Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Apps failing on start. Long or no restart


  • Please log in to reply
3 replies to this topic

#1 trystero4

trystero4

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 26 August 2009 - 10:17 PM

Sam sent here from the malware/hijackthis forum.

Ran an OTL report as requested



OTL logfile created on: 8/25/2009 7:32:12 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Program Files
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.21 Mb Total Physical Memory | 352.60 Mb Available Physical Memory | 69.11% Memory free
1.22 Gb Paging File | 1.12 Gb Available in Paging File | 91.81% Paging File free
Paging file location(s): C:\pagefile.sys 765 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.63 Gb Total Space | 4.80 Gb Free Space | 25.77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BAKOCATER
Current User Name: bakocatering
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2004/09/07 14:08:02 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
PRC - [2007/06/13 03:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/02/27 21:54:41 | 00,636,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2004/08/04 05:00:00 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
PRC - [2009/08/25 19:31:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/08/16 04:58:05 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Stopped])
SRV - [2007/06/28 14:54:44 | 00,151,552 | ---- | M] (SprintNextel) -- C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe -- (Access Utility Service [Auto | Stopped])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/11/10 17:43:12 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
SRV - [2004/11/01 09:50:00 | 00,106,496 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\pcAnywhere\awhost32.exe -- (awhost32 [Auto | Stopped])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/12/01 12:30:14 | 00,014,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe -- (EngineServer [Auto | Stopped])
SRV - [2004/09/07 14:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Stopped])
SRV - [2009/05/20 08:47:43 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2004/08/04 05:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/03/07 16:04:10 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Stopped])
SRV - [2007/11/06 21:16:54 | 00,139,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Stopped])
SRV - [2007/10/14 21:15:52 | 00,663,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL -- (HPSLPSVC [Auto | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2007/12/01 12:31:34 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe -- (McShield [On_Demand | Stopped])
SRV - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Stopped])
SRV - [2008/05/02 00:39:14 | 00,169,280 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (myAgtSvc [Auto | Stopped])
SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Stopped])
SRV - [2006/10/13 05:35:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwwks.dll -- (NWCWorkstation [Auto | Stopped])
SRV - [2004/08/04 05:00:00 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxsap.dll -- (NwSapAgent [Auto | Stopped])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2004/09/07 14:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Stopped])
SRV - [2004/09/07 14:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Stopped])
SRV - [2008/02/20 13:59:02 | 00,069,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\Agent\swAgent.exe -- (SWAGENT [Auto | Stopped])
SRV - [2006/07/29 17:34:38 | 00,117,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.dll -- (usnsvc [On_Demand | Stopped])
SRV - [2004/09/07 14:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- (WLANKEEPER [Auto | Stopped])
SRV - [2004/06/25 16:15:54 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\wltrysvc.exe -- (WLTRYSVC [Auto | Stopped])
SRV - [2006/10/18 18:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2007/03/05 09:08:41 | 00,017,056 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Stopped])
DRV - [2005/11/10 17:49:24 | 01,406,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
DRV - [2004/03/05 10:52:22 | 00,008,368 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\awechomd.sys -- (awecho [System | Stopped])
DRV - [2003/11/17 16:06:48 | 00,011,165 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\awlegacy.sys -- (awlegacy [System | Stopped])
DRV - [2003/10/23 08:32:20 | 00,016,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\aw_host5.sys -- (AW_HOST [System | Stopped])
DRV - [2003/05/21 16:47:12 | 00,175,360 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Stopped])
DRV - [2004/06/25 16:15:50 | 00,315,392 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Stopped])
DRV - [2006/01/18 06:44:46 | 00,053,248 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\Drivers\BrSerIf.sys -- (BrSerIf [On_Demand | Stopped])
DRV - [2006/01/18 20:17:38 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\Drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2003/08/21 14:46:42 | 00,140,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2004/12/12 07:55:22 | 00,017,636 | R--- | M] (SHARP ECR) -- C:\WINDOWS\System32\drivers\ecrdrv.sys -- (ECRDRV [On_Demand | Stopped])
DRV - [2003/04/21 11:00:32 | 00,013,898 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\GERNUWA.sys -- (Gernuwa [Boot | Running])
DRV - [2007/01/17 09:37:17 | 00,049,920 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2007/01/17 09:37:18 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2007/01/17 09:37:19 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2005/05/03 13:08:50 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys -- (HSFHWICH [On_Demand | Stopped])
DRV - [2004/06/17 13:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Stopped])
DRV - [2005/05/03 13:09:28 | 01,033,728 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.SYS -- (HSF_DPV [On_Demand | Stopped])
DRV - [2005/09/20 09:00:54 | 01,302,332 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2004/08/12 06:44:04 | 00,234,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\iwca.sys -- (IWCA [On_Demand | Running])
DRV - [2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Stopped])
DRV - [2006/12/26 14:58:02 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -- (MDC8021X [Auto | Stopped])
DRV - [2004/03/17 10:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Stopped])
DRV - [2007/12/01 12:32:00 | 00,079,304 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\MfeAVFK.sys -- (MfeAVFK [On_Demand | Stopped])
DRV - [2007/12/01 12:32:06 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\MfeBOPK.sys -- (MfeBOPK [On_Demand | Stopped])
DRV - [2007/12/01 12:32:26 | 00,201,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys -- (mfehidk [System | Stopped])
DRV - [2007/12/01 12:32:54 | 00,033,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\MfeRKDK.sys -- (MfeRKDK [On_Demand | Stopped])
DRV - [2007/12/01 12:33:14 | 00,055,016 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdik.sys -- (mfetdik [System | Running])
DRV - [2003/10/10 11:23:48 | 00,032,640 | ---- | M] (Cypress Semiconductor) -- C:\WINDOWS\System32\DRIVERS\MXOFX.SYS -- (MXOFX [On_Demand | Stopped])
DRV - [2004/08/09 17:49:40 | 00,014,592 | ---- | M] (Maxtor Corp.) -- C:\WINDOWS\System32\DRIVERS\mxopswd.sys -- (MXOPSWD [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx [Auto | Stopped])
DRV - [2004/08/04 05:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\nwlnknb.sys -- (NwlnkNb [Auto | Stopped])
DRV - [2004/08/04 05:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys -- (NwlnkSpx [Auto | Stopped])
DRV - [2006/10/13 03:23:15 | 00,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\nwrdr.sys -- (NWRDR [On_Demand | Stopped])
DRV - [2005/04/21 19:58:38 | 00,092,550 | ---- | M] (O2Micro) -- C:\WINDOWS\System32\DRIVERS\ozscr.sys -- (O2SCBUS [On_Demand | Stopped])
DRV - [2001/08/22 06:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI [System | Stopped])
DRV - [2005/04/21 19:58:38 | 00,092,550 | ---- | M] (O2Micro) -- C:\WINDOWS\System32\DRIVERS\ozscr.sys -- (OZSCR [On_Demand | Stopped])
DRV - [2006/11/08 00:02:34 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\point32.sys -- (Point32 [On_Demand | Running])
DRV - [2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006/10/18 04:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/06/30 16:10:56 | 00,026,752 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\System32\DRIVERS\RimSerial.sys -- (RimSerPort [On_Demand | Stopped])
DRV - [2006/05/08 12:09:00 | 00,026,008 | R--- | M] (Research In Motion Limited) -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2006/06/30 16:10:56 | 00,026,752 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\System32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2004/08/31 06:53:04 | 00,011,354 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans [Auto | Stopped])
DRV - [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/09/15 17:53:06 | 00,263,608 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\stac97.sys -- (STAC97 [On_Demand | Stopped])
DRV - [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\serscan.sys -- (StillCam [On_Demand | Stopped])
DRV - [2006/12/26 15:22:38 | 00,104,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent [On_Demand | Stopped])
DRV - [2008/06/20 02:52:06 | 00,225,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys -- (Tcpip6 [System | Running])
DRV - [2004/10/21 13:56:04 | 03,210,496 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\w29n51.sys -- (w29n51 [On_Demand | Running])
DRV - [2005/05/03 13:08:44 | 00,705,408 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Stopped])
DRV - [2005/06/20 09:37:26 | 00,278,016 | ---- | M] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\DRIVERS\zd1211u.sys -- (ZD1211U(ZyDAS) [On_Demand | Stopped])
DRV - [2004/01/14 11:30:00 | 00,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\ZDPNDIS5.SYS -- (ZDPNDIS5 [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-507921405-1677128483-854245398-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-507921405-1677128483-854245398-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-507921405-1677128483-854245398-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\S-1-5-21-507921405-1677128483-854245398-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-507921405-1677128483-854245398-1010\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/.../search/ie.html
IE - HKU\S-1-5-21-507921405-1677128483-854245398-1010\S-1-5-21-507921405-1677128483-854245398-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (319159 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 2464 more lines...
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-507921405-1677128483-854245398-1010\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE (Cypress Semiconductor)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_16\bin\jusched.exe ()
O4 - HKU\S-1-5-21-507921405-1677128483-854245398-1010..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1677128483-854245398-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 60 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 60 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 60 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 92 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 92 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} http://vs.mcafeeasap.com/SW/ENU/VS40/bin/m...60504183849.cab (SecureObjectFactory Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1167175359711 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://games2.gamefools.com/onlinegames/Ya...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab (DownloadManager Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.0.0812.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.0.0812.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.7.0.566.dll (McAfee, Inc.)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\PCANotify: DllName - PCANotify.dll - C:\WINDOWS\System32\PCANotify.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/26 14:32:23 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/25 19:31:39 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009/08/25 19:18:02 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\TEMP\My Documents\OTL.exe
[2009/08/24 21:29:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Desktop\lspfix
[2009/08/23 22:52:56 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\TEMP\Desktop\dds.scr
[2009/08/23 21:53:16 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\TEMP\Desktop\RootRepeal.exe
[2009/08/23 21:35:57 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\TEMP\Desktop\HijackThis.lnk
[2009/08/23 21:35:50 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/23 21:26:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Desktop\ProcessExplorer
[2009/08/23 21:26:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Malwarebytes
[2009/08/23 21:25:59 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/23 21:25:56 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/23 21:25:54 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/23 21:25:54 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/23 21:25:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/08/22 22:54:27 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\TEMP\Desktop\CCleaner.lnk
[2009/08/22 22:52:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/22 19:45:12 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/22 00:16:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\My Documents\SnagIt Catalog
[2009/08/22 00:15:41 | 00,083,728 | ---- | C] () -- C:\Documents and Settings\TEMP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/22 00:01:21 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\TEMP\Desktop\Draft Dominator.lnk
[2009/08/22 00:01:19 | 00,451,760 | ---- | C] (FarPoint Technologies, Inc.) -- C:\WINDOWS\System32\Tab32x30.ocx
[2009/08/22 00:01:19 | 00,228,864 | ---- | C] () -- C:\WINDOWS\System32\xl5en32.olb
[2009/08/22 00:01:19 | 00,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2009/08/22 00:01:18 | 01,353,360 | ---- | C] (FarPoint Technologies, Inc.) -- C:\WINDOWS\System32\fpSpr60.ocx
[2009/08/22 00:01:16 | 00,000,000 | ---D | C] -- C:\Program Files\DraftDominator
[2009/08/15 20:42:27 | 00,000,745 | ---- | C] () -- C:\Documents and Settings\TEMP\Desktop\Shortcut to iexplore.lnk
[2009/08/15 20:35:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Macromedia
[2009/08/15 20:35:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Adobe
[2009/08/15 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Yahoo!
[2009/08/15 20:21:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\My Documents\My Received Files
[2009/08/15 20:20:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Local Settings\Application Data\Adobe
[2009/08/15 18:27:26 | 00,594,832 | -H-- | C] () -- C:\Documents and Settings\TEMP\Local Settings\Application Data\IconCache.db
[2009/08/15 17:32:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\HPAppData
[2009/08/15 17:31:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Local Settings\Application Data\Google
[2009/08/15 17:17:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Identities
[2009/08/12 01:42:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Intel
[2009/08/12 01:29:25 | 00,000,000 | --SD | C] -- C:\Documents and Settings\TEMP\Application Data\Microsoft
[2009/08/12 01:29:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Local Settings\Application Data\Microsoft
[2009/08/12 01:29:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\TEMP\My Documents\My Pictures
[2009/08/12 01:29:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\TEMP\My Documents\My Music
[2009/08/12 01:12:15 | 00,000,093 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/08/11 18:47:32 | 00,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2009/08/11 18:47:31 | 00,000,000 | ---D | C] -- C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2009/08/11 18:47:31 | 00,000,000 | ---D | C] -- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2009/08/11 18:47:31 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2008/07/25 12:27:42 | 00,000,136 | ---- | C] () -- C:\WINDOWS\PAFMGR.INI
[2008/01/21 14:37:17 | 00,000,184 | ---- | C] () -- C:\WINDOWS\MML_PRT.INI
[2007/10/30 09:03:57 | 00,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/10/24 01:47:38 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\mscories.dll
[2007/09/23 19:30:22 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/09/23 17:26:16 | 00,000,070 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2007/09/23 11:30:26 | 00,000,303 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2007/04/03 09:35:22 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\Installrt2500qa.dll
[2007/04/03 09:35:21 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2007/03/18 06:30:21 | 00,000,232 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2007/03/05 14:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/03/05 11:36:23 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007/03/05 08:35:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\igfxexps.dll
[2006/12/26 15:20:19 | 00,000,492 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/26 14:28:53 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\icwdial.dll
[2006/12/26 14:26:45 | 00,087,176 | ---- | C] () -- C:\WINDOWS\System32\rdpwsx.dll
[2006/04/12 17:04:39 | 00,049,920 | R--- | C] () -- C:\WINDOWS\System32\drivers\HPZid412.sys
[2004/08/12 06:44:10 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/04 05:00:00 | 00,397,824 | ---- | C] () -- C:\WINDOWS\System32\regwizc.dll
[2004/08/04 05:00:00 | 00,285,696 | ---- | C] () -- C:\WINDOWS\System32\objsel.dll
[2004/08/04 05:00:00 | 00,204,288 | ---- | C] () -- C:\WINDOWS\System32\mswebdvd.dll
[2004/08/04 05:00:00 | 00,180,800 | ---- | C] () -- C:\WINDOWS\System32\sqlunirl.dll
[2004/08/04 05:00:00 | 00,154,112 | ---- | C] () -- C:\WINDOWS\System32\ipmontr.dll
[2004/08/04 05:00:00 | 00,135,680 | ---- | C] () -- C:\WINDOWS\System32\webvw.dll
[2004/08/04 05:00:00 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\wshbth.dll
[2004/08/04 05:00:00 | 00,101,888 | ---- | C] () -- C:\WINDOWS\System32\gpkcsp.dll
[2004/08/04 05:00:00 | 00,076,800 | ---- | C] () -- C:\WINDOWS\System32\gcdef.dll
[2004/08/04 05:00:00 | 00,020,510 | ---- | C] () -- C:\WINDOWS\System32\odfox32.dll
[2004/08/04 05:00:00 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\kbdno1.dll
[2004/08/04 05:00:00 | 00,000,674 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 05:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/01/07 11:21:24 | 00,245,408 | ---- | C] () -- C:\WINDOWS\System32\unicows.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 04:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Files - Modified Within 30 Days ==========

[11 C:\WINDOWS\System32\*.tmp files]
[42 C:\WINDOWS\*.tmp files]
[2009/08/25 19:31:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009/08/25 19:18:04 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TEMP\My Documents\OTL.exe
[2009/08/25 19:06:07 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/25 18:45:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/25 17:00:07 | 00,000,452 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/08/25 09:31:12 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/08/25 09:31:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/24 23:40:42 | 00,594,832 | -H-- | M] () -- C:\Documents and Settings\TEMP\Local Settings\Application Data\IconCache.db
[2009/08/23 22:52:58 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\TEMP\Desktop\dds.scr
[2009/08/23 21:53:17 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\TEMP\Desktop\RootRepeal.exe
[2009/08/23 21:35:57 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\TEMP\Desktop\HijackThis.lnk
[2009/08/23 21:25:59 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/22 22:54:37 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\TEMP\Desktop\CCleaner.lnk
[2009/08/22 19:45:12 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/22 00:16:17 | 00,391,603 | ---- | M] () -- C:\WINDOWS\System32\SNAGIT7
[2009/08/22 00:15:41 | 00,083,728 | ---- | M] () -- C:\Documents and Settings\TEMP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/22 00:01:21 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\TEMP\Desktop\Draft Dominator.lnk
[2009/08/21 23:39:24 | 00,000,386 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2009/08/20 09:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\tasks\rpc.job
[2009/08/19 18:00:14 | 00,000,488 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for bakocatering.job
[2009/08/17 08:00:15 | 00,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/08/17 08:00:05 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/08/16 22:18:50 | 00,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/08/16 22:18:49 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/08/15 20:42:27 | 00,000,745 | ---- | M] () -- C:\Documents and Settings\TEMP\Desktop\Shortcut to iexplore.lnk
[2009/08/15 20:34:10 | 00,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/08/15 20:34:10 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/08/15 19:56:28 | 00,000,674 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/08/15 19:56:28 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/08/15 19:56:28 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/08/12 01:12:15 | 00,000,093 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/08/11 19:06:03 | 00,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/08/11 19:06:02 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/08/11 17:42:00 | 00,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/08/11 17:42:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/08/10 16:12:40 | 00,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/08/10 16:12:36 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/08/09 20:45:18 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/08/09 14:05:58 | 00,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/08/09 14:05:58 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/08/05 09:02:20 | 00,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/08/05 09:02:18 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/08/04 16:43:47 | 00,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/08/04 16:43:47 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/02 18:32:31 | 00,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/08/02 18:32:31 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/08/02 13:09:15 | 00,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/08/02 13:09:10 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/08/02 11:55:20 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/08/02 11:55:20 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/07/31 09:44:52 | 00,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/07/31 09:44:52 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/07/30 06:07:58 | 00,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/07/30 06:07:58 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/07/29 15:37:25 | 00,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/07/29 15:37:25 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/07/29 15:30:35 | 00,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/07/29 15:30:34 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/07/29 11:52:28 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/07/29 11:52:28 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/07/28 05:23:37 | 00,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/07/28 05:23:37 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/07/26 21:36:56 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
< End of report >

Sam responded with

do see something that seems to indicate a hardware issue though.

8/23/2009 1:14:43 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

Now I'm not a hardware guy, but I did a little research and it seems this error can indicate anything from a failing power source, a bad connector, or even a failing hard drive. At this point I'd like to refer you to the hardware forum where they will be much more qualified to troubleshoot your issues.


I'm way out of my element here. Any help would be appreciated.
Thanks in advance

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,874 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:05 AM

Posted 27 August 2009 - 12:50 PM

Hi :thumbsup:.

The device, \Device\Ide\IdePort0, did not respond within the timeout period.

That IDE0 indicated above...should be the hard drive on which XP is installed.

There are many possible reasons for this error message, you can take a look at some interpretations that others have given: http://www.eventid.net/display.asp?eventid...api&phase=1

My approach is...if it's a one-time thing, I run chkdsk /r and check my hard drive connections. These can become loosened and when that happens, such an error message as reflected can occur on a random basis.

But, if I have a series (more than one) of these types of errors reflected in Event Viewer, I download a diagnostic from the website of the hard drive manufacturer and run the long/extended test on the drive in question.

Hard Drive Installation and Diagnostic Tools - http://www.bleepingcomputer.com/forums/t/28744/hard-drive-installation-and-diagnostic-tools/

If I received a similar message from an optical drive...I would just interpret it to mean that the drive had difficulty reading the CD/DVD inserted.

The diagnostic will run from CD or floppy (some still use such) after you have changed the boot order in the BIOS so that the optical drive is the first boot device, rather than the hard drive.

Louis

#3 trystero4

trystero4
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 28 August 2009 - 12:29 AM

Hi :thumbsup:.

The device, \Device\Ide\IdePort0, did not respond within the timeout period.

That IDE0 indicated above...should be the hard drive on which XP is installed.

There are many possible reasons for this error message, you can take a look at some interpretations that others have given: http://www.eventid.net/display.asp?eventid...api&phase=1

My approach is...if it's a one-time thing, I run chkdsk /r and check my hard drive connections. These can become loosened and when that happens, such an error message as reflected can occur on a random basis.

But, if I have a series (more than one) of these types of errors reflected in Event Viewer, I download a diagnostic from the website of the hard drive manufacturer and run the long/extended test on the drive in question.

Hard Drive Installation and Diagnostic Tools - http://www.bleepingcomputer.com/forums/t/28744/hard-drive-installation-and-diagnostic-tools/

If I received a similar message from an optical drive...I would just interpret it to mean that the drive had difficulty reading the CD/DVD inserted.

The diagnostic will run from CD or floppy (some still use such) after you have changed the boot order in the BIOS so that the optical drive is the first boot device, rather than the hard drive.

Louis


chkdsk will not run at command prompt. If I try it from MyComputer/C/properties etc I get an error message saying 'windows cannot complete disk check' after about 2 seconds.

I went to the link you provided and checked the Hitachi HD diagnostics. Can't run it without a floppy. Guess I'm screwed.

#4 syscorpsecure

syscorpsecure

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 28 August 2009 - 01:13 AM

You've got a problem with a lack of free hard drive space:

18.63Gb Total
4.80Gb Free
1.21Gb of Free Space in paging file

Second problem:

Turn off Power Management for each profile. Dont let the system put your hard drive to sleep.

You only have 25 percent of your hard drive available. Windows tends to go haywire when free space goes below 6 GB. Try freeing up some hard drive space and let me know how things go.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users