Solved XP Antispyware 2012

[dave7615l]

It's telling me I can't open the input file SDRSVC.dll I'm not sure if I'm typing it in wrong but I've tried several times and can't get it.

 

[Broni]

It's not SDRSVC.dll but SDRSVC.dl_

 

[dave7615l]

I'm sorry but its still telling me that I can't open the input file even with me typing out the corrected way.

 

[Broni]

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE

• Double-click SystemLook.exe to run it.
• Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
• Copy the content of the following box and paste it into the main textfield:
  

  :folderfind
  i386

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[dave7615l]

SystemLook 30.07.11 by jpshortstuff
Log created at 16:42 on 03/02/2012 by Owner
Administrator - Elevation successful

No Context: Code:

No Context: ---------

========== folderfind ==========

Searching for "i386"
C:\i386 d------ [04:26 03/02/2012]
C:\1397f9921243835e4556e66f\i386 d------ [09:06 18/09/2011]
C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU\i386 d------ [03:55 03/02/2012]
C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU\i386\root\cmpnents\mediactr\i386 d------ [03:56 03/02/2012]
C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU\i386\root\cmpnents\netfx\i386 d------ [03:57 03/02/2012]
C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU\i386\root\cmpnents\tabletpc\i386 d------ [03:56 03/02/2012]
C:\i386\root\cmpnents\mediactr\i386 d------ [04:30 03/02/2012]
C:\i386\root\cmpnents\netfx\i386 d------ [04:30 03/02/2012]
C:\i386\root\cmpnents\tabletpc\i386 d------ [04:30 03/02/2012]
C:\My Backup -- 12-02-08 1510\Program Files\Java\j2re1.4.2\lib\i386 d------ [15:30 26/01/2005]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.5.0_04\lib\i386 d------ [04:21 13/03/2006]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.5.0_06\lib\i386 d------ [23:09 21/06/2006]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.5.0_09\lib\i386 d------ [20:28 19/11/2006]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.5.0_10\lib\i386 d------ [23:22 03/01/2007]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.5.0_11\lib\i386 d------ [03:21 11/03/2007]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.6.0_01\lib\i386 d------ [01:41 19/05/2007]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.6.0_02\lib\i386 d------ [09:35 04/08/2007]
C:\My Backup -- 12-02-08 1510\Program Files\Java\jre1.6.0_03\lib\i386 d------ [19:15 06/10/2007]
C:\My Backup -- 12-02-08 1510\Program Files\Lexmark 3400 Series\Drivers\I386 d------ [03:09 04/01/2008]
C:\My Backup -- 12-02-08 1510\WINDOWS\I386 d------ [16:05 26/08/2004]
C:\My Backup -- 12-02-08 1510\WINDOWS\Driver Cache\i386 d------ [10:45 26/08/2004]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386 d------ [15:24 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386 d------ [15:24 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386 d------ [15:25 26/01/2005]
C:\My Backup -- 12-02-08 1510\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386 d------ [15:35 26/01/2005]
C:\Program Files\HP\HP Deskjet 1000 J110 series\DriverStore\Pipeline\i386 d------ [03:35 24/03/2011]
C:\Program Files\Java\jre6\lib\i386 d------ [15:53 15/10/2011]
C:\Program Files\Kodak\AiO\PrinterDriver2\Drivers\Printer\i386 d------ [03:42 15/09/2011]
C:\Program Files\Lexmark 3400 Series\Drivers\I386 d------ [05:10 17/03/2008]
C:\Program Files\MioNet\jvm\lib\i386 d------ [23:00 03/05/2008]
C:\Program Files\SAMSUNG\USB Drivers\01_Simmental\i386 d------ [21:05 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\02_Siberian\i386 d------ [21:05 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\03_Swallowtail\i386 d------ [21:05 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\04_semseyite\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\05_Sloan\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\06_Spencer\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\07_Schorl\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\08_EMPChipset\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\09_Hsp\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\i386 d------ [20:19 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386 d------ [20:19 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\16_Shrewsbury\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\17_EMP_Chipset2\i386 d------ [21:06 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\19_VIA_driver\i386 d------ [21:07 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\20_NXP_Driver\i386 d------ [21:07 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\21_Searsburg\i386 d------ [21:07 01/05/2011]
C:\Program Files\SAMSUNG\USB Drivers\lang\i386 d------ [21:07 01/05/2011]
C:\WINDOWS\I386 d------ [16:05 26/08/2004]
C:\WINDOWS\Driver Cache\i386 d------ [10:45 26/08/2004]
C:\WINDOWS\ServicePackFiles\i386 d------ [17:28 20/08/2008]
C:\WINDOWS\ServicePackFiles\ServicePackCache\i386 d------ [17:31 20/08/2008]
C:\WINDOWS\system32\DRVSTORE\ekaio2_19411605D7A049C5F03A49D1CCC3FA4403F6ED63\Drivers\Printer\i386 d----c- [03:42 15/09/2011]
C:\WINDOWS\system32\DRVSTORE\hpvpl04_EA2607F05D768C42C4D279DA603850C0204D450E\i386 d----c- [03:35 24/03/2011]
C:\WINDOWS\system32\DRVSTORE\HSPUSB_66BEF421612C6C2CB007247E73D9A13E8F319FFA\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\mbtmdm_98BAF016A9B90BBEEC9D449C0F98730A88287588\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\secubus_7DBB97B87CEA0C2F58C49DDF174AA7213736B763\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\secumdm2_21FF5684E98669C9B39E4796838D25CA46361B20\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssadadb2_087533E5A72A96F5CA04F05B2DAF0EEB978F53C4\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssadbus_8ED50B183B2227A2EB3FA413E98589F401283A63\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssadmdm2_4A5E8361806962A1DCCA426C938C18C1971104BA\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssadsdm2_B54165C01DF1E1FE6A42D3556099BB7FBCB95667\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssaeadb2_264166A109343CFD020BBBA726EA185932392EEC\i386 d----c- [21:07 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssaebus_5FD285D8B2F3DEA923C8233CEFA6A5E08E56C154\i386 d----c- [21:07 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssaemdm2_DAC10E35CBE981C0DDF1C8AC4E0E74398B711B45\i386 d----c- [21:07 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssaendis_4EF43FFBEF3858F432E98BFB295E4D1C41DBAD8A\i386 d----c- [21:07 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssaeunic_4EF43FFBEF3858F432E98BFB295E4D1C41DBAD8A\i386 d----c- [21:07 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssbcbus_09FD4DE73F8551B17CF8A69A9B05AE73894A4BEB\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssbcmdm2_F2EF6576367AE6776D13B98FC966C6BCD4F0D491\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sscdbus_0D2A97E2DE39918A6606766DFAA453709C27D2E9\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sscdsdm2_0A42142586E22D871220E4C338D5CC39FED531E4\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sscdw2k_62B04FD25E69E3B319356A3A177515B087248B0C\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sscesdm2_7AD4829229782EAD7A14A10BC5E01E956779886D\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssdudfu_C52747FC90297592332ABD76D624CA0B9A4150E2\i386 d----c- [21:07 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssecndis_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssecobx2_0E3C23A2AF7322625D7CB5A230D402C8D622EC9B\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssecsdm2_6084F8D8AAAC4998F190285B0975591A9E522F47\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssm_bus_95AA2419C5D388E462430C22E7B02579DD7F6677\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssm_mdm2_53F3D224B432100E2DE0FA124810CB8E06580477\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ssm_ser2_53F3D224B432100E2DE0FA124810CB8E06580477\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sssdbus_DCADABF0391F3233BD35664D34CDB5D18B4A92EA\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sssdmdm2_79766EB379327D1A4E454E957676346722FA1E71\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sssdobx2_D9FBD11376E2281804762C56AB8E278DF856564D\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\sssdsdm2_3E9910A3892EA86C28F4763C7315EC7B73E4415A\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\SSUSBDownl_90B61851AF0FF889421B972CD27E4C5667AABCE7\i386 d----c- [20:19 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ss_bsdm2_10B17303D78CD94FDDF50F961E3454D4DD5E1A7A\i386 d----c- [21:06 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ss_bus_7406BFDDA6E4A90AE547DA7E2665EFD972F6B38A\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\DRVSTORE\ss_mdm2_EB81822238EB1929C978C1DB6FCDA34F8D43341D\i386 d----c- [21:05 01/05/2011]
C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386 d------ [23:04 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386 d------ [23:05 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386 d------ [23:05 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386 d------ [23:05 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386 d------ [23:05 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386 d------ [23:17 12/02/2008]
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386 d------ [17:24 20/08/2008]
C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386 d------ [17:24 20/08/2008]
C:\WINDOWS\system32\spool\XPSEP\i386 d------ [09:06 18/09/2011]
C:\WINDOWS\system32\spool\XPSEP\i386\i386 d------ [09:06 18/09/2011]

-= EOF =-

 

[Broni]

Download following batch file: http://www.bleepstatic.com/fhost/uploads/0/91-fix.bat
Double click on downloaded file to run the fix.

Command prompt window will open.
You should see following message:
"1 file(s) copied"
In that case press any key to close command prompt window.
If you see any error message let me know.

 

[dave7615l]

I don't think it worked. After double clicking on it the command prompt window says ECHO is off. Can't open file press any key to continue...

 

[Broni]

Re-run System Look with the following code:

:filefind
SDRSVC.dll

 

[dave7615l]

SystemLook 30.07.11 by jpshortstuff
Log created at 17:56 on 03/02/2012 by Owner
Administrator - Elevation successful

No Context: Code:

No Context: ---------

========== filefind ==========

Searching for "SDRSVC.dll"
No files found.

Searching for "---------"
No files found.

-= EOF =-

 

[Broni]

One more time with slightly different code:

:filefind
SDRSVC*

 

[dave7615l]

Sorry it took so long to get back, my kids got home last night and took over the computer. Between toon town and club penguin I have to fight for computer time but here's the latest readout:

SystemLook 30.07.11 by jpshortstuff
Log created at 19:04 on 03/02/2012 by Owner
Administrator - Elevation successful

No Context: Code:

No Context: ---------

========== filefind ==========

Searching for "SDRSVC*"
No files found.

Searching for "---------"
No files found.

-= EOF =-

 

[Broni]

Now I can see what's going on here.

All those "missing" files don't exist on Windows XP.

I'll contact tool maker but before I do this I want you to delete your FSS file, download fresh one and post new log.

Is this legit XP installation?

 

[dave7615l]

I'm not sure how to delete the FSS file.

yep its legit XP, I've had problems with this computer before I did have to send it back to gateway once. The computer would often randomly shut down and restart itself and say that it recovered from a serious error. So it's always had issues.

 

[Broni]

You should have Farbar Service Scanner (FSS) on your desktop.
Delete it and....

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

 

[dave7615l]

Farbar Service Scanner Version: 04-02-2012 01
Ran by Owner (administrator) on 04-02-2012 at 13:01:52
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is blocked.
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(8) Gpc(6) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
Attention! IpSec Tag value should be 4Attention! IpSec Tag value is missing and it should be 4

**** End of log ****

 

[Broni]

This one looks correct.

Let's try to uninstall/reinstall TCP/IP stack.

1. Download winsock.zip
Unzip it.
Right click on Winsock.reg, click "Merge".
Allow registry merge.

2. Restart computer.

3. Go to Start ==> Control Panel. Double-click Network Connections. Right-click Local Area Connection, and select Properties.

• On the General tab, click Install a popup window opens.
• Select Protocol from the list and then click Add.
• A new window opens, click Have Disk....
• In the browse... box type c:\windows\inf
• Click OK.
• Select Internet Protocol (TCP/IP), and then click OK.
• Restart and check the connection.

 

[dave7615l]

Bang! It worked I got internet rolling on it now.

 

[Broni]

Good news

Any current issues?

Post new FSS log.

Then...

Re-run OTL as prescribed in my reply #4.

 

[dave7615l]

Farbar Service Scanner Version: 04-02-2012 01
Ran by Owner (administrator) on 04-02-2012 at 13:59:15
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(8) Gpc(6) IPSec(9) NetBT(5) PSched(7) Tcpip(3)
0x09000000090000000400000001000000020000000300000008000000050000000600000007000000


**** End of log ****

 

[Broni]

Looks good
Go on....

 

[dave7615l]

On the OTL scan do you still want me to copy and paste the text into the custom scan?

 

[Broni]

Yes..........

 

[dave7615l]

OTL logfile created on: 2/4/2012 2:25:45 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.77 Mb Total Physical Memory | 231.70 Mb Available Physical Memory | 46.18% Memory free
1.20 Gb Paging File | 0.80 Gb Available in Paging File | 67.22% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 182.07 Gb Total Space | 106.84 Gb Free Space | 58.68% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 1.64 Gb Free Space | 38.80% Space Free | Partition Type: FAT32
Drive I: | 7.45 Gb Total Space | 7.08 Gb Free Space | 95.05% Space Free | Partition Type: FAT32

Computer Name: YOUR-F81B4FD27F | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/02 21:52:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/28 11:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 11:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/07/29 02:30:30 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/07/29 02:30:28 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/07/29 02:30:28 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/09/17 15:28:14 | 000,577,792 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe
PRC - [2010/09/17 15:28:06 | 000,045,312 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
PRC - [2010/09/02 14:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2010/07/04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\Samsung New PC Studio\NPSAgent.exe
PRC - [2009/12/03 12:05:08 | 001,701,224 | ---- | M] (Philips) -- C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe
PRC - [2009/11/30 07:17:57 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/01/29 04:11:16 | 000,254,600 | ---- | M] (Smilebox, Inc.) -- C:\Documents and Settings\Owner\Application Data\Smilebox\SmileboxTray.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/25 07:34:56 | 000,082,608 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3400 Series\ezprint.exe
PRC - [2006/12/06 17:49:58 | 000,315,392 | ---- | M] (Giant Telecom Ltd.) -- C:\Program Files\SkyLink\SKYLINK 2-in-1 Phone Utility\SKYLINK 2-in-1 Phone Utility.exe
PRC - [2004/10/18 15:05:12 | 000,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\shwiconEM.exe
PRC - [2004/09/24 19:06:46 | 002,559,488 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/09/23 20:27:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE
PRC - [2004/05/17 19:30:04 | 000,543,232 | ---- | M] () -- C:\WINDOWS\zHotkey.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/28 07:00:24 | 001,619,456 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11112801\algo.dll
MOD - [2011/11/28 04:19:40 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11112801\aswRep.dll
MOD - [2009/11/27 20:15:36 | 000,135,168 | ---- | M] () -- C:\Program Files\Philips\GoGear VIBE Device Manager\Scsi_nt.dll
MOD - [2008/09/29 17:37:44 | 000,460,199 | ---- | M] () -- C:\Program Files\NewTech Infosystems\Backup Now EZ\sqlite3.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/03/16 03:38:25 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxcypp5c.dll
MOD - [2006/11/22 07:05:12 | 000,012,288 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\fxctrstr.dll
MOD - [2006/11/22 06:51:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\LXPRMON.DLL
MOD - [2006/11/22 06:49:18 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
MOD - [2006/05/25 13:20:44 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\iptk.dll
MOD - [2004/05/17 19:30:04 | 000,543,232 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
MOD - [2001/07/02 21:36:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/28 11:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/07/29 02:30:30 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/07/29 02:30:28 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2010/09/17 15:28:06 | 000,045,312 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)
SRV - [2008/02/13 20:49:12 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/07/15 13:38:33 | 000,139,264 | R--- | M] () [Auto | Stopped] -- C:\Program Files\MioNet\MioNetManager.exe -- (MioNet)


========== Driver Services (SafeList) ==========

DRV - [2012/01/04 16:19:06 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/11/28 10:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 10:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 10:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 10:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 10:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 10:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 10:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/26 19:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010/04/26 19:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010/04/26 19:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b)
DRV - [2004/10/20 12:39:32 | 000,040,724 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/18 15:05:12 | 000,042,968 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/09/24 19:14:40 | 002,276,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/06/17 15:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 15:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 15:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/17 16:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2001/08/17 13:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.gatewaybiz.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.gatewaybiz.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2790392
IE - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@iWon.com/Plugin: C:\Program Files\iWon\bar\1.bin\NPjfStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/12/06 13:28:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010/02/21 19:51:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jfffxtbr@iWon.com: C:\Program Files\iWon\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/01/03 18:23:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/14 07:35:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/15 10:07:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Owner\Application Data\Move Networks [2010/02/02 12:56:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010/10/03 14:38:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2011/10/25 16:06:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2011/10/25 16:06:28 | 000,000,000 | ---D | M]

[2010/03/06 14:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/03/06 14:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2012/01/02 17:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions
[2011/10/06 19:26:39 | 000,000,000 | ---D | M] (ToggleEN Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}(2)
[2011/06/01 13:00:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/06 19:26:37 | 000,000,000 | ---D | M] (ShopToWin2) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{5835466c-49af-4cbe-b102-a8c8b6313749}(2)
[2011/10/06 19:26:36 | 000,000,000 | ---D | M] (Play Mario Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{61a58fc8-def1-4521-93b2-85c81404839a}(2)
[2011/12/19 17:01:26 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/10/06 19:26:41 | 000,000,000 | ---D | M] (AOL Messaging Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}(2)
[2010/12/17 18:22:37 | 000,000,000 | ---D | M] (Panda3D Game Engine Plug-In) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\runtime@panda3d.org
[2010/09/19 10:59:36 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\vshareus@toolbar
[2011/11/14 07:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/15 08:53:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/14 07:35:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/06 17:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/15 08:53:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/06 17:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/11/14 07:35:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/14 07:35:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: 3DVIA player (Enabled) = C:\Program Files\Virtools\3D Life Player\npvirtools.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1367_0\

O1 HOSTS File: ([2012/01/11 18:03:16 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Simppull Toolbar) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - C:\Program Files\simppulltoolbar\simppulltoolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - C:\Program Files\simppulltoolbar\simppulltoolbar.dll ()
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupNowEZtray] C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LXCYCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003..\Run: [AutoStartNPSAgent] C:\Program Files\SAMSUNG\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003..\Run: [SKYLINK 2-in-1 Phone Utility] C:\Program Files\SkyLink\SKYLINK 2-in-1 Phone Utility\SKYLINK 2-in-1 Phone Utility.exe (Giant Telecom Ltd.)
O4 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003..\Run: [SmileboxTray] C:\Documents and Settings\Owner\Application Data\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3316625921-3142970554-1853782496-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai.net/f/532/6712....akamai.com/6712/player/install/installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DAB8ED17-BF2D-4771-B7AB-25EFBF4E29FA}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Gateway.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Gateway.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 11:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O32 - AutoRun File - [2010/11/22 14:08:16 | 000,000,110 | -H-- | M] () - I:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

 

[dave7615l]

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2012/02/04 13:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Winsock
[2012/02/02 23:15:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2012/02/02 21:26:24 | 000,000,000 | ---D | C] -- C:\i386
[2012/02/02 20:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU
[2012/02/02 18:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2012/02/02 18:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/01/28 15:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NTIReg
[2012/01/28 15:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NTI Backup Now EZ
[2012/01/28 15:36:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\Xp_x86
[2012/01/28 15:36:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\w2k_x86
[2012/01/28 15:36:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\Vista_x86
[2012/01/28 15:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\Vista_ia64
[2012/01/28 15:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\Vista_amd64
[2012/01/28 15:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\2003_x86
[2012/01/28 15:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\2003_ia64
[2012/01/28 15:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti\2003_amd64
[2012/01/28 15:36:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\nti
[2012/01/28 15:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2012/01/11 20:14:05 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/11 18:50:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/01/11 17:23:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/11 17:23:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/11 17:23:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/11 17:23:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/11 17:23:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/11 17:21:51 | 004,377,322 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2008/03/16 22:07:41 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll
[2008/03/16 22:07:41 | 000,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll
[2008/03/16 22:07:41 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll
[2008/03/16 22:07:41 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll
[2008/03/16 22:07:41 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhcp.dll
[2008/03/16 22:07:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypmui.dll
[2008/03/16 22:07:40 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll
[2008/03/16 22:07:40 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll
[2008/03/16 22:07:40 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll
[2008/03/16 22:07:39 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll
[2008/03/16 22:07:39 | 000,385,712 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyih.exe
[2008/03/16 22:07:38 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll
[2008/03/16 22:07:38 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll
[2008/03/16 22:07:38 | 000,381,616 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycfg.exe

========== Files - Modified Within 30 Days ==========

[2012/02/04 14:10:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3316625921-3142970554-1853782496-1003Core1cc7187503a7034.job
[2012/02/04 13:33:16 | 000,585,568 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/04 13:33:16 | 000,267,718 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/04 13:28:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/04 13:07:40 | 000,000,269 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Winsock.zip
[2012/02/04 12:54:36 | 000,335,847 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FSS.exe
[2012/02/04 11:04:00 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/02/02 18:41:19 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/02 18:39:30 | 001,110,476 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\7z920.exe
[2012/01/29 16:56:36 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/29 16:56:36 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/01/28 15:36:37 | 000,001,928 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Backup Now EZ.lnk
[2012/01/11 18:03:16 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/11 17:13:54 | 004,377,322 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2012/01/10 20:01:54 | 000,000,254 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to OTL.exe.lnk

========== Files Created - No Company Name ==========

[2012/02/04 13:10:16 | 000,000,269 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Winsock.zip
[2012/02/04 13:01:13 | 000,335,847 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FSS.exe
[2012/02/02 18:45:41 | 001,110,476 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\7z920.exe
[2012/01/28 15:36:37 | 000,001,928 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Backup Now EZ.lnk
[2012/01/11 17:23:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/11 17:23:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/11 17:23:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/11 17:23:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/11 17:23:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/10 20:01:54 | 000,000,254 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to OTL.exe.lnk
[2012/01/01 12:25:58 | 000,014,178 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
[2012/01/01 12:25:58 | 000,014,178 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
[2011/10/14 15:39:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/01 14:04:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/05/01 14:04:25 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/05/01 14:04:13 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2011/03/05 16:20:36 | 000,000,216 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2010/10/03 18:09:10 | 000,000,015 | ---- | C] () -- C:\WINDOWS\dtx.ini
[2010/09/17 17:50:02 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/09/13 17:08:55 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2008/10/01 15:43:31 | 000,000,006 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2008/10/01 15:42:04 | 002,732,032 | ---- | C] () -- C:\WINDOWS\System32\win32cpr.dll
[2008/10/01 15:42:04 | 001,564,771 | ---- | C] () -- C:\WINDOWS\System32\winsfltold.dll
[2008/10/01 15:42:03 | 001,212,416 | ---- | C] () -- C:\WINDOWS\System32\mdmcls32.exe
[2008/10/01 15:42:02 | 011,333,632 | ---- | C] () -- C:\WINDOWS\cfgmng32.exe
[2008/09/27 09:02:48 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/05 13:21:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WebEasy.INI
[2008/06/15 19:55:53 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2008/06/10 15:49:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/04/13 12:35:41 | 000,233,472 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/16 22:10:42 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll
[2008/03/16 22:10:39 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll
[2008/03/16 22:10:22 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll
[2008/03/16 22:10:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll
[2008/03/16 22:10:22 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll
[2008/03/16 22:09:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2008/03/16 22:09:57 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2008/03/16 22:07:42 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll
[2008/03/10 22:11:03 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/02/25 17:49:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/02/16 13:52:36 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/02/13 20:37:53 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/02/12 16:41:04 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2008/02/12 16:39:59 | 000,543,232 | ---- | C] () -- C:\WINDOWS\zHotkey.exe
[2008/02/12 16:39:59 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2008/02/12 16:39:59 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2008/02/12 16:39:59 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2008/02/12 16:13:16 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/02/12 16:11:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2008/02/12 16:11:01 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/02/12 16:11:01 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/02/12 16:03:57 | 000,518,520 | ---- | C] () -- C:\WINDOWS\vidres.exe
[2008/02/12 16:01:52 | 000,471,298 | ---- | C] () -- C:\WINDOWS\wallpg.exe
[2008/02/12 15:25:25 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2004/08/27 03:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 02:54:47 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/08/26 11:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 11:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 09:12:43 | 000,000,508 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/26 09:12:43 | 000,000,461 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 09:12:13 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/26 09:12:10 | 000,585,568 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 09:12:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/26 09:12:10 | 000,267,718 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 09:12:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/26 09:12:08 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/26 09:12:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/26 09:12:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/26 09:12:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/26 09:11:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/26 09:11:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/26 09:11:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 03:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 03:54:01 | 000,296,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/01/01 16:28:29 | 000,000,100 | ---- | C] () -- C:\WINDOWS\forevermopt.INI
[2004/01/01 16:28:13 | 000,000,314 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2004/01/01 15:05:12 | 000,092,400 | ---- | C] () -- C:\WINDOWS\ktkm7.dll
[2004/01/01 15:05:12 | 000,058,192 | ---- | C] () -- C:\WINDOWS\ktkm6.dll
[2004/01/01 15:05:12 | 000,055,186 | ---- | C] () -- C:\WINDOWS\ktkm5.dll
[2004/01/01 15:05:12 | 000,030,166 | ---- | C] () -- C:\WINDOWS\ktkm9.dll
[2004/01/01 15:05:11 | 000,268,621 | ---- | C] () -- C:\WINDOWS\ktkm33.dll
[2004/01/01 15:05:11 | 000,098,442 | ---- | C] () -- C:\WINDOWS\ktkm35.dll
[2004/01/01 15:05:11 | 000,082,542 | ---- | C] () -- C:\WINDOWS\ktkm37.dll
[2004/01/01 15:05:10 | 000,326,441 | ---- | C] () -- C:\WINDOWS\ktkm32.dll
[2004/01/01 15:05:10 | 000,197,408 | ---- | C] () -- C:\WINDOWS\ktkm29.dll
[2004/01/01 15:05:10 | 000,128,042 | ---- | C] () -- C:\WINDOWS\ktkm30.dll
[2004/01/01 15:05:10 | 000,116,841 | ---- | C] () -- C:\WINDOWS\ktkm26.dll
[2004/01/01 15:05:10 | 000,100,786 | ---- | C] () -- C:\WINDOWS\ktkm28.dll
[2004/01/01 15:05:10 | 000,081,427 | ---- | C] () -- C:\WINDOWS\ktkm31.dll
[2004/01/01 15:05:10 | 000,065,092 | ---- | C] () -- C:\WINDOWS\ktkm27.dll
[2004/01/01 15:05:09 | 000,538,410 | ---- | C] () -- C:\WINDOWS\ktkm20.dll
[2004/01/01 15:05:09 | 000,524,537 | ---- | C] () -- C:\WINDOWS\ktkm18.dll
[2004/01/01 15:05:09 | 000,370,880 | ---- | C] () -- C:\WINDOWS\ktkm22.dll
[2004/01/01 15:05:09 | 000,126,720 | ---- | C] () -- C:\WINDOWS\ktkm23.dll
[2004/01/01 15:05:09 | 000,070,888 | ---- | C] () -- C:\WINDOWS\ktkm19.dll
[2004/01/01 15:05:09 | 000,066,908 | ---- | C] () -- C:\WINDOWS\ktkm17.dll
[2004/01/01 15:05:09 | 000,064,070 | ---- | C] () -- C:\WINDOWS\ktkm21.dll
[2004/01/01 15:05:09 | 000,056,992 | ---- | C] () -- C:\WINDOWS\ktkm24.dll
[2004/01/01 15:05:09 | 000,049,094 | ---- | C] () -- C:\WINDOWS\ktkm25.dll
[2004/01/01 15:05:08 | 000,803,601 | ---- | C] () -- C:\WINDOWS\ktkm16.dll
[2004/01/01 15:05:08 | 000,524,164 | ---- | C] () -- C:\WINDOWS\ktkm12.dll
[2004/01/01 15:05:08 | 000,307,617 | ---- | C] () -- C:\WINDOWS\ktkm15.dll
[2004/01/01 15:05:08 | 000,209,936 | ---- | C] () -- C:\WINDOWS\ktkm14.dll
[2004/01/01 15:05:08 | 000,099,867 | ---- | C] () -- C:\WINDOWS\ktkm13.dll
[2004/01/01 15:05:08 | 000,096,166 | ---- | C] () -- C:\WINDOWS\ktkm1.dll
[2004/01/01 15:05:08 | 000,062,631 | ---- | C] () -- C:\WINDOWS\ktkm11.dll
[2004/01/01 15:05:08 | 000,058,015 | ---- | C] () -- C:\WINDOWS\ktkm10.dll
[1997/06/13 18:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/02/12 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.YOUR-F81B4FD27F\Application Data\SampleView
[2009/04/20 11:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2012/01/03 18:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/30 12:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BackToTheBeach
[2009/04/20 11:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/10/03 14:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2012/01/28 15:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTIReg
[2011/05/01 13:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/08/20 19:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/02/12 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2011/09/15 20:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Temp
[2009/01/17 18:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AICPA
[2009/04/20 11:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Avanquest
[2011/05/30 12:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BackToTheBeach
[2011/11/06 19:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/10/25 09:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1
[2011/11/23 14:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DMCache
[2011/10/06 18:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FCSB000063945
[2011/11/06 13:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2011/10/21 10:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2011/11/19 16:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IDM
[2010/06/23 19:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\KompoZer
[2010/06/23 19:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\kompozer.net
[2008/02/12 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2011/05/01 14:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2010/10/03 17:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\simppulltoolbar
[2011/03/20 07:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Smilebox
[2008/05/29 07:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2011/09/14 20:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Temp
[2008/06/15 19:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2008/02/28 20:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Walgreens
[2010/10/03 14:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/12/15 19:37:57 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2004/08/26 11:04:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/02/12 17:00:07 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2009/08/20 20:15:39 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2009/08/16 11:16:46 | 000,035,374 | ---- | M] () -- C:\caavsetupLog.txt
[2011/10/09 19:21:07 | 007,920,842 | ---- | M] () -- C:\caisslog.txt
[2004/08/03 22:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2012/01/11 18:13:38 | 000,017,899 | ---- | M] () -- C:\ComboFix.txt
[2004/08/26 11:04:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/03/16 22:04:36 | 000,017,140 | ---- | M] () -- C:\content.answers.com-main-content-wp-en-commons-thumb-b-b00010001.mdi
[2011/02/10 12:10:50 | 000,000,045 | ---- | M] () -- C:\error.log
[2010/10/30 12:29:08 | 000,000,543 | ---- | M] () -- C:\flash.swf
[2010/10/30 12:29:08 | 000,000,127 | ---- | M] () -- C:\flash2.swf
[2004/08/26 11:04:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/25 23:25:59 | 000,001,209 | -H-- | M] () -- C:\IPH.PH
[2011/10/15 08:54:49 | 000,060,840 | ---- | M] () -- C:\JavaRa.log
[2009/08/16 08:01:12 | 000,004,267 | ---- | M] () -- C:\JavaRalogfile.txt
[2010/10/30 12:29:08 | 000,001,361 | ---- | M] () -- C:\lol.swf
[2012/02/04 14:02:37 | 002,282,067 | ---- | M] () -- C:\lxcy.log
[2010/05/31 13:51:48 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008/02/12 15:21:37 | 000,000,060 | ---- | M] () -- C:\MOVE_RECOVERY
[2004/08/26 11:04:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/20 10:25:14 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/02/04 13:28:26 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2012/01/01 13:47:18 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2008/02/12 16:11:21 | 000,000,391 | ---- | M] () -- C:\RtlAudio_Result.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/26 11:03:59 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2010/09/02 14:17:50 | 000,196,608 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/03/16 03:38:25 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxcypp5c.dll
[2003/06/18 17:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/11/28 11:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/26 03:53:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004/08/26 03:53:18 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004/08/26 03:53:18 | 000,864,256 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/08/20 10:31:58 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2008/02/12 16:41:30 | 000,000,344 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\OEMRESET.log

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008/02/12 17:00:35 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/26 11:09:49 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2012/02/02 18:39:30 | 001,110,476 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\7z920.exe
[2012/01/11 17:13:54 | 004,377,322 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/10/15 10:28:52 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/02/04 12:54:36 | 000,335,847 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FSS.exe
[2009/08/15 12:10:05 | 001,092,144 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Updater.exe
[2012/01/01 13:45:27 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2011/10/15 08:49:40 | 000,910,112 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Owner\Desktop\jxpiinstall.exe
[2010/01/25 10:09:33 | 000,209,952 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NetSessionInterface.exe
[2012/01/02 21:52:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/10/05 22:47:05 | 004,272,992 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\Owner\Desktop\QuickConnectSetup.exe
[2009/08/15 11:08:51 | 026,173,584 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Owner\Desktop\sdasetup.exe
[2011/10/15 08:59:48 | 000,879,028 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
[2011/10/15 09:12:07 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2012/02/02 20:48:36 | 331,805,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2011/10/25 16:05:17 | 004,557,344 | ---- | M] (Tonec Inc.) -- C:\Documents and Settings\Owner\My Documents\idman607.exe
[2009/08/09 08:29:48 | 110,436,864 | ---- | M] (CA) -- C:\Documents and Settings\Owner\My Documents\issdm_en_32.exe
[2010/01/17 08:33:14 | 001,970,176 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Penguin Storm 10.1.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/02/12 17:00:34 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Owner\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/08/02 08:29:32 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Owner\Cookies\desktop.ini
[2012/02/04 13:36:38 | 000,147,456 | -HS- | M] () -- C:\Documents and Settings\Owner\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 21:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 17:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 08:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 08:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 07:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 10:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 17:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 08:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 08:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 08:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 08:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 08:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

< End of report >

 

[dave7615l]

It didn't produce the attach.txt