 02:15:40 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2005/09/03 11:16:35 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2005/09/02 18:27:22 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra Imaging
[2009/12/26 17:06:13 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/11/02 11:33:21 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2007/09/03 18:24:37 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/06/19 14:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\Starcraft
[2011/05/02 19:02:17 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2011/05/02 19:02:11 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec AntiVirus
[2008/10/01 01:54:10 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2006/01/14 22:47:09 | 000,000,000 | ---D | M] -- C:\Program Files\Trymedia
[2005/08/05 13:21:17 | 000,000,000 | ---D | M] -- C:\Program Files\Uninstall Information
[2010/03/11 04:43:12 | 000,000,000 | ---D | M] -- C:\Program Files\Warcraft III
[2010/01/05 02:52:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2010/01/05 02:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2007/09/07 00:53:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/11/24 02:44:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/11/19 16:39:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/08/30 17:22:18 | 000,000,000 | ---D | M] -- C:\Program Files\WindowsUpdate
[2009/02/23 19:52:57 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap
[2010/07/19 12:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2005/08/05 13:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2011/05/05 18:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2005/08/31 18:54:50 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/11/19 16:24:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2005/08/31 18:54:50 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/11/19 16:24:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2005/08/31 18:54:50 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/11/19 16:24:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2005/08/31 18:54:50 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/11/19 16:24:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2005/08/31 18:54:50 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/11/19 16:24:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2005/08/31 18:54:50 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2008/11/19 16:24:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-15 08:17:17

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/04/14 11:26:03 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/04/14 11:26:03 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/04/14 11:26:03 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/21 06:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/21 06:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/21 06:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: %programfiles%\Internet Explorer\iexplore.exe [2011/06/20 06:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2001/08/23 07:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/04/14 11:26:03 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/04/14 11:26:03 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/04/14 11:26:03 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/04/14 11:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\RT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/08/05 21:21:27 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/21 06:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/21 06:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/21 06:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: %programfiles%\Internet Explorer\iexplore.exe [2011/06/20 06:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2001/08/23 07:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation)

< End of report >











Did not have an extras file pop-up



















aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-08-27 12:36:08
-----------------------------
12:36:08.812 OS Version: Windows 5.1.2600 Service Pack 3
12:36:08.812 Number of processors: 1 586 0x207
12:36:08.812 ComputerName: SCHOOL_TIME UserName: RT
12:36:09.437 Initialize success
12:38:44.265 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
12:38:44.265 Disk 0 Vendor: WDC_WD600BB-75CAA0 16.06V16 Size: 57220MB BusType: 3
12:38:44.265 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
12:38:44.265 Disk 1 Vendor: WDC_WD800BB-75CAA0 16.06V16 Size: 76293MB BusType: 3
12:38:46.281 Disk 0 MBR read successfully
12:38:46.281 Disk 0 MBR scan
12:38:46.281 Disk 0 Windows XP default MBR code
12:38:46.296 Disk 0 scanning sectors +117162045
12:38:46.359 Disk 0 scanning C:\WINDOWS\system32\drivers
12:39:10.906 Service scanning
12:39:12.578 Service MpKsl28fbebcc C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8089039F-E63D-4BB9-94A3-C50E7FF4235C}\MpKsl28fbebcc.sys **LOCKED** 32
12:39:13.656 Modules scanning
12:39:57.296 Disk 0 trace - called modules:
12:39:57.312 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
12:39:57.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84bcc030]
12:39:57.343 3 CLASSPNP.SYS[f75cdfd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x84be5030]
12:39:57.343 Scan finished successfully
12:40:55.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\RT\My Documents\Downloads\MBR.dat"
12:40:55.953 The log file has been saved successfully to "C:\Documents and Settings\RT\My Documents\Downloads\aswMBR.txt"









funlovinguy2424
Novice
Novice

Posts Posts : 19
Joined Joined : 2011-05-01
Gender Gender : Male
OS OS : Windows XP
Points Points : 20731
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by funlovinguy2424 on 27th August 2011, 5:50 pm

Results of screen317's Security Check version 0.99.18
Windows XP Service Pack 3
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus out of date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Out of date Spybot installed!
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 25
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.2.159.1
Adobe Reader X (10.0.1) Adobe Reader Out of Date!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

funlovinguy2424
Novice
Novice

Posts Posts : 19
Joined Joined : 2011-05-01
Gender Gender : Male
OS OS : Windows XP
Points Points : 20731
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by Gabethebabe on 28th August 2011, 4:51 pm

446.98 Mb Total Physical Memory | 77.99 Mb Available Physical Memory | 17.45% Memory free

This looks like a problem. You are running very low on memory and need to optimize.

No malware in the OTL log, lets run another scan:

Please download aswMBR by Alwil Software from [You must be registered and logged in to see this link.] and save it to your desktop.

  • Double click aswMBR.exe to run the tool
  • Click the Scan button to start the scan
  • Donīt panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  • Once the scan finishes click Save log to save the log to your desktop
  • Copy and paste the contents of this log (aswMBR.txt) into your next reply.


Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38228
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by funlovinguy2424 on 7th November 2011, 3:26 am

Hello again and sorry for the slow response, i have been out of the country and not using my computer. Hope you can still help me.

So what can, or do i need to do to optimize my computer?







Also here is the log you requested.

Thank you,




aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-06 21:16:39
-----------------------------
21:16:39.882 OS Version: Windows 5.1.2600 Service Pack 3
21:16:39.882 Number of processors: 1 586 0x207
21:16:39.882 ComputerName: SCHOOL_TIME UserName: RT
21:16:40.710 Initialize success
21:16:50.085 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:16:50.085 Disk 0 Vendor: WDC_WD600BB-75CAA0 16.06V16 Size: 57220MB BusType: 3
21:16:50.085 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
21:16:50.085 Disk 1 Vendor: WDC_WD800BB-75CAA0 16.06V16 Size: 76293MB BusType: 3
21:16:52.085 Disk 0 MBR read successfully
21:16:52.085 Disk 0 MBR scan
21:16:52.085 Disk 0 Windows XP default MBR code
21:16:52.101 Disk 0 scanning sectors +117162045
21:16:52.148 Disk 0 scanning C:\WINDOWS\system32\drivers
21:17:04.007 Service scanning
21:17:04.851 Service MpKslc1fb89f9 C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{99474D08-330E-412D-ABC9-54F81FF2E82C}\MpKslc1fb89f9.sys **LOCKED** 32
21:17:05.726 Modules scanning
21:17:16.085 Disk 0 trace - called modules:
21:17:16.116 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
21:17:16.132 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8575f5e0]
21:17:16.132 3 CLASSPNP.SYS[f74edfd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8575fb58]
21:17:16.132 Scan finished successfully
21:18:36.601 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\RT\Desktop\MBR.dat"
21:18:36.663 The log file has been saved successfully to "C:\Documents and Settings\RT\Desktop\aswMBR.txt"





funlovinguy2424
Novice
Novice

Posts Posts : 19
Joined Joined : 2011-05-01
Gender Gender : Male
OS OS : Windows XP
Points Points : 20731
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by Gabethebabe on 10th November 2011, 6:47 am

To optimize your computer you have two big friends: Google and Blackviper.com

Visit blackviper.com and read carefully through the Windows XP section to find out about Windows services you can disable to free up memory.


Bring up the processes tab of task manager (CTRL-SHIFT-ESC to open task manager) and look through all running processes. Google the ones you do not recognize and find out to which software they belong, if they are vital or not and whether you want to keep them or not. If you think there are processes you do not want, use Google again to find out how to disable them.

I think with these steps you should try and optimize your computer bit-by-bit and hopefully it will start running better!

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38228
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by funlovinguy2424 on 13th November 2011, 1:59 am

OK, done a lot of work on my CPU, seems to be running a lot better.

1.)Should i run another comprehensive virus search?

2.) keep seeing this RECYCLER file on my zip drives and my new external hard drive, anything i should be worried about with it?

3.) Also i notice there are a lot of files now that have $~ at the front of them, and were never like that before.

What might that mean?

funlovinguy2424
Novice
Novice

Posts Posts : 19
Joined Joined : 2011-05-01
Gender Gender : Male
OS OS : Windows XP
Points Points : 20731
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hardly used computer at all since last GeekPolice visit and its slower than ever

Post by Gabethebabe on 13th November 2011, 8:54 am

1) no
2) that is a legit windows system folder
3) those are temporary files. If you continue seeing them, you can delete them. The program that created them has probably crashed and has not deleted them.

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38228
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum