Some files could not be scanned

View previous topic View next topic Go down

Some files could not be scanned

Post by Big10_62 on 26th February 2012, 9:27 pm

I am using Avast as my anti-virus program and it keeps telling me some files can not be scanned because of password protection. What gets me is it is the temp files from installing Adobe reader. These files should of been removed when the install was done. I am not too sure about Adobe Air. It seem to me that it is opening up a whole bunch of new holes.


OTL Extras logfile created on: 2/26/2012 2:45:33 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Documents and Settings\Chris\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.24 Gb Available Physical Memory | 74.93% Memory free
4.84 Gb Paging File | 4.26 Gb Available in Paging File | 88.04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 155.25 Gb Total Space | 95.53 Gb Free Space | 61.53% Space Free | Partition Type: NTFS
Drive D: | 155.25 Gb Total Space | 145.67 Gb Free Space | 93.82% Space Free | Partition Type: NTFS
Drive E: | 155.25 Gb Total Space | 132.82 Gb Free Space | 85.56% Space Free | Partition Type: NTFS

Computer Name: CHRIS-FC2A8D21A | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:UDP" = 5353:UDP:*:Disabled:Bonjour Port 5353
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\World of Warcraft\Launcher.patch.exe" = C:\Program Files\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\FrostWire 5\FrostWire.exe" = E:\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\gPotato.com\Allods Online\bin\Launcher.exe" = C:\gPotato.com\Allods Online\bin\Launcher.exe:*:Disabled:Allods Launcher
"C:\Documents and Settings\Chris\Local Settings\Apps\2.0\6NZO5LH3.XDN\P6OT2GJ4.VP6\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe" = C:\Documents and Settings\Chris\Local Settings\Apps\2.0\6NZO5LH3.XDN\P6OT2GJ4.VP6\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F56A6C9-81CA-4B5F-B471-8CCB13CF85DA}" = Office Suite X 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53CF3920-648B-4F99-8D05-6A6C5298F57B}" = Adobe Creative Suite 5.5 Design Standard
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB045C3-D5E4-4620-B536-DC11AACD5942}" = Broadcom Management Programs
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom NetXtreme Ethernet Controller
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"DealPly" = DealPly
"FrostWire 5" = FrostWire 5.3.2
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.3
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PySol Fan Club edition_is1" = PySol Fan Club edition v.2.0
"RealPlayer 15.0" = RealPlayer
"VLC media player" = VLC media player 2.0.0
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 4.0 [32-Bit]
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid Video Codec 1.3.1" = Xvid Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/7/2012 6:04:24 PM | Computer Name = CHRIS-FC2A8D21A | Source = Application Error | ID = 1000
Description = Faulting application easyshare.exe, version 8.30.62.106, faulting
module ekij5000rrs.dll, version 5.7.5.30, fault address 0x000584b5.

Error - 1/7/2012 6:04:31 PM | Computer Name = CHRIS-FC2A8D21A | Source = Application Error | ID = 1001
Description = Fault bucket -1853755230.

Error - 1/21/2012 7:21:08 PM | Computer Name = CHRIS-FC2A8D21A | Source = Application Error | ID = 1000
Description = Faulting application photoshop.exe, version 12.1.0.0, faulting module
photoshop.exe, version 12.1.0.0, fault address 0x017a9184.

Error - 1/21/2012 7:21:11 PM | Computer Name = CHRIS-FC2A8D21A | Source = Application Error | ID = 1001
Description = Fault bucket -1875513718.

Error - 1/25/2012 4:17:26 PM | Computer Name = CHRIS-FC2A8D21A | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 16.0.912.77, faulting module
wininet.dll, version 8.0.6001.19165, fault address 0x0000eccb.

Error - 1/25/2012 4:17:53 PM | Computer Name = CHRIS-FC2A8D21A | Source = Application Error | ID = 1001
Description = Fault bucket -1492378921.

Error - 2/15/2012 9:41:37 PM | Computer Name = CHRIS-FC2A8D21A | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

[ System Events ]
Error - 2/2/2012 11:55:31 AM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7034
Description = The SoundMAX Agent Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 2/3/2012 12:17:01 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/3/2012 12:27:07 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%183

Error - 2/6/2012 11:57:27 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/15/2012 9:41:37 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/17/2012 3:44:39 AM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/24/2012 2:57:01 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/25/2012 2:17:30 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/25/2012 2:40:39 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 2/25/2012 2:43:22 PM | Computer Name = CHRIS-FC2A8D21A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt


< End of report >

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Gabethebabe on 27th February 2012, 7:51 am

Hi there Big10_62 and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

I see you have ran OTL and posted extras.txt. I will also need OTL.txt. Could you please post that too?

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38258
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 29th February 2012, 7:27 pm

I will have to run it again.

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

OTL Logfile

Post by Big10_62 on 29th February 2012, 7:38 pm

OTL logfile created on: 2/26/2012 2:45:33 PM - Run 1
I had to load it as a attachment

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Gabethebabe on 1st March 2012, 7:03 am

I don´t see anything :p

You can cut it into 2-3 pieces and post them in multiple posts?

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38258
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 2nd March 2012, 6:13 pm

Ok I'll try that

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 2nd March 2012, 6:32 pm

OTL logfile created on: 2/26/2012 2:45:33 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Documents and Settings\Chris\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.24 Gb Available Physical Memory | 74.93% Memory free
4.84 Gb Paging File | 4.26 Gb Available in Paging File | 88.04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 155.25 Gb Total Space | 95.53 Gb Free Space | 61.53% Space Free | Partition Type: NTFS
Drive D: | 155.25 Gb Total Space | 145.67 Gb Free Space | 93.82% Space Free | Partition Type: NTFS
Drive E: | 155.25 Gb Total Space | 132.82 Gb Free Space | 85.56% Space Free | Partition Type: NTFS

Computer Name: CHRIS-FC2A8D21A | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/26 14:43:19 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\My Documents\Downloads\OTL.com
PRC - [2012/02/24 12:58:17 | 001,730,560 | ---- | M] (Curse) -- C:\Documents and Settings\Chris\Local Settings\Apps\2.0\6NZO5LH3.XDN\P6OT2GJ4.VP6\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe
PRC - [2012/02/23 10:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/02/23 10:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/01/20 12:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/01/03 07:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/09/05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
PRC - [2008/08/21 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/07/30 09:08:58 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002/08/30 12:59:54 | 000,380,928 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\SynCor.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/26 12:24:36 | 001,716,736 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12022603\algo.dll
MOD - [2012/02/26 02:43:52 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/02/26 02:43:52 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/02/25 22:38:23 | 001,716,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12022600\algo.dll
MOD - [2012/02/25 15:31:26 | 001,716,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12022502\algo.dll
MOD - [2012/02/25 02:46:59 | 001,714,688 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12022500\algo.dll
MOD - [2012/02/15 20:42:10 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012/02/15 20:41:33 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
MOD - [2012/02/15 20:40:30 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
MOD - [2012/02/15 20:40:16 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
MOD - [2012/02/15 20:40:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/15 20:40:03 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
MOD - [2012/02/15 20:39:54 | 017,403,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
MOD - [2012/02/15 20:39:24 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
MOD - [2012/02/15 19:42:45 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/15 19:42:37 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012/02/15 19:42:16 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012/02/15 19:38:31 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
MOD - [2012/02/15 19:38:17 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
MOD - [2012/02/15 19:38:13 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll
MOD - [2012/02/15 19:37:45 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
MOD - [2012/02/15 19:37:25 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
MOD - [2012/02/15 19:37:15 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/02/15 19:36:19 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/02/15 19:36:13 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2011/12/30 17:27:15 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
MOD - [2011/12/30 12:40:06 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/12/27 12:34:51 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/12/27 12:34:51 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/02/23 10:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/09/05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2012/02/23 10:12:28 | 000,610,648 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/02/23 10:12:16 | 000,337,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/02/23 10:10:46 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/02/23 10:10:39 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/02/23 10:10:25 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/02/23 10:10:16 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/23 10:07:33 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/02/16 20:55:06 | 000,963,712 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008/08/07 14:42:36 | 000,016,512 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RAPIProtocol.sys -- (RAPIProtocol)
DRV - [2008/07/25 01:18:32 | 000,176,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2008/06/06 09:15:40 | 000,098,816 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - SOFTWARE\Classes\CLSID\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=169&systemid=406&sr=0&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/01/13 12:28:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/01/01 14:57:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/02/25 12:52:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/01 13:18:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/01/01 13:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Extensions
[2012/02/25 14:44:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\wtefjguk.default\extensions
[2012/01/31 11:17:13 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\wtefjguk.default\extensions\ffxtlbr@babylon.com
[2012/02/25 14:44:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\wtefjguk.default\extensions\staged
[2012/02/20 15:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/20 15:34:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/12/21 01:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/20 22:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/20 22:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = [You must be registered and logged in to see this link.]
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: HP Product Detection Plugin for Mozilla (Enabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npProductDetectPlugin.dll
CHR - plugin: HP Active Check Plugin (Enabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npAclmPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: King Island RPG (Diablo 2) = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab\1.0.1_0\
CHR - Extension: YouTube = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Solitaire = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.3.7.4_0\
CHR - Extension: Google Search = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Sea Fishing = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbbjflofjliilmjmanppkcopifkbaidl\1.0_0\
CHR - Extension: DealPly = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: Crush the Castle = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakhfhibboimkfanhkbjnodceikahpad\13.2646.5616_0\
CHR - Extension: Crackle = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.2_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1407_0\
CHR - Extension: Avalon Siege = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jdfcobgemmebnoeggekmhejblaleldjp\13.2705.4902_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: HP Product Detection Plugin = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\
CHR - Extension: Curling = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008/08/21 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - !{47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Vgrabber Toolbar) - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - C:\Program Files\Vgrabber\prxtbVgra.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT File not found
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Windows iLivid Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar" File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Documents and Settings\Chris\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O15 - HKCU\..Trusted Domains: weather.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.180.42.68 208.180.42.100 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE5D627A-9330-44A4-B9F1-179B66ED14DE}: DhcpNameServer = 208.180.42.68 208.180.42.100 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/10/30 22:39:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1033" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /dir:"C:\Program Files\AVAST Software\Avast")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 2nd March 2012, 6:33 pm

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/25 20:37:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Chris\PrivacIE
[2012/02/25 14:47:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\FrostWire 5
[2012/02/25 14:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DealPly
[2012/02/25 14:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack
[2012/02/25 14:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Essentials Codec Pack
[2012/02/25 14:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly
[2012/02/25 13:09:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\vlc
[2012/02/25 13:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/02/25 12:53:05 | 000,337,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/02/25 12:53:05 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/02/25 12:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/02/25 12:53:03 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/02/25 12:53:03 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/02/25 12:53:02 | 000,610,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/02/25 12:53:02 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/02/25 12:53:02 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/02/25 12:53:01 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/02/25 12:52:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/25 12:52:36 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/02/25 12:52:36 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/02/24 12:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Curse
[2012/02/20 15:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/20 15:34:38 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/02/20 15:34:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/02/20 15:34:37 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/02/20 15:34:37 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/02/17 01:51:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/02/11 14:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\WMTools Downloaded Files
[2012/02/03 10:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/02/02 09:55:27 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\stinger.sys
[2012/02/02 09:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/01/31 11:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\OfficeSuiteX
[2012/01/31 11:47:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Office Suite X 3.3
[2012/01/31 11:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Office Suite X 3
[2012/01/31 11:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Babylon
[2012/01/31 11:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Babylon
[2012/01/31 11:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/01/29 11:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Deployment
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 2nd March 2012, 6:33 pm

[2012/02/26 14:44:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyUpdate.job
[2012/02/26 14:37:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/26 14:29:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1004336348-1177238915-1003UA.job
[2012/02/26 03:00:14 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2012/02/26 02:00:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-CHRIS-FC2A8D21A-Chris.job
[2012/02/25 23:02:26 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/02/25 17:37:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/25 16:29:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1004336348-1177238915-1003Core.job
[2012/02/25 14:47:04 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\FrostWire 5.3.2.lnk
[2012/02/25 14:47:04 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.2.lnk
[2012/02/25 14:44:10 | 000,000,829 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Media Player Classic.lnk
[2012/02/25 13:09:24 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/02/25 12:58:22 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/02/25 12:53:05 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/02/25 12:47:24 | 000,473,204 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/25 12:47:24 | 000,076,172 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/25 12:43:31 | 000,013,732 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/25 12:43:30 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1004336348-1177238915-1003.job
[2012/02/25 12:43:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/24 12:58:25 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Curse Client.appref-ms
[2012/02/23 10:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/02/23 10:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/02/23 10:12:28 | 000,610,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/02/23 10:12:16 | 000,337,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/02/23 10:10:46 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/02/23 10:10:39 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/02/23 10:10:25 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/02/23 10:10:22 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/02/23 10:10:16 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/02/23 10:07:33 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/02/21 15:31:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/21 14:21:01 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/02/20 15:34:20 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/02/20 15:34:20 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/02/20 15:34:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/02/20 15:34:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/02/20 15:34:19 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/02/19 14:59:01 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1004336348-1177238915-1003.job
[2012/02/16 18:30:25 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Google Chrome.lnk
[2012/02/16 18:30:25 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/15 19:39:49 | 003,430,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/15 19:32:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/15 08:20:01 | 000,447,488 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2012/02/15 08:18:25 | 000,813,056 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2012/02/14 09:14:25 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\stinger.sys
[2012/02/03 17:08:43 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/03 10:25:43 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/02/01 11:22:55 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 12:37:05 | 000,115,141 | ---- | M] () -- C:\Documents and Settings\Chris\My Documents\Resume_cds.pdf
[2012/01/31 11:47:58 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Office Suite X 3.3.lnk
[2012/01/31 11:16:32 | 000,000,059 | ---- | M] () -- C:\user.js
[2012/01/29 11:47:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Chris\Start Menu\Programs\Startup\CurseClientStartup.ccip
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/25 14:47:04 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\FrostWire 5.3.2.lnk
[2012/02/25 14:47:04 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.2.lnk
[2012/02/25 14:44:16 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2012/02/25 14:44:10 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Media Player Classic.lnk
[2012/02/25 14:44:09 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyUpdate.job
[2012/02/25 13:09:24 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/02/25 12:53:05 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/02/15 18:46:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 18:46:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/03 10:25:43 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/31 12:37:05 | 000,115,141 | ---- | C] () -- C:\Documents and Settings\Chris\My Documents\Resume_cds.pdf
[2012/01/31 11:51:25 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Curse Client.appref-ms
[2012/01/31 11:48:54 | 000,459,696 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/01/31 11:47:58 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Office Suite X 3.3.lnk
[2012/01/31 11:16:32 | 000,000,059 | ---- | C] () -- C:\user.js
[2012/01/29 11:47:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chris\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2012/01/12 13:55:50 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/10 09:12:14 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2012/01/05 11:27:44 | 000,000,161 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/12/27 12:31:20 | 004,342,784 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2011/12/27 12:31:04 | 000,135,680 | ---- | C] () -- C:\WINDOWS\System32\IntelQuickSyncDecoder.dll
[2011/12/21 10:10:32 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2011/12/21 10:10:26 | 006,266,784 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-53.dll
[2011/12/21 10:10:26 | 000,977,648 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-53.dll
[2011/12/21 10:10:26 | 000,353,984 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2011/12/21 10:10:26 | 000,202,728 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-51.dll
[2011/12/21 10:10:26 | 000,127,384 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-2.dll
[2011/12/20 12:50:04 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/12/20 12:49:56 | 000,099,328 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2011/12/20 12:49:54 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2011/12/20 12:49:54 | 000,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2011/12/20 12:49:52 | 001,525,248 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2011/12/20 12:49:52 | 000,212,480 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2011/12/20 12:49:52 | 000,115,200 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2011/12/20 12:49:50 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2011/12/20 12:49:50 | 000,260,608 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2011/12/20 12:49:50 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2011/12/08 22:39:40 | 000,000,463 | ---- | C] () -- C:\Program Files\1208201122393993.bat
[2011/12/03 16:16:53 | 000,000,461 | ---- | C] () -- C:\Program Files\1203201116165367.bat
[2011/10/31 07:51:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2011/10/30 22:48:20 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/10/30 22:48:11 | 000,013,650 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/10/30 22:41:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/10/30 22:36:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/10/30 16:25:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/10/30 16:24:47 | 003,430,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/08 08:00:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011/09/08 08:00:48 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011/09/08 08:00:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011/09/08 08:00:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011/09/08 08:00:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011/09/08 08:00:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011/09/08 08:00:10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011/09/08 08:00:06 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011/09/08 07:59:54 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011/09/08 07:59:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2011/05/30 07:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/05/23 01:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/03/03 05:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011/03/03 05:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011/03/03 05:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2010/08/18 13:56:38 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >
[2011/07/15 15:34:48 | 008,680,584 | ---- | M] (© 2008 - 2009 Astrum Nival, LLC) -- C:\Documents and Settings\Chris\My Documents\Launcher.exe

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/12/21 01:24:51 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/12/21 01:24:51 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/12/21 01:24:51 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/12/30 11:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/10/31 07:51:54 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2011/11/01 13:18:52 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/11/01 14:27:09 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2012/02/25 12:52:18 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2011/10/31 07:53:51 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2012/02/20 15:36:29 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/10/30 22:36:49 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2011/11/12 15:41:34 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2012/02/26 14:44:01 | 000,000,000 | ---D | M] -- C:\Program Files\DealPly
[2012/02/25 14:44:15 | 000,000,000 | ---D | M] -- C:\Program Files\Essentials Codec Pack
[2011/11/06 10:28:10 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/01/12 13:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\Graboid
[2011/12/30 13:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2011/12/30 13:09:36 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2011/11/02 14:30:22 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/02/15 19:32:27 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2012/02/12 01:27:26 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/11/23 13:05:52 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2012/02/01 11:22:55 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/12 11:23:08 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2011/10/30 22:39:50 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2011/12/30 12:29:01 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/11/12 11:10:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2012/01/01 13:18:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2011/11/12 20:44:50 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/01/14 21:12:26 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2011/10/30 22:36:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2011/11/12 11:09:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/11/01 14:09:50 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2011/10/30 22:38:02 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2012/01/31 11:47:20 | 000,000,000 | ---D | M] -- C:\Program Files\Office Suite X 3
[2011/10/30 22:36:37 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/11/12 11:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/11/12 13:29:54 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2011/11/04 14:02:23 | 000,000,000 | ---D | M] -- C:\Program Files\PySol Fan Club edition
[2011/11/01 13:19:42 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2011/10/30 22:48:20 | 000,000,000 | ---D | M] -- C:\Program Files\Ralink
[2012/01/01 14:57:34 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2011/11/12 20:44:42 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/01/10 09:15:08 | 000,000,000 | ---D | M] -- C:\Program Files\SlySoft
[2012/02/14 10:39:15 | 000,000,000 | ---D | M] -- C:\Program Files\stinger
[2012/02/06 21:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2011/11/01 12:17:40 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2011/10/30 22:44:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2012/01/01 11:51:10 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/11/25 10:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\W3i
[2012/02/25 13:04:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows iLivid Toolbar
[2011/11/01 13:31:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2011/11/01 13:31:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011/10/30 22:36:21 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/10/30 22:38:31 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2012/02/25 23:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft
[2011/10/30 22:39:50 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2012/01/02 12:06:02 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2011/12/08 22:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! Games


< MD5 for: AGP440.SYS >
[2008/08/21 06:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/08/21 06:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/21 06:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2008/08/21 06:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/08/21 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/08/21 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/08/21 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-02-16 01:36:56

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 01:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 01:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 01:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 06:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 06:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 06:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 01:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 01:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 01:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 06:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 06:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 06:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 253 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9A870F8B
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:131C0EE9
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81C88EA7

< End of report >

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 2nd March 2012, 6:36 pm

Ok I broke it up in 3 files and finally got it.
Thanks for your help. I have changed over to Avira for now until I get this figured out. I like Avast but if it is doing this I need to know why.

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Gabethebabe on 5th March 2012, 8:30 am

No sign of anything malicious whatsoever

We run OTL to delete some invalid start up entries:

  • Please run OTL.exe again
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

Code:
:otl
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll File not found
O3 - HKLM\..\Toolbar: (no name) - !{47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vgrabber Toolbar) - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - C:\Program Files\Vgrabber\prxtbVgra.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT File not found
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Windows iLivid Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar" File not found

:commands
[reboot]
  • CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
  • If it asks to reboot the computer, please allow that.
  • Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

====================

Please download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:
  • If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
  • Click OK to either and let MBAM proceed with the disinfection process.
  • If asked to restart the computer, please do so immediately.

Post the contents of the MBAM log in your next reply, please.

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38258
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 6th March 2012, 5:37 pm

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Blubster deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqudatamngr not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqutoolbar not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.33.1 log created on 03062012_112044


Last edited by Big10_62 on 6th March 2012, 5:51 pm; edited 1 time in total

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Big10_62 on 6th March 2012, 5:48 pm

Malwarebytes Anti-Malware 1.60.1.1000
[You must be registered and logged in to see this link.]

Database version: v2012.03.06.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Chris :: CHRIS-FC2A8D21A [administrator]

3/6/2012 11:43:28 AM
mbam-log-2012-03-06 (11-43-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 173622
Time elapsed: 4 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Big10_62
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-11-07
Gender Gender : Male
OS OS : XP Pro
Protection Protection : Avast, Malwarebytes, Super AntiSpyware, McCaffe Stinger
Points Points : 18741
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Some files could not be scanned

Post by Gabethebabe on 7th March 2012, 7:01 am

Excellent. As far as I can see, your computer is CLEAN.



====================

Time to uninstall used tools.

  • Double click OTL.exe to run it again and click the CleanUp button.
  • If we used any other tools and they still remain on your desktop, please delete them manually.

====================

Do you have any more questions or do you want to see my ALORTKYCC (Awesome List Or Recommendations To Keep Your Computer Clean)?


Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38258
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum