It is currently Thu Oct 19, 2017 4:46 am


Need Help with System

Is your PC infected? Is it running slow? Just can't figure out what's making it sluggish? Here is the place to get some help.

Moderators: liljim, Gecko

Re: Need Help with System

Postby Gecko » Fri Sep 07, 2012 1:22 pm

It looks like you need to run a check disk operation.

Click on My Computer, now right click on your "I drive" and select "Properties"
Next click on the "Tools" tab and then under Error Checking click the Check Now button
In the next windows check the box for "Automatically fix system errors" and then click Start.
You will get a warning window about access, click Yes to scan on restart.
Reboot your system and let the Check Disk run
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5206
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Need Help with System

Postby westonm » Fri Sep 07, 2012 11:15 pm

I ran the CHKDSK - didn't know that was still available - it completed and unless there is a log somewhere, I have no idea what it may have done. Before I could read any of the stats, it re-booted. I will let it run for a day or so and see if there is an improvement.
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby westonm » Sun Sep 09, 2012 2:19 pm

Follow up to previous message - after a couple of days of running, I am still getting programs that lock up and slow response. Is there anything else I can try to find the problem?
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby Gecko » Mon Sep 10, 2012 3:00 pm

It could be a RAM stick with an issue, we can test that using Memtest86.

Download Memtest86 from Here

After the file is downloaded an extract must be done to uncompress the file. To extract right click on the downloaded file and select the "Extract All" option. The extract option will let you choose where the files will be extracted to.

To build a boot-able CD-ROM use your CD burning software to create an image from the un-zipped ISO file. Be sure to use a create from image option. Do NOT simply copy the file to a CD.

Once you have burned the CD you will need to reboot your system so it boots from the CD.
Memtest86 will start automatically, let it make at least two passes on all you memory sticks.
This will take a couple of hours at least so just let it run. If any errors are reported pleas write them down and post them back here.
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5206
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Need Help with System

Postby westonm » Tue Sep 11, 2012 10:45 pm

Completed the memory test with two passes - no errors found. Not much left to test is there. Am I running out of stuff to test? This computer really used to run better.
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby Gecko » Wed Sep 12, 2012 12:19 pm

Lets try one more checking tool to see if we can find what the problem is.

Download [url="http://oldtimer.geekstogo.com/OTL.exe"]OTL[/url] to your desktop.
Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5206
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Need Help with System

Postby westonm » Wed Sep 12, 2012 8:54 pm

It is too long for reply - am breaking it down - this is part 1 of OTL.Txt

OTL logfile created on: 9/12/2012 2:32:43 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = I:\Documents and Settings\Weston\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 84.44% Memory free
5.34 Gb Paging File | 4.51 Gb Available in Paging File | 84.47% Paging File free
Paging file location(s): I:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files
Drive C: | 298.09 Gb Total Space | 164.88 Gb Free Space | 55.31% Space Free | Partition Type: NTFS
Drive I: | 931.50 Gb Total Space | 864.49 Gb Free Space | 92.81% Space Free | Partition Type: NTFS

Computer Name: WMAYNARD | User Name: Weston | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - I:\Documents and Settings\Weston\Desktop\OTL.exe (OldTimer Tools)
PRC - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - I:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - I:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - I:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - I:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - I:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - I:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
PRC - I:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - I:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
PRC - I:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - I:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - I:\WINDOWS\system32\IPROSetMonitor.exe (Intel Corporation)
PRC - I:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - I:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - I:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - I:\Program Files\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC)
PRC - I:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - I:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - I:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)


========== Modules (No Company Name) ==========

MOD - I:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - I:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - I:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - I:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - I:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll ()
MOD - I:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\9b6f1bcb2cf4e6ad429cd721b942f30f\System.Xaml.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f44e12702dadeae606b8eaca609b1336\System.Xml.Linq.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\54d61af44b1dedee6aea0d1bbc46b13a\System.Windows.Forms.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5d585d5428ce69abc28238ffa9f4d3a2\PresentationFramework.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\fe068ba4be8f6cb7d6a58bccff05c75e\PresentationCore.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\62f103f9e662d263ec2ecacc49d4525b\WindowsBase.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\190e1740c9b998105a47ec31df0b6f11\PresentationFramework.Luna.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\4a668799513e369a54fdab8b3f74de92\System.Drawing.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\efe46aa882d9ac31f7fbbdc004fc99d5\System.Security.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll ()
MOD - I:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - I:\Program Files\CDBurnerXP\NMSAccessU.exe ()


========== Services (SafeList) ==========

SRV - (STacSV) -- i:\docume~1\weston\locals~1\temp\cdm\{d11a2c8c-bf5d-4f0b-bc5d-5e3752bab6bd}\STacSV.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (!SASCORE) -- I:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (MozillaMaintenance) -- I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- I:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (MBAMService) -- I:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NMSAccess) -- I:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (CarboniteService) -- I:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (nvUpdatusService) -- I:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Intel(R) -- I:\WINDOWS\system32\IPROSetMonitor.exe (Intel Corporation)
SRV - (SBAMSvc) -- I:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (AdobeActiveFileMonitor10.0) -- I:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (PCPitstop Scheduling) -- I:\Program Files\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC)
SRV - (PSI_SVC_2) -- I:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (cpuz134) -- I:\DOCUME~1\Weston\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- I:\DOCUME~1\Weston\LOCALS~1\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- I:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (StarOpen) -- I:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (NVHDA) -- I:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (sbapifs) -- I:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- I:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBRE) -- I:\WINDOWS\system32\drivers\SBREDrv.sys (GFI Software)
DRV - (SASDIFSV) -- I:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- I:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (STHDA) -- I:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = I:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}: "URL" = http://search.mywebsearch.com/mywebsear ... .jhtml?p2=^Z7^xdm027^S01535^us&si=CLvV9OOR_rACFcqe7QodmFSTBA&ptb=4F433372-CB94-4926-8AFB-58F8CFA2C83A&psa=&ind=2012070314&st=sb&n=77edc1aa&searchfor={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = I:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - I:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:13.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: I:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: I:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: I:\WINDOWS\ [2012/09/12 08:26:00 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: i:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: i:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: I:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: I:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: I:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: I:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: I:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: I:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: I:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: I:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: i:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012/05/29 03:09:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: I:\Program Files\Mozilla Firefox\components [2012/09/07 09:33:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: I:\Program Files\Mozilla Firefox\plugins [2012/09/07 09:33:36 | 000,000,000 | ---D | M]

[2012/07/03 09:03:22 | 000,000,000 | ---D | M] (No name found) -- I:\Documents and Settings\Weston\Application Data\Mozilla\Extensions
[2012/07/06 12:02:21 | 000,000,000 | ---D | M] (No name found) -- I:\Documents and Settings\Weston\Application Data\Mozilla\Firefox\Profiles\8qvw9xu9.default\extensions
[2012/08/28 14:18:31 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- I:\Documents and Settings\Weston\Application Data\Mozilla\Firefox\Profiles\8qvw9xu9.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/08/28 14:18:35 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- I:\Documents and Settings\Weston\Application Data\Mozilla\Firefox\Profiles\8qvw9xu9.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/09/07 09:33:35 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files\Mozilla Firefox\extensions
[2012/09/07 09:33:42 | 000,000,000 | ---D | M] (Default) -- I:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/09/07 09:33:41 | 000,266,720 | ---- | M] (Mozilla Foundation) -- I:\Program Files\mozilla firefox\components\browsercomps.dll
[2003/02/11 06:02:56 | 000,032,768 | ---- | M] (Macromedia, Inc.) -- I:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2012/07/27 15:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- I:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012/06/27 17:03:23 | 000,150,736 | ---- | M] (RealNetworks, Inc.) -- I:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2012/07/04 18:01:26 | 000,159,744 | ---- | M] (Apple Inc.) -- I:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2012/06/27 17:03:36 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- I:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2012/06/27 17:03:21 | 000,129,176 | ---- | M] (RealPlayer) -- I:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/08/29 12:14:42 | 000,001,607 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2012/08/29 12:14:42 | 000,002,465 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/29 12:14:42 | 000,001,344 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2012/08/29 12:14:42 | 000,003,581 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\google.xml
[2012/08/29 12:14:42 | 000,002,253 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/08/29 12:14:42 | 000,001,391 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2012/08/29 12:14:42 | 000,001,309 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = I:\Program Files\google\chrome\application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = I:\Program Files\google\chrome\application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = I:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = I:\Program Files\google\chrome\application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = I:\Program Files\google\chrome\application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = I:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = I:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = I:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = I:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = I:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = I:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = I:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = I:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = I:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = I:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = I:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = I:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = i:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = i:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = I:\Documents and Settings\Weston\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = I:\Documents and Settings\Weston\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = I:\Documents and Settings\Weston\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/01 17:07:10 | 000,000,027 | ---- | M]) - I:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - I:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - I:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - I:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] I:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] I:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] I:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] I:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] I:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Garmin Lifetime Updater] I:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] I:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] I:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] I:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SBAutoUpdate] I:\Program Files\SpywareBlaster\sbautoupdate.exe ()
O4 - HKLM..\Run: [SysTrayApp] I:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TkBellExe] I:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [SUPERAntiSpyware] I:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - I:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - I:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - I:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - I:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - I:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/ ... anager.cab (Microsoft Download Manager ActiveX control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5924C6D-036E-4E7C-86FA-8E2BBFEE2F82}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - I:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - I:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - I:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - I:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - I:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - I:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - I:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - I:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - I:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - I:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - I:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - I:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - I:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - I:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - I:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - I:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - I:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - I:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - I:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (I:\WINDOWS\system32\userinit.exe) - I:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - I:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - I:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - I:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - I:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - I:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - I:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - I:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - I:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - I:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - I:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - I:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - I:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - I:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - I:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - I:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - I:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - I:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - I:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - I:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: I:\Documents and Settings\Weston\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: I:\Documents and Settings\Weston\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - I:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - I:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - I:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - I:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - I:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - I:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - I:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - I:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - I:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - I:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - I:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/17 18:13:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/02/23 20:10:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT~R1A3OQGK -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby westonm » Wed Sep 12, 2012 8:56 pm

Here is part 2 of OTL.Txt

========== Files/Folders - Created Within 30 Days ==========

[2012/09/12 14:29:04 | 000,600,064 | ---- | C] (OldTimer Tools) -- I:\Documents and Settings\Weston\Desktop\OTL.exe
[2012/09/11 07:34:21 | 000,000,000 | ---D | C] -- I:\WINDOWS\System32\NtmsData
[2012/09/10 20:05:34 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Application Data\Canneverbe Limited
[2012/09/10 20:05:34 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012/09/10 20:05:19 | 000,000,000 | ---D | C] -- I:\Program Files\CDBurnerXP
[2012/09/07 09:33:33 | 000,000,000 | ---D | C] -- I:\Program Files\Mozilla Firefox
[2012/09/04 08:24:48 | 000,000,000 | -HSD | C] -- I:\RECYCLER
[2012/09/03 16:37:09 | 000,000,000 | ---D | C] -- I:\Program Files\ESET
[2012/09/01 18:48:33 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\TEMP
[2012/09/01 15:59:21 | 000,000,000 | RHSD | C] -- I:\cmdcons
[2012/09/01 15:56:30 | 000,518,144 | ---- | C] (SteelWerX) -- I:\WINDOWS\SWREG.exe
[2012/09/01 15:56:30 | 000,406,528 | ---- | C] (SteelWerX) -- I:\WINDOWS\SWSC.exe
[2012/09/01 15:56:30 | 000,212,480 | ---- | C] (SteelWerX) -- I:\WINDOWS\SWXCACLS.exe
[2012/09/01 15:56:30 | 000,060,416 | ---- | C] (NirSoft) -- I:\WINDOWS\NIRCMD.exe
[2012/09/01 15:56:24 | 000,000,000 | ---D | C] -- I:\ComboFix
[2012/09/01 15:56:12 | 000,000,000 | ---D | C] -- I:\Qoobox
[2012/09/01 15:56:08 | 000,000,000 | R--D | C] -- I:\Documents and Settings\Weston\Start Menu\Programs\Administrative Tools
[2012/09/01 15:55:52 | 000,000,000 | ---D | C] -- I:\WINDOWS\erdnt
[2012/09/01 15:49:20 | 004,742,651 | R--- | C] (Swearware) -- I:\Documents and Settings\Weston\Desktop\ComboFix.exe
[2012/09/01 09:14:16 | 000,000,000 | ---D | C] -- I:\Program Files\HiJackThis
[2012/08/31 10:24:36 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\Reimage Repair
[2012/08/31 10:24:35 | 000,000,000 | ---D | C] -- I:\rei
[2012/08/31 10:24:30 | 000,000,000 | ---D | C] -- I:\Program Files\Reimage
[2012/08/28 14:26:12 | 000,000,000 | ---D | C] -- I:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012/08/28 14:20:39 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Local Settings\Application Data\adaware
[2012/08/28 14:20:29 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus
[2012/08/28 14:20:28 | 000,077,816 | ---- | C] (GFI Software) -- I:\WINDOWS\System32\drivers\sbapifs.sys
[2012/08/28 14:20:28 | 000,021,240 | ---- | C] (GFI Software) -- I:\WINDOWS\System32\drivers\sbaphd.sys
[2012/08/28 14:20:25 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Lavasoft
[2012/08/28 14:20:23 | 000,000,000 | ---D | C] -- I:\WINDOWS\System32\drivers\VDD
[2012/08/28 14:20:22 | 000,000,000 | ---D | C] -- I:\Program Files\Ad-Aware Antivirus
[2012/08/28 14:19:37 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Local Settings\Application Data\Downloaded Installations
[2012/08/28 14:19:06 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Local Settings\Application Data\adawarebp
[2012/08/28 14:19:02 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2012/08/28 14:18:38 | 000,000,000 | ---D | C] -- I:\Program Files\Toolbar Cleaner
[2012/08/28 14:18:21 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Application Data\adawaretb
[2012/08/28 14:18:20 | 000,000,000 | ---D | C] -- I:\Program Files\adawaretb
[2012/08/28 14:17:14 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Application Data\Ad-Aware Antivirus
[2012/08/28 14:07:26 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2012/08/28 14:07:21 | 000,000,000 | ---D | C] -- I:\Program Files\Spybot - Search & Destroy
[2012/08/28 14:07:21 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012/08/26 21:35:10 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/08/26 21:34:04 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager
[2012/08/26 21:34:00 | 000,000,000 | ---D | C] -- I:\Program Files\Security Task Manager
[2012/08/24 15:45:39 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2012/08/21 13:46:19 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Application Data\SUPERAntiSpyware.com
[2012/08/21 13:46:15 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/08/21 13:46:12 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/08/21 13:46:12 | 000,000,000 | ---D | C] -- I:\Program Files\SUPERAntiSpyware
[2012/08/21 13:29:09 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Application Data\Malwarebytes
[2012/08/21 13:29:06 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/21 13:29:06 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/08/21 13:29:05 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- I:\WINDOWS\System32\drivers\mbam.sys
[2012/08/21 13:29:05 | 000,000,000 | ---D | C] -- I:\Program Files\Malwarebytes' Anti-Malware
[2012/08/19 14:49:30 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/08/19 14:49:27 | 000,000,000 | ---D | C] -- I:\Program Files\Adobe Download Assistant
[2012/08/19 13:22:42 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\My Documents\My Albums
[2012/08/19 13:22:42 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\Local Settings\Application Data\IsolatedStorage
[2012/08/18 12:57:29 | 000,000,000 | ---D | C] -- I:\Program Files\Kyodai Mahjongg 2006
[2012/08/18 12:27:24 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\NVIDIA
[2012/08/18 12:26:19 | 000,876,864 | R--- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvhdagenco3220103.dll
[2012/08/18 12:26:19 | 000,123,584 | R--- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\drivers\nvhda32.sys
[2012/08/18 12:26:19 | 000,027,968 | R--- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvhdap32.dll
[2012/08/18 12:25:27 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrshe.dll
[2012/08/18 12:25:27 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsfr.dll
[2012/08/18 12:25:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsit.dll
[2012/08/18 12:25:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrses.dll
[2012/08/18 12:25:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrspt.dll
[2012/08/18 12:25:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsnl.dll
[2012/08/18 12:25:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsja.dll
[2012/08/18 12:25:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsesm.dll
[2012/08/18 12:25:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsru.dll
[2012/08/18 12:25:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsptb.dll
[2012/08/18 12:25:27 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsko.dll
[2012/08/18 12:25:27 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrshu.dll
[2012/08/18 12:25:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrstr.dll
[2012/08/18 12:25:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrssl.dll
[2012/08/18 12:25:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrssk.dll
[2012/08/18 12:25:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrspl.dll
[2012/08/18 12:25:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsth.dll
[2012/08/18 12:25:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrssv.dll
[2012/08/18 12:25:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsno.dll
[2012/08/18 12:25:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsfi.dll
[2012/08/18 12:25:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrseng.dll
[2012/08/18 12:25:27 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrszhc.dll
[2012/08/18 12:25:27 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrszht.dll
[2012/08/18 12:25:26 | 015,496,000 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvcpl.dll
[2012/08/18 12:25:26 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsar.dll
[2012/08/18 12:25:26 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsel.dll
[2012/08/18 12:25:26 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsde.dll
[2012/08/18 12:25:26 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrsda.dll
[2012/08/18 12:25:26 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvrscs.dll
[2012/08/18 12:25:26 | 000,143,680 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvcolor.exe
[2012/08/18 12:25:26 | 000,108,352 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvmctray.dll
[2012/08/18 12:25:25 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- I:\WINDOWS\System32\nvwddi.dll
[2012/08/16 13:27:40 | 000,000,000 | -HSD | C] -- I:\Documents and Settings\Weston\UserData
[2012/08/16 11:13:49 | 000,000,000 | ---D | C] -- I:\WINDOWS\Minidump
[2012/08/16 09:52:44 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Weston\My Documents\Sketchup
[4 I:\WINDOWS\*.tmp files -> I:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/12 14:29:12 | 000,600,064 | ---- | M] (OldTimer Tools) -- I:\Documents and Settings\Weston\Desktop\OTL.exe
[2012/09/12 14:17:00 | 000,000,884 | ---- | M] () -- I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/12 14:17:00 | 000,000,880 | ---- | M] () -- I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/12 14:02:00 | 000,000,830 | ---- | M] () -- I:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/12 13:25:15 | 000,000,424 | -H-- | M] () -- I:\WINDOWS\tasks\User_Feed_Synchronization-{712E1E74-77AA-4035-8CC1-528433DE115F}.job
[2012/09/12 10:04:40 | 000,002,521 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\Microsoft Office Outlook 2007.lnk
[2012/09/12 09:23:47 | 000,002,473 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\Microsoft Office Excel 2007 (2).lnk
[2012/09/12 08:44:57 | 000,000,280 | ---- | M] () -- I:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1563985344-839522115-1004.job
[2012/09/12 08:44:02 | 000,000,288 | ---- | M] () -- I:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1563985344-839522115-1004.job
[2012/09/12 08:42:13 | 000,000,472 | ---- | M] () -- I:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
[2012/09/12 08:42:12 | 000,000,278 | ---- | M] () -- I:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1563985344-839522115-1007.job
[2012/09/12 08:41:37 | 000,002,048 | --S- | M] () -- I:\WINDOWS\bootstat.dat
[2012/09/12 06:50:13 | 000,000,388 | ---- | M] () -- I:\WINDOWS\tasks\RegCure Pro.job
[2012/09/12 02:00:00 | 000,000,344 | ---- | M] () -- I:\WINDOWS\tasks\AdobeAAMUpdater-1.0-WMAYNARD-Weston.job
[2012/09/12 02:00:00 | 000,000,340 | ---- | M] () -- I:\WINDOWS\tasks\AdobeAAMUpdater-1.0-WMAYNARD-Anna.job
[2012/09/11 18:00:00 | 000,000,446 | ---- | M] () -- I:\WINDOWS\tasks\ParetoLogic Registration3.job
[2012/09/10 20:05:23 | 000,001,604 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012/09/10 07:18:27 | 000,000,420 | ---- | M] () -- I:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2012/09/10 03:01:40 | 000,000,843 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\RegCure Pro.lnk
[2012/09/09 12:00:18 | 000,000,942 | ---- | M] () -- I:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012/09/09 12:00:01 | 000,001,615 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
[2012/09/08 22:41:04 | 000,000,284 | ---- | M] () -- I:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/09/06 15:48:00 | 000,000,286 | ---- | M] () -- I:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1563985344-839522115-1007.job
[2012/09/05 12:47:42 | 000,002,471 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\Microsoft Office Access 2007 (2).lnk
[2012/09/05 09:06:06 | 000,297,260 | ---- | M] () -- I:\WINDOWS\System32\nvdrsdb1.bin
[2012/09/05 09:06:06 | 000,297,260 | ---- | M] () -- I:\WINDOWS\System32\nvdrsdb0.bin
[2012/09/05 09:06:06 | 000,000,001 | ---- | M] () -- I:\WINDOWS\System32\nvdrssel.bin
[2012/09/05 07:41:33 | 000,002,515 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\Microsoft Office Word 2007 (2).lnk
[2012/09/05 07:19:30 | 000,000,105 | ---- | M] () -- I:\0.bak
[2012/09/04 19:55:44 | 000,001,351 | ---- | M] () -- I:\0
[2012/09/03 23:00:00 | 000,001,984 | ---- | M] () -- I:\WINDOWS\System32\d3d9caps.dat
[2012/09/01 17:07:10 | 000,000,027 | ---- | M] () -- I:\WINDOWS\System32\drivers\etc\hosts
[2012/09/01 15:59:24 | 000,000,327 | RHS- | M] () -- I:\boot.ini
[2012/09/01 15:49:28 | 004,742,651 | R--- | M] (Swearware) -- I:\Documents and Settings\Weston\Desktop\ComboFix.exe
[2012/09/01 00:19:31 | 000,001,813 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/08/31 10:26:37 | 000,000,286 | ---- | M] () -- I:\WINDOWS\reimage.ini
[2012/08/31 10:24:36 | 000,001,749 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\PC Scan & Repair by Reimage.lnk
[2012/08/28 14:07:26 | 000,000,951 | ---- | M] () -- I:\Documents and Settings\Weston\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/28 14:07:26 | 000,000,933 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\Spybot - Search & Destroy.lnk
[2012/08/26 08:34:17 | 000,013,738 | ---- | M] () -- I:\WINDOWS\System32\wpa.dbl
[2012/08/24 15:45:39 | 000,001,915 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/08/21 13:29:06 | 000,000,784 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/19 16:14:40 | 001,044,696 | ---- | M] () -- I:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/19 15:27:37 | 000,001,673 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Adobe Photoshop Elements 10.lnk
[2012/08/19 14:49:27 | 000,000,790 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Adobe Download Assistant.lnk
[2012/08/19 08:52:00 | 000,000,651 | ---- | M] () -- I:\Documents and Settings\Weston\Desktop\Shortcut to kmj.lnk
[2012/08/15 08:02:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- I:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/15 08:02:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- I:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/15 03:03:07 | 000,001,374 | ---- | M] () -- I:\WINDOWS\imsins.BAK
[4 I:\WINDOWS\*.tmp files -> I:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/12 08:43:30 | 000,000,280 | ---- | C] () -- I:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1563985344-839522115-1004.job
[2012/09/10 20:05:23 | 000,001,604 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012/09/10 20:05:23 | 000,001,556 | ---- | C] () -- I:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2012/09/10 20:05:20 | 000,005,504 | ---- | C] () -- I:\WINDOWS\System32\drivers\StarOpen.sys
[2012/09/01 15:59:24 | 000,000,210 | ---- | C] () -- I:\Boot.bak
[2012/09/01 15:59:22 | 000,260,272 | RHS- | C] () -- I:\cmldr
[2012/09/01 15:56:30 | 000,256,000 | ---- | C] () -- I:\WINDOWS\PEV.exe
[2012/09/01 15:56:30 | 000,208,896 | ---- | C] () -- I:\WINDOWS\MBR.exe
[2012/09/01 15:56:30 | 000,098,816 | ---- | C] () -- I:\WINDOWS\sed.exe
[2012/09/01 15:56:30 | 000,080,412 | ---- | C] () -- I:\WINDOWS\grep.exe
[2012/09/01 15:56:30 | 000,068,096 | ---- | C] () -- I:\WINDOWS\zip.exe
[2012/08/31 10:25:09 | 000,000,286 | ---- | C] () -- I:\WINDOWS\reimage.ini
[2012/08/31 10:24:36 | 000,001,749 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\PC Scan & Repair by Reimage.lnk
[2012/08/28 14:28:01 | 000,000,942 | ---- | C] () -- I:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012/08/28 14:20:29 | 000,001,615 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
[2012/08/28 14:07:26 | 000,000,951 | ---- | C] () -- I:\Documents and Settings\Weston\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/28 14:07:26 | 000,000,933 | ---- | C] () -- I:\Documents and Settings\Weston\Desktop\Spybot - Search & Destroy.lnk
[2012/08/24 15:45:39 | 000,001,915 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/08/21 13:29:06 | 000,000,784 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/19 16:25:52 | 000,000,340 | ---- | C] () -- I:\WINDOWS\tasks\AdobeAAMUpdater-1.0-WMAYNARD-Anna.job
[2012/08/19 15:27:37 | 000,001,683 | ---- | C] () -- I:\Documents and Settings\All Users\Start Menu\Programs\Adobe Photoshop Elements 10.lnk
[2012/08/19 15:27:37 | 000,001,673 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\Adobe Photoshop Elements 10.lnk
[2012/08/19 14:49:27 | 000,000,796 | ---- | C] () -- I:\Documents and Settings\All Users\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/08/19 14:49:27 | 000,000,790 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\Adobe Download Assistant.lnk
[2012/08/19 08:52:00 | 000,000,651 | ---- | C] () -- I:\Documents and Settings\Weston\Desktop\Shortcut to kmj.lnk
[2012/08/18 12:23:26 | 000,009,015 | R--- | C] () -- I:\WINDOWS\System32\nvinfo.pb
[2012/08/15 07:55:38 | 000,000,830 | ---- | C] () -- I:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/18 03:17:08 | 001,303,986 | ---- | C] () -- I:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2052111302-1563985344-839522115-1007-0.dat
[2012/07/10 23:50:23 | 000,001,984 | ---- | C] () -- I:\WINDOWS\System32\d3d9caps.dat
[2012/07/08 14:46:09 | 000,001,456 | ---- | C] () -- I:\WINDOWS\_delis32.ini
[2012/07/08 08:53:09 | 001,939,802 | ---- | C] () -- I:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2052111302-1563985344-839522115-1008-0.dat
[2012/07/04 08:02:19 | 001,939,802 | ---- | C] () -- I:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2052111302-1563985344-839522115-1005-0.dat
[2012/06/28 20:12:26 | 002,013,650 | ---- | C] () -- I:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2052111302-1563985344-839522115-1004-0.dat
[2012/06/28 20:12:25 | 000,653,802 | ---- | C] () -- I:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/06/07 08:48:57 | 000,000,000 | ---- | C] () -- I:\WINDOWS\nsreg.dat
[2012/06/04 16:27:24 | 000,003,766 | -HS- | C] () -- I:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2012/05/30 19:52:04 | 000,001,191 | ---- | C] () -- I:\Documents and Settings\Weston\printmaster.prefs
[2012/05/30 10:11:28 | 000,139,264 | ---- | C] () -- I:\WINDOWS\System32\gswin32c.exe
[2012/05/28 08:37:08 | 000,000,120 | ---- | C] () -- I:\WINDOWS\QUICKEN.INI
[2012/05/27 20:38:21 | 000,154,973 | ---- | C] () -- I:\WINDOWS\hpoins16.dat
[2012/05/27 20:38:21 | 000,004,602 | ---- | C] () -- I:\WINDOWS\hpomdl16.dat
[2012/05/27 20:30:52 | 000,000,129 | ---- | C] () -- I:\Documents and Settings\Weston\Local Settings\Application Data\fusioncache.dat
[2012/05/27 20:09:56 | 000,047,783 | ---- | C] () -- I:\WINDOWS\hpiins01.dat
[2012/05/27 20:00:16 | 000,142,067 | ---- | C] () -- I:\WINDOWS\hpwins05.dat
[2012/05/27 19:08:40 | 000,297,260 | ---- | C] () -- I:\WINDOWS\System32\nvdrsdb1.bin
[2012/05/27 19:08:40 | 000,297,260 | ---- | C] () -- I:\WINDOWS\System32\nvdrsdb0.bin
[2012/05/27 19:08:40 | 000,000,001 | ---- | C] () -- I:\WINDOWS\System32\nvdrssel.bin
[2012/05/27 19:01:40 | 000,003,072 | ---- | C] () -- I:\WINDOWS\System32\iacenc.dll
[2012/05/27 16:51:12 | 000,002,048 | --S- | C] () -- I:\WINDOWS\bootstat.dat
[2012/05/27 16:47:37 | 000,021,640 | ---- | C] () -- I:\WINDOWS\System32\emptyregdb.dat
[2012/05/27 11:40:05 | 000,004,161 | ---- | C] () -- I:\WINDOWS\ODBCINST.INI
[2012/05/27 11:39:07 | 001,044,696 | ---- | C] () -- I:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/09 22:40:00 | 002,784,898 | R--- | C] () -- I:\WINDOWS\System32\nvdata.data

========== LOP Check ==========

[2012/09/12 08:44:56 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2012/06/16 19:43:26 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Broderbund Software
[2012/09/10 20:05:34 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012/05/28 08:30:07 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Carbonite
[2012/07/11 17:46:38 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Garmin
[2012/05/30 09:30:30 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\ParetoLogic
[2012/09/12 08:26:09 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\PCPitstop
[2012/08/19 16:36:03 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/06/16 20:20:07 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2012/08/26 21:44:28 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/09/12 14:27:02 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\TEMP
[2012/05/30 10:23:12 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\4Team
[2012/08/28 16:13:37 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\Ad-Aware Antivirus
[2012/08/28 14:18:31 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\adawaretb
[2012/09/10 20:05:34 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\Canneverbe Limited
[2012/07/15 20:00:11 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/19 14:49:30 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/05/30 09:30:40 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\DriverCure
[2012/06/28 19:24:01 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\Garmin
[2012/05/30 18:09:26 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\Helios
[2012/06/07 08:48:56 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\Netscape
[2012/05/30 09:30:40 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Weston\Application Data\ParetoLogic
[2012/09/09 12:00:18 | 000,000,942 | ---- | M] () -- I:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012/09/11 18:00:00 | 000,000,446 | ---- | M] () -- I:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2012/09/12 08:42:13 | 000,000,472 | ---- | M] () -- I:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
[2012/09/10 07:18:27 | 000,000,420 | ---- | M] () -- I:\WINDOWS\Tasks\ParetoLogic Update Version3.job
[2012/09/12 06:50:13 | 000,000,388 | ---- | M] () -- I:\WINDOWS\Tasks\RegCure Pro.job
[2012/09/12 13:25:15 | 000,000,424 | -H-- | M] () -- I:\WINDOWS\Tasks\User_Feed_Synchronization-{712E1E74-77AA-4035-8CC1-528433DE115F}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 353 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby westonm » Wed Sep 12, 2012 8:57 pm

And here is Extras.Txt ;

OTL Extras logfile created on: 9/12/2012 2:32:43 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = I:\Documents and Settings\Weston\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 84.44% Memory free
5.34 Gb Paging File | 4.51 Gb Available in Paging File | 84.47% Paging File free
Paging file location(s): I:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files
Drive C: | 298.09 Gb Total Space | 164.88 Gb Free Space | 55.31% Space Free | Partition Type: NTFS
Drive I: | 931.50 Gb Total Space | 864.49 Gb Free Space | 92.81% Space Free | Partition Type: NTFS

Computer Name: WMAYNARD | User Name: Weston | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- I:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "I:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"I:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = I:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = I:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = I:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = I:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = I:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"I:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = I:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"I:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = I:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = I:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = I:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"I:\Documents and Settings\Weston\Local Settings\Application Data\Akamai\netsession_win.exe" = I:\Documents and Settings\Weston\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client -- (Akamai Technologies, Inc)
"I:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe" = I:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe:*:Enabled:WS_FTP Pro/LE -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"I:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = I:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"I:\Program Files\Kyodai Mahjongg 2006\kmj.exe" = I:\Program Files\Kyodai Mahjongg 2006\kmj.exe:*:Disabled:Kyodai Mahjongg -- (Rene-Gilles Deberdt)
"I:\Program Files\adawaretb\dtUser.exe" = I:\Program Files\adawaretb\dtUser.exe:*:Enabled:Ad-Aware Security Toolbar DTX Broker -- (Visicom Media Inc.)
"I:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = I:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
"I:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = I:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0A55CDBB-0566-4AA2-A15B-24C7F27C6FF4}" = BPD_Scan
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{138BD312-3557-40F8-BC5E-6DFF00A6880D}" = BPDSoftware_Ini
"{17E81C48-407E-499f-A105-1B49ACDB9BA4}" = ProductContext
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2460A058-272D-498D-9A5E-E6F7492DAABC}" = Corel DVD Xpack
"{26BB11D7-36D1-49ee-986F-8F8AD4D051C8}" = L7600
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}" = Ad-Aware Antivirus
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3544DED1-07DB-40C0-98F3-435A6DA195C7}" = Google SketchUp 8
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F04067F-0DA5-4F48-9A89-6FCFD2A9E040}" = TextPad 6
"{47D73AFC-EC15-4B22-96D8-FC4487EBBE57}" = Intel(R) Network Connections 17.1.55.0
"{4AE80E7B-6633-4046-9C15-D3B281C4F73D}" = BPDSoftware
"{4EABF2A9-961A-446A-83B1-98D9E53CF365}" = ClickArt 400,000
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6DE9751D-3FFE-400E-8761-26A92DB734DE}" = BPD_HPSU
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7729A02E-D1AD-4830-8FC5-11853500D90D}" = HP Officejet Pro All-In-One Series
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{84B1561B-4DE3-4FA8-8A08-805E553171EC}" = Create and Print Greeting Cards 1.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C045626-4496-4238-B3B8-394CC6D46427}" = 7500_7600_7700_Help
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}" = Garmin Lifetime Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}" = Adobe Dreamweaver CS6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP 12
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.69
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.69
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.14.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C547F361-5750-4CD1-9FB6-BC93827CB6C1}" = RegCure Pro
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = BPDfax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEEC3316-E759-460d-B7F5-1FB290E231F2}" = HP Photosmart Printer Driver Software 10.0.02
"{D23E6E13-653C-415e-937A-598E1CEFACB1}" = PS_SF_02_Software_min
"{D48AD533-BAD5-469B-A9AA-272C6D80E70B}" = MPM
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E786D4DB-EB0D-4474-ADC2-3C229BC17FCA}" = Interactive User’s Guide
"{EA5F34F3-3911-B4DB-63CA-1E44B2AB13A1}" = Adobe Download Assistant
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}" = Garmin WebUpdater
"{F9001C89-8036-4673-9577-E7CD8564807C}" = The Print Shop 20
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1-2-3FileConvert v5.1" = 1-2-3FileConvert v5.1
"6485-4051-8654-1627" = PrintMaster 2.0 Platinum
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"adawaretb" = Ad-Aware Security Toolbar
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"Carbonite Backup" = Carbonite
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Dominoes and Win42" = Dominoes and Win42
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 1.99.1
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PC Pitstop Optimize3_is1" = PC Pitstop Optimize3 3.0
"Product_Name" = Minnesota Cuke
"PROR" = Microsoft Office Professional 2007
"Punch! Home Design - Platinum" = Punch! Home Design - Platinum
"RealPlayer 15.0" = RealPlayer
"Reimage Repair" = Reimage Repair
"Security Task Manager" = Security Task Manager 1.8d
"Shockwave" = Shockwave
"SpywareBlaster_is1" = SpywareBlaster 4.6
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/15/2012 6:57:24 PM | Computer Name = WMAYNARD | Source = Application Hang | ID = 1002
Description = Hanging application hpqtra08.exe, version 70.0.170.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/15/2012 11:10:46 PM | Computer Name = WMAYNARD | Source = Application Error | ID = 1000
Description = Faulting application hpqtra08.exe, version 70.0.170.0, faulting module
ntdll.dll, version 5.1.2600.6055, fault address 0x00036824.

Error - 8/18/2012 1:33:54 PM | Computer Name = WMAYNARD | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 21.0.1180.79, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/18/2012 5:51:43 PM | Computer Name = WMAYNARD | Source = Application Hang | ID = 1002
Description = Hanging application hpqtra08.exe, version 70.0.170.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/18/2012 6:23:22 PM | Computer Name = WMAYNARD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.19298, fault address 0x000b9ed8.

Error - 8/19/2012 1:27:44 PM | Computer Name = WMAYNARD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x02aaa120.

Error - 8/19/2012 2:01:42 PM | Computer Name = WMAYNARD | Source = Application Error | ID = 1000
Description = Faulting application hpqtra08.exe, version 70.0.170.0, faulting module
ntdll.dll, version 5.1.2600.6055, fault address 0x00010cce.

Error - 8/19/2012 2:01:49 PM | Computer Name = WMAYNARD | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 8/19/2012 2:07:10 PM | Computer Name = WMAYNARD | Source = Application Hang | ID = 1002
Description = Hanging application hpqtra08.exe, version 70.0.170.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/19/2012 2:07:32 PM | Computer Name = WMAYNARD | Source = Application Hang | ID = 1002
Description = Hanging application hpqtra08.exe, version 70.0.170.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 9/11/2012 9:00:39 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 9/11/2012 9:02:35 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 9/11/2012 1:56:57 PM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 9/11/2012 6:11:46 PM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 9/12/2012 9:25:48 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 9/12/2012 9:27:33 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 9/12/2012 9:27:33 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 9/12/2012 9:41:57 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 9/12/2012 9:43:20 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the ImapiService service.

Error - 9/12/2012 9:43:54 AM | Computer Name = WMAYNARD | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053


< End of report >
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby Gecko » Thu Sep 13, 2012 1:24 pm

This is really odd you have windows update service running from your C drive:
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)

I suspect that may be the problem as your C drive has issues.

What exactly is wrong with the C drive?
How did you install windows on your I drive, is this a clean install?
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5206
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Need Help with System

Postby westonm » Thu Sep 13, 2012 3:03 pm

The C: drive was my primary drive - actually had a D: drive that was a mirrow. I had started having problems with the system and after not finding any virus or other problems, we suspected a bad sector on the C: drive. After trying to use D: which was the mirrow, we were still getting same problems, so I figured it was just as easy to get a new drive and start over. Installed the new drive and am still in the process of moving data over to it, when I started getting the slowness etc on the new drive. I am not ready to remove the C: yet, D: has been taken out. I didn't bother to disable anything on C: as Ididn't think it would funtion since it is not a system drive anymore, or is it?

This is a relatively old system, as far a computers go; bought it at the end of 2007, so I guessed it was starting to just wear out, but wasn't going to give in a buy a new one yet until I was sure this one can't be fixed.

The install on I: was a clean install from disk. I still prefer XP and didn't want to move up to more recent version of Windows. I haven't even turned Carbonite back on yet until I was sure there wasn't a virus problem, didn't want to back it up if there was one.

With regards to the Windows update - is it not running from I:, or is it running from both drives? Since the operating system will not boot up on C: can I turn off the update from C:?
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby Gecko » Fri Sep 14, 2012 3:13 am

Why don't we try turning off Windows updates and see if that resolves issue.

Control panel > Automatic Updates, check Turn off Automatic Updates and click apply
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5206
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Need Help with System

Postby westonm » Sun Sep 16, 2012 12:59 am

Well turning off windows updates didn't help any. I was looking at the task schedule and it sure seem that there are a lot of them and multiple of some, such as Adobe which is scheduled every hour, and I thought I had disabled it since it would never work anyway, also RealPlayer has 4 update tasks scheduled and I don'tuse it. I tried loading it once and it wouldn't install. I think I will remove the RealPlayer ones, there are 4 of them, as well as Adobe and see if that helps any.
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby westonm » Sun Sep 16, 2012 3:39 pm

I uninstalled a couple of programs last night - RealPlayer, and ISeek, both of which we were not using. Also removed the scheduled updates for RealPlayer, Adobe, and some RSS Feed which I do not even subscribe to any feeds. They system is running better, quicker now, but I still get hangups occasionally when using IE. It will lock up and I have to reboot. So that is still a problem. Just wanted to report that there has finally been some improvement.
westonm
Geek in Training
Geek in Training
 
Posts: 24
Joined: Sat Sep 01, 2012 3:23 pm
Location: Houston, TX
Operating System: Windows XP

Thanks given:0
Thanks received:0
Top

Re: Need Help with System

Postby Gecko » Mon Sep 17, 2012 1:41 pm

I'm glad to hear that it's running better.

I believe that most of your issues are rooted in the fact that your C: drive is your boot drive not your I drive. If you were to remove your C drive your system will not boot.
This occurred when you install windows to your I drive while your C drive was still installed. As I pointed out before your windows update is being ran from your C drive and there is a good chance that there are others most likely something to do with IE.

It is always best to install windows with only one hard drive installed, then add any other drive after the install is completed.
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5206
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

PreviousNext

Return to Malware Support

Who is online

Users browsing this forum: No registered users and 2 guests

cron