click.giftload

**ken545** · 2011-05-21, 21:49

Lets do this

OTL by OldTimer

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

**saminblueridge** · 2011-05-23, 15:02

It appears that everything is fixed now. I haven't seen the excessive usage of svchost.exe in a few days and the browser is no longer redirecting. I read some of the info on how to avoid getting these kinds of infections, but couldn't really pinpoint anything that had been done.

My daughter did move back from college at the beginning of the month and she and friends have been on the computer a lot, so it may be something they have done... not sure.

Thanks again for your help.

**ken545** · 2011-05-23, 18:05

Your call but I would run OTL and let me take a final look

**saminblueridge** · 2011-05-23, 23:36

I apologize... I didn't notice that we were up to a second page of posts and I thought you hadn't replied. I'll re-read your latest and run that as well. Sorry!

**ken545** · 2011-05-23, 23:56

Sam,

Not a problem, where here to help you , not to hinder you, go ahead and run OTL and let me make sure there is nothing else to remove

**saminblueridge** · 2011-05-24, 00:00

I'll put each of the files in the next two posts. During the scan, at one point, a box came up with a red circle and an X in it that said "Windows- No Disk" It also said Exception Processing Message and c0000013 Parameters 75b6bf7c 4 and then repeated the 75b6bf7c a few more times. It had buttons for [B]cancel [/B]try again and continue. Neither the continue or try again buttons did anything... just back to the box, so I hit cancel and then the scan continued.

One other comment... I noticed something about the Windows Image Acquisition service hanging in the extras.txt file. I had some trouble with LOOONG boot times and I think some networking problems as well... a year or more ago, and it seemed that the WIA service was causing the problems. I disabled this in startup... it hasn't seemed to create a problem being disabled since that time and everything seemed to be running right, but I did disable the service. Don't know it that info will help or not, but I thought I'd pass it along.

OTL.txt

OTL logfile created on: 5/23/2011 5:40:12 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Family\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.55% Memory free
2.51 Gb Paging File | 1.93 Gb Available in Paging File | 76.74% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.70 Gb Total Space | 53.60 Gb Free Space | 49.77% Space Free | Partition Type: NTFS
Drive D: | 4.07 Gb Total Space | 0.84 Gb Free Space | 20.57% Space Free | Partition Type: FAT32

Computer Name: COMPY | User Name: Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Family\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
PRC - C:\Program Files\Registry Mechanic\Upgrade.exe (PC Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\AOL\1127877835\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)
PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Microsoft\RATTV3\RATT.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Family\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\X-Setup Pro\bin\MSScript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (itlperf) -- File not found
SRV - (Ias) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (6to4) -- File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll ()
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\hpzipm12.exe (HP)
SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Driver Services (SafeList) ==========

DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (motport) -- C:\WINDOWS\system32\drivers\motport.sys (Motorola)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtaa) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys (ATI Technologies Inc.)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (fasttx2k) -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation )
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
IE - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..keyword.URL: "http://aolsearch.aol.com/aol/search?invocationType=client_searchbox&query="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 08:58:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/19 19:21:50 | 000,000,000 | ---D | M]

[2008/09/06 19:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Family\Application Data\Mozilla\Extensions
[2011/05/20 22:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\9d9eo1sn.default\extensions
[2011/01/06 13:40:03 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\9d9eo1sn.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/04/27 11:28:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\9d9eo1sn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/20 22:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/04 20:21:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/05/15 23:28:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2010/06/04 20:20:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/07/03 19:40:33 | 000,284,248 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..\Toolbar\WebBrowser: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127877835\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe (Fellowes, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [R8388QA8U8] File not found
O4 - HKU\S-1-5-18..\Run: [R8388QA8U8] File not found
O4 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RATT.lnk = C:\Program Files\Microsoft\RATTV3\RATT.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Family\Start Menu\Programs\Startup\IMStart.lnk = C:\Program Files\InterMute\IMStart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add To Compaq Organize... - C:\Program Files\Hewlett-Packard\Compaq Organize\bin\core.hp.main\SendTo.html ()
O8 - Extra context menu item: MasterCook: Select Image - C:\Program Files\MasterCook 9\Web\MCIEContext.hta ()
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2562047764-1144004905-211378315-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKU\S-1-5-21-2562047764-1144004905-211378315-1008\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab (CDownloadCtrl Object)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab (SysData Class)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.av.aol.com/molbin/sh...3/mcinsctl.cab (Reg Error: Value error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/...oUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/...toUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.onlinegis.net/download/Mg...B/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsof...?1119728275187 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsof...?1119728048812 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.av.aol.com/molbin/sh...20/mcgdmgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/s...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.microsoft.com/downlo...4/clearadj.cab (CTAdjust Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\itlntfy: DllName - itlnfw32.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 19:21:42 | 000,000,000 | ---D | M] - C:\autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/04/02 04:03:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2ea44ad2-e1cc-11df-a46a-00038a000015}\Shell\AutoRun\command - "" = H:\rcaDVM_setup.exe
O33 - MountPoints2\{2ea44ad2-e1cc-11df-a46a-00038a000015}\Shell\install\command - "" = H:\rcaDVM_setup.exe
O33 - MountPoints2\{6a9de547-bb36-11dd-a32f-00038a000015}\Shell\AutoRun\command - "" = I:\Autorun.exe /run
O33 - MountPoints2\{6a9de547-bb36-11dd-a32f-00038a000015}\Shell\Shell00\Command - "" = I:\Autorun.exe /run
O33 - MountPoints2\{6a9de547-bb36-11dd-a32f-00038a000015}\Shell\Shell01\Command - "" = I:\Autorun.exe /action
O33 - MountPoints2\{6a9de547-bb36-11dd-a32f-00038a000015}\Shell\Shell02\Command - "" = I:\Autorun.exe /uninstall
O33 - MountPoints2\{a99649a4-4f0c-11de-a350-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{a99649a4-4f0c-11de-a350-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a99649a4-4f0c-11de-a350-00038a000015}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/23 17:36:28 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Family\Desktop\OTL.exe
[2011/05/22 22:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/05/21 11:35:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/21 11:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/21 11:35:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/21 11:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/21 08:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Family\Desktop\tdsskiller
[2011/05/20 22:37:55 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Family\Desktop\aswMBR.exe
[2011/05/16 21:12:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/16 21:12:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/05/16 21:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/05/16 17:01:22 | 000,000,000 | ---D | C] -- C:\8b70df9cc4eccc2620a90a0c
[2011/05/16 11:23:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Family\Recent
[2011/05/16 08:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Family\Application Data\Malwarebytes
[2011/05/16 08:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/16 00:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/05/15 23:28:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/05/15 23:28:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/05/15 23:28:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/05/15 20:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\X-Setup Pro
[2011/05/15 18:27:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/05/15 17:46:34 | 008,588,616 | ---- | C] (Mozilla) -- C:\Documents and Settings\Family\Desktop\Firefox.exe
[2011/05/15 09:45:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2011/05/14 21:48:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Family\Desktop\iPad
[2011/05/14 20:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Family\Desktop\IFR PILOT CLUB
[2011/05/14 00:42:03 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/05/14 00:26:05 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/05/14 00:25:57 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/05/14 00:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/05/14 00:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/05/12 20:33:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/05/12 12:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/05/12 12:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/05/12 12:06:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/05/11 18:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/05/11 17:53:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/05/11 17:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

========== Files - Modified Within 30 Days ==========

[2011/05/23 17:36:34 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Family\Desktop\OTL.exe
[2011/05/23 17:31:08 | 000,001,491 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/05/23 03:08:48 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/05/23 03:08:44 | 000,000,187 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/05/23 03:08:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/23 03:08:28 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/23 03:07:32 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/23 03:05:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/22 03:19:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2011/05/21 11:35:06 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/21 07:59:25 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\MBR.dat
[2011/05/21 07:30:47 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/20 22:38:14 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Family\Desktop\aswMBR.exe
[2011/05/20 22:37:10 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\Regfix.reg
[2011/05/20 14:56:26 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Homeschool Tracker Plus.lnk
[2011/05/17 00:29:01 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/17 00:29:01 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/16 21:16:37 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\dds.scr
[2011/05/16 21:12:09 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\ERUNT.lnk
[2011/05/15 22:34:22 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2011/05/15 18:27:19 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\Family\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/15 17:54:13 | 000,101,606 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\setup.jpg
[2011/05/15 17:47:30 | 008,588,616 | ---- | M] (Mozilla) -- C:\Documents and Settings\Family\Desktop\Firefox.exe
[2011/05/14 23:23:28 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/05/14 22:45:39 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2011/05/14 00:42:02 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/05/14 00:42:00 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/05/09 16:57:48 | 000,437,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/09 16:57:48 | 000,069,352 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/05 22:07:03 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\Family\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Calculator Plus.lnk
[2011/05/05 12:21:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/29 12:12:00 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys

========== Files Created - No Company Name ==========

[2011/05/21 11:35:06 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/20 22:39:59 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\MBR.dat
[2011/05/20 22:37:10 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\Regfix.reg
[2011/05/17 00:29:01 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/17 00:29:01 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/16 21:16:21 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\dds.scr
[2011/05/16 21:12:09 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\ERUNT.lnk
[2011/05/15 20:00:42 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\X-Setup Pro.lnk
[2011/05/15 18:27:19 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\Family\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/15 17:54:12 | 000,101,606 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\setup.jpg
[2011/05/14 23:23:28 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/05/14 16:23:18 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/05/14 00:26:57 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/11 17:54:15 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/05 17:07:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2011/03/18 11:33:28 | 000,294,144 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/03/06 14:02:47 | 000,123,780 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/09 16:46:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVM.INI
[2010/10/17 22:56:46 | 000,000,785 | ---- | C] () -- C:\WINDOWS\GARMINWT.INI
[2009/09/27 17:12:22 | 001,604,482 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/07/08 18:17:42 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/02/28 20:49:53 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2009/02/28 20:49:53 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2009/02/28 20:49:53 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2009/02/23 10:05:22 | 000,003,588 | ---- | C] () -- C:\WINDOWS\Eq98.ini
[2009/01/05 18:52:12 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Family\Application Data\$_hpcst$.hpc
[2008/11/24 14:29:06 | 000,000,031 | ---- | C] () -- C:\WINDOWS\JSUMUpdater.ini
[2008/10/16 07:17:09 | 000,000,053 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/08/15 19:40:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007/12/25 17:07:45 | 000,001,087 | ---- | C] () -- C:\WINDOWS\UnitConverter.INI
[2007/09/10 15:45:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\notepad.INI
[2007/03/14 16:00:23 | 000,001,092 | ---- | C] () -- C:\WINDOWS\UnitConverter[1].INI
[2007/03/14 15:43:20 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\jsound.dll
[2007/03/14 15:43:20 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\jmvh263.dll
[2007/03/14 15:43:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\jmutil.dll
[2007/03/14 15:43:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\jmvfw.dll
[2007/03/14 15:43:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\jmvcm.dll
[2007/03/14 15:43:19 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\jmmpa.dll
[2007/03/14 15:43:19 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\jmh261.dll
[2007/03/14 15:43:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\jmjpeg.dll
[2007/03/14 15:43:19 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\jmh263enc.dll
[2007/03/14 15:43:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\jmg723.dll
[2007/03/14 15:43:19 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\jmmpegv.dll
[2007/03/14 15:43:19 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\jmgsm.dll
[2007/03/14 15:43:19 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\jmcvid.dll
[2007/03/14 15:43:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\jmdaud.dll
[2007/03/14 15:43:19 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\jmgdi.dll
[2007/03/14 15:43:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\jmfjawt.dll
[2007/03/14 15:43:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\jmddraw.dll
[2007/03/14 15:43:19 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\jmmci.dll
[2007/03/14 15:43:19 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\jmdaudc.dll
[2007/03/14 15:43:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\jmam.dll
[2007/03/14 15:43:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\jmacm.dll
[2007/03/06 00:28:04 | 000,001,168 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/03/02 16:03:22 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/08 13:25:26 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2006/02/27 21:07:25 | 000,000,015 | ---- | C] () -- C:\WINDOWS\ACROEXCH.ini
[2005/09/27 12:23:32 | 000,000,496 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005/06/03 21:31:33 | 000,000,362 | ---- | C] () -- C:\WINDOWS\qtw.ini
[2005/04/26 18:12:11 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat.temp
[2005/04/26 18:12:11 | 000,029,567 | ---- | C] () -- C:\WINDOWS\hpoins03.dat.temp
[2005/02/22 13:58:29 | 000,000,132 | ---- | C] () -- C:\WINDOWS\mediachk.ini
[2005/02/22 13:58:29 | 000,000,040 | ---- | C] () -- C:\WINDOWS\sndcheck.ini
[2005/02/22 13:56:37 | 000,000,550 | ---- | C] () -- C:\WINDOWS\MCOMPOS.INI
[2005/02/22 13:56:37 | 000,000,474 | ---- | C] () -- C:\WINDOWS\MHISTORY.INI
[2005/02/19 21:13:01 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2005/02/12 17:36:40 | 000,000,298 | ---- | C] () -- C:\WINDOWS\pib.ini
[2005/01/04 14:44:39 | 000,000,723 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2004/12/15 13:44:43 | 000,000,026 | ---- | C] () -- C:\WINDOWS\wb00d1se.INI
[2004/11/24 23:31:45 | 000,000,505 | ---- | C] () -- C:\WINDOWS\label.ini
[2004/11/24 23:31:44 | 000,219,168 | ---- | C] () -- C:\WINDOWS\IMGMAN2.DLL
[2004/11/22 19:51:06 | 000,108,032 | ---- | C] () -- C:\Documents and Settings\Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/11/22 19:40:28 | 000,000,625 | ---- | C] () -- C:\WINDOWS\QAWRITE.INI
[2004/11/22 19:40:05 | 000,000,289 | ---- | C] () -- C:\WINDOWS\QAWIN.INI
[2004/11/22 10:57:51 | 000,000,748 | ---- | C] () -- C:\WINDOWS\ahd3.ini
[2004/11/18 10:10:25 | 000,000,031 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/11/18 10:10:25 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/11/12 20:04:22 | 000,000,097 | ---- | C] () -- C:\WINDOWS\MSINSTR.INI
[2004/11/12 20:04:21 | 000,011,264 | ---- | C] () -- C:\WINDOWS\CATSTUB.EXE
[2004/11/06 12:49:11 | 000,000,063 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2004/10/19 15:54:59 | 000,000,030 | ---- | C] () -- C:\WINDOWS\INTURS.DAT
[2004/10/15 23:03:51 | 000,000,081 | ---- | C] () -- C:\WINDOWS\PARSONS.INI
[2004/10/15 07:44:03 | 000,001,491 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/10/15 07:44:00 | 000,005,776 | ---- | C] () -- C:\WINDOWS\icoadb32.dat
[2004/10/14 10:05:36 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QFNONL.ini
[2004/10/14 10:05:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2004/10/14 10:05:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2004/10/14 09:56:36 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2004/10/14 09:54:05 | 000,000,666 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2004/10/13 21:14:42 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Family\Local Settings\Application Data\fusioncache.dat
[2004/09/17 18:37:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/08/02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/04/29 19:03:10 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/04/29 19:03:10 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/04/29 19:02:18 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/04/29 19:02:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/04/29 17:06:41 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/04/29 17:06:41 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/04/29 17:06:39 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/04/29 17:06:35 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/04/29 17:06:31 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/04/03 04:18:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/04/03 03:36:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/04/03 03:36:39 | 000,000,451 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/04/02 20:19:03 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/04/02 20:18:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/04/02 20:18:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/04/02 20:15:40 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/04/02 20:03:59 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.2.3.66L.exe
[2004/04/02 20:00:40 | 000,027,752 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/04/02 20:00:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/04/02 06:01:01 | 000,000,996 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/04/02 05:14:52 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/04/02 05:08:00 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/04/02 05:04:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/04/02 05:04:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/04/02 05:04:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/04/02 04:43:52 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/04/02 04:34:53 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/04/02 04:34:53 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/04/02 04:34:35 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/04/02 04:08:11 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/04/02 04:05:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/04/02 04:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/04/02 02:52:53 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/04/02 02:52:18 | 000,437,508 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/04/02 02:52:18 | 000,069,352 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/04/01 19:57:08 | 000,005,652 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/04/01 19:56:18 | 000,567,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2004/01/24 03:33:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/08/12 12:59:04 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\zip.exe
[2003/08/12 12:58:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2003/08/12 12:58:32 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2003/08/12 12:58:22 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/08/12 12:58:20 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2003/03/14 12:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/27 13:27:14 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1997/11/11 02:00:00 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010/06/27 13:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2004/10/15 22:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2004/10/15 22:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/12/11 17:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/06/12 22:12:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/01/31 13:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2004/12/21 11:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2008/12/03 22:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2011/05/23 03:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/01/17 00:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TGHomesoft
[2009/07/10 07:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/08 12:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2004/04/02 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2009/01/23 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Autodesk
[2009/10/09 16:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Canon
[2011/05/14 21:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Facebook
[2011/01/06 13:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\GARMIN
[2010/12/16 14:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Gleim
[2005/09/15 19:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\InterVideo
[2009/07/26 22:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\IObit
[2004/10/15 20:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Leadertech
[2009/05/05 12:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Publish Providers
[2004/04/02 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\SampleView
[2009/01/05 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Smith Micro
[2009/05/05 12:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Sony
[2009/05/05 08:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Sony Setup
[2007/03/12 00:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Viewpoint
[2004/04/02 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2011/05/23 03:07:32 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/05/22 03:19:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2011/05/23 03:08:28 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86

< End of report >

**saminblueridge** · 2011-05-24, 00:02

Extras.Txt

OTL Extras logfile created on: 5/23/2011 5:40:12 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Family\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.55% Memory free
2.51 Gb Paging File | 1.93 Gb Available in Paging File | 76.74% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.70 Gb Total Space | 53.60 Gb Free Space | 49.77% Space Free | Partition Type: NTFS
Drive D: | 4.07 Gb Total Space | 0.84 Gb Free Space | 20.57% Space Free | Partition Type: FAT32

Computer Name: COMPY | User Name: Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\RingtoneExpress\RingtoneExpress.exe" = C:\Program Files\RingtoneExpress\RingtoneExpress.exe:*:Enabled:RingtoneExpress

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe" = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe:*:Enabled:BackWeb-1940576 -- (Hewlett-Packard)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1127877835\ee\AOLHostManager.exe" = C:\Program Files\Common Files\AOL\1127877835\ee\AOLHostManager.exe:*:Enabled:AOLHostManager -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\Common Files\AOL\1127877835\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1127877835\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1127877835\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1127877835\ee\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 25
"{2C78229E-69AE-4BE4-8C31-99183EAF2E67}" = e-Sword
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}" = Motorola Driver Installation
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3DD1FE66-5536-41E3-B786-70068887B3F4}" = The Print Shop 12
"{41979C2F-34B8-4F92-8111-B13C5864682D}" = MediaFACE 4.01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{51563D56-0EB4-428E-846C-A29E0CD4467D}" = Homeschool Tracker Plus
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{5B39603F-2A77-40E6-950D-ED7B8307933D}" = Microsoft IntelliPoint 5.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142060}" = Java 2 Runtime Environment, SE v1.4.2_06
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75CDF2CA-5F89-4BC8-9556-CF70782CBD17}" = Motorola Phone Tools
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{79F86C69-2B17-4368-9234-472A23639E16}" = Ad-Aware
"{82AF77BC-423D-42DA-BE5B-FFCA04752181}" = MediaFACE 4.01 Image Library
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" =
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = RecordNow!
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{99B366B0-76B6-4DBA-95A3-A730015A7D01}" = MasterCook Deluxe 9
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB830F9E-53B3-492F-B39C-2DF615D1C9E1}" = TurboTax 2010 wvaiper
"{BF0F5955-FC76-4F85-A13D-C9A8A9A5E067}" = iLumina Bible
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C276708C-8773-48FF-B9D3-2CF797C6DB12}" = Homeschool Tracker Plus
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C59E019B-0952-4B72-A382-68A72224F88F}" = GNS400W-500W Trainer
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D0F6C165-7D23-4AC5-ACF2-0211C6A3BF64}" = ZIP Reader 8.00.0010
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Akamai" = Akamai NetSession Interface
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"ATI Display Driver" = ATI Display Driver
"AVIConverter" = AVIConverter 3.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BackWeb-1940576 Uninstaller" = Compaq Connections
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Carbonite Backup" = Carbonite
"CCleaner" = CCleaner (remove only)
"Cessna NAVIII G1000 Trainer v8.20" = Cessna NAVIII G1000 Trainer v8.20
"CleanUp!" = CleanUp!
"comcastDD" = Desktop Doctor
"Destination Direct" = Destination Direct
"DTC DUAT" = DTC DUAT
"DVDPe 2.3_is1" = DVDPe 2.3
"Encyclopaedia Britannica 2005 Deluxe Edition CD-ROM" = Encyclopaedia Britannica 2005 Deluxe Edition CD-ROM
"EQ4" = EQ4
"ERUNT_is1" = ERUNT 1.1j
"FAATPWSUEW411" = Gleim FAA Test Prep 4.11 WebDeploy
"GARMIN 500 Series Trainer" = GARMIN 500 Series Trainer
"History Explorer" = History Explorer
"InstallShield_{41979C2F-34B8-4F92-8111-B13C5864682D}" = MediaFACE 4.01
"InstallShield_{82AF77BC-423D-42DA-BE5B-FFCA04752181}" = MediaFACE 4.01 Image Library
"InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}" = MasterCook Deluxe 9
"Java Media Framework 2.1.1c" = Java Media Framework 2.1.1c
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Peterson North American Birds" = Peterson North American Birds
"Quicken Basic 98" = Quicken Basic 98
"RATTV3" = Microsoft Corporation RATTV3
"Registry Mechanic_is1" = Registry Mechanic 8.0
"S3" = VIA/S3G Display Driver
"ServiWin" = ServiWin
"Shockwave" = Shockwave
"Smart Defrag_is1" = Smart Defrag 1.20
"TurboTax 2010" = TurboTax 2010
"ViewpointMediaPlayer" = Viewpoint Media Player
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"xqdcXSP_is1" = Xteq-dotec X-Setup Pro 6.6.300.Final1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2562047764-1144004905-211378315-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/16/2011 8:12:59 AM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/16/2011 9:20:11 PM | Computer Name = COMPY | Source = CSWA | ID = 3
Description =

Error - 5/19/2011 4:14:12 PM | Computer Name = COMPY | Source = CSWA | ID = 3
Description =

Error - 5/20/2011 10:31:34 PM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 5/20/2011 10:31:34 PM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/20/2011 10:39:12 PM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 5/20/2011 10:39:12 PM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/21/2011 12:38:19 AM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 5/21/2011 12:38:19 AM | Computer Name = COMPY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/21/2011 10:39:49 PM | Computer Name = COMPY | Source = CSWA | ID = 3
Description =

[ System Events ]
Error - 5/21/2011 12:14:39 PM | Computer Name = COMPY | Source = Service Control Manager | ID = 7000
Description = The WebClient service failed to start due to the following error:
%%1290

Error - 5/21/2011 12:14:39 PM | Computer Name = COMPY | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126

Error - 5/21/2011 12:14:39 PM | Computer Name = COMPY | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126

Error - 5/21/2011 12:14:39 PM | Computer Name = COMPY | Source = Service Control Manager | ID = 7023
Description = The Intel CPU service terminated with the following error: %%126

Error - 5/21/2011 12:14:55 PM | Computer Name = COMPY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
fasttx2k IntelIde

Error - 5/23/2011 3:05:41 AM | Computer Name = COMPY | Source = Service Control Manager | ID = 7000
Description = The WebClient service failed to start due to the following error:
%%1290

Error - 5/23/2011 3:05:41 AM | Computer Name = COMPY | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126

Error - 5/23/2011 3:05:41 AM | Computer Name = COMPY | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126

Error - 5/23/2011 3:05:41 AM | Computer Name = COMPY | Source = Service Control Manager | ID = 7023
Description = The Intel CPU service terminated with the following error: %%126

Error - 5/23/2011 3:07:18 AM | Computer Name = COMPY | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

< End of report >

**ken545** · 2011-05-24, 00:44

Backup Your Registry with ERUNT:

Download erunt.zip to your Desktop from here:
http://aumha.org/downloads/erunt.zip
Right-click erunt.zip, select Extract All... and follow the prompts to extract ERUNT to a new folder on your Desktop
Inside the new folder, double-click ERUNT.exe to start the program
OK all the prompts to back up your registry to the default location.

Note: to restore your registry, go to the backup folder and start ERDNT.exe

Open OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

Code:

:processes
killallprocesses

:OTL
SRV - (itlperf) -- File not found
SRV - (Ias) -- File not found
O4 - HKU\.DEFAULT..\Run: [R8388QA8U8] File not found
O4 - HKU\S-1-5-18..\Run: [R8388QA8U8] File not found


:Services

:Reg

:Files
ipconfig /release /c
ipconfig /renew /c
ipconfig /flushdns /c





:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces.
Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

**saminblueridge** · 2011-05-24, 04:24

Here's the log... running the scan again now:

All processes killed
========== PROCESSES ==========
========== OTL ==========
Service itlperf stopped successfully!
Service itlperf deleted successfully!
File File not found not found.
Service Ias stopped successfully!
Service Ias deleted successfully!
File File not found not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\R8388QA8U8 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\R8388QA8U8 not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /release /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
C:\Documents and Settings\Family\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Family\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Belkin
IP Address. . . . . . . . . . . . : 192.168.2.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
C:\Documents and Settings\Family\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Family\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Documents and Settings\Family\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Family\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users
->Flash cache emptied: 35 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Family
->Temp folder emptied: 1583891 bytes
->Temporary Internet Files folder emptied: 61291985 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 98032525 bytes
->Flash cache emptied: 7462 bytes

User: LocalService
->Temp folder emptied: 448 bytes
->Temporary Internet Files folder emptied: 13207345 bytes
->Java cache emptied: 836 bytes
->Flash cache emptied: 18907 bytes

User: NetworkService
->Temp folder emptied: 10272 bytes
->Temporary Internet Files folder emptied: 320420132 bytes
->Java cache emptied: 2273 bytes
->Flash cache emptied: 38254 bytes

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Flash cache emptied: 300 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 631018 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23938404 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 402 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 495.00 mb

OTL by OldTimer - Version 3.2.23.0 log created on 05232011_221008

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_758.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7c4.dat not found!

Registry entries deleted on Reboot...

**ken545** · 2011-05-24, 10:15

Everything running ok ?

Thread: click.giftload

Thread Tools

Display

Posting Permissions