Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ultra slow computer


  • This topic is locked This topic is locked
13 replies to this topic

#1 Senteami1

Senteami1

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 10 June 2011 - 03:57 PM

Received computer from a friend. Computer is used, 5-6 years old, Sony VAIO laptop Windows XP. My friend used it to play games and store oodles of pictures. She never cared for it's health/had never made a scan, etc.

When computer got too slow, she just bought another one.

DDS.txt LOG:


DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by Anne E. Crews at 13:31:52 on 2011-06-10
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.50 [GMT -5:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\Logitech Vid\vid.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.sony.com/vaiopeople
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
uRun: [Logitech Vid] "c:\program files\logitech\logitech vid\vid.exe" -bootmode
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [CreateCD_Reminder] c:\windows\sonysys\vaio recovery\reminder.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [HKSERV.EXE] c:\program files\sony\hotkey utility\HKserv.exe
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\docume~1\annee~1.cre\startm~1\programs\startup\LOGITE~1.LNK -
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 76.164.186.221 76.164.186.222
TCP: Interfaces\{75568FB5-E160-46AE-9B44-3FDD8EF2BDFC} : DhcpNameServer = 76.164.186.221 76.164.186.222
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\anne e. crews\application data\mozilla\firefox\profiles\fkxwhnkq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-15 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-15 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-15 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-15 61960]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-25 136176]
S3 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\program files\common files\sony shared\vaio entertainment\vzcdb\VzFw.exe [2011-5-15 118877]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\program files\common files\sony shared\vaio entertainment\vcsw\vcsw.exe -runbyscm --> c:\program files\common files\sony shared\vaio entertainment\vcsw\VCSW.exe -RunBySCM [?]
.
=============== Created Last 30 ================
.
2011-06-10 17:57:59 -------- d-----w- c:\documents and settings\all users\application data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-10 17:44:55 -------- d-----w- c:\documents and settings\anne e. crews\application data\Uniblue
2011-06-10 17:43:58 -------- d-----w- c:\program files\Uniblue
2011-06-10 17:41:51 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\PackageAware
2011-06-10 14:03:08 -------- d-----w- c:\documents and settings\anne e. crews\application data\SUPERAntiSpyware.com
2011-06-10 14:03:08 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-06-10 14:00:53 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-06-10 13:11:19 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a1bb7c09-27b8-426f-bd00-dfa9e2e3f540}\mpengine.dll
2011-06-04 22:37:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-04 22:37:57 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-03 07:17:49 -------- d-----w- C:\7eedd29bd6ffe22b98786f93fc4340
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-06-01 18:08:59 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-06-01 18:08:59 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-06-01 18:04:00 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\Apple
2011-06-01 18:02:59 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\Apple Computer
2011-05-30 19:09:36 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\WMTools Downloaded Files
2011-05-21 18:09:26 -------- d-----w- c:\windows\pss
2011-05-21 17:56:17 -------- d-----w- c:\documents and settings\anne e. crews\application data\DriverCure
2011-05-21 17:56:15 -------- d-----w- c:\documents and settings\anne e. crews\application data\ParetoLogic
2011-05-21 17:54:04 -------- d-----w- c:\program files\ParetoLogic
2011-05-21 17:54:04 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic
2011-05-18 12:23:33 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\Temp
2011-05-18 02:57:18 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-05-18 02:55:56 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-05-18 02:32:52 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
2011-05-18 02:32:51 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-05-18 02:32:01 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-05-18 02:30:26 -------- d-----w- c:\windows\system32\Adobe
2011-05-18 02:26:06 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-05-18 01:59:05 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-05-18 01:35:52 -------- d-----w- c:\program files\common files\HP
2011-05-18 01:27:04 -------- d-----w- c:\program files\common files\Hewlett-Packard
2011-05-18 01:16:47 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2011-05-18 01:16:39 51120 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2011-05-18 01:15:36 21744 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2011-05-18 01:14:54 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2011-05-18 01:14:54 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-05-18 01:12:53 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2011-05-18 01:12:53 73728 ----a-w- c:\windows\system32\HPZipm12.exe
2011-05-18 01:12:53 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2011-05-18 01:12:53 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2011-05-18 01:12:53 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2011-05-18 01:12:52 278584 ----a-w- c:\windows\system32\HPZidr12.dll
2011-05-18 01:09:41 -------- d-----w- c:\program files\HP
2011-05-18 01:09:23 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-05-18 01:09:23 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-05-18 01:09:02 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-05-18 01:09:02 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-18 00:49:04 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-05-18 00:46:36 -------- d-----w- c:\windows\SHELLNEW
2011-05-18 00:16:12 -------- d-----w- c:\windows\system32\scripting
2011-05-18 00:16:09 -------- d-----w- c:\windows\l2schemas
2011-05-18 00:16:08 -------- d-----w- c:\windows\system32\en
2011-05-18 00:16:08 -------- d-----w- c:\windows\system32\bits
2011-05-18 00:09:38 -------- d-----w- c:\windows\network diagnostic
2011-05-18 00:04:45 -------- d-----w- c:\windows\EHome
2011-05-18 00:02:58 1857920 -c----w- c:\windows\system32\dllcache\win32k.sys
2011-05-17 23:49:40 -------- d-sh--w- c:\documents and settings\anne e. crews\IETldCache
2011-05-17 23:43:54 -------- d-----w- c:\windows\ie8updates
2011-05-17 23:43:15 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-05-17 23:43:11 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-17 23:43:10 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-17 23:43:10 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-17 23:43:10 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-05-17 23:43:09 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-17 23:43:09 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-05-17 23:36:00 -------- dc-h--w- c:\windows\ie8
2011-05-16 13:30:04 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-05-16 13:21:39 -------- d-----w- c:\windows\ServicePackFiles
2011-05-16 13:17:11 -------- d-----w- c:\program files\MSXML 4.0
2011-05-16 03:36:06 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2011-05-16 03:36:05 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2011-05-16 03:36:05 11935 ------w- c:\windows\system32\drivers\wadv11nt.sys
2011-05-16 03:36:04 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2011-05-16 03:36:04 11807 ------w- c:\windows\system32\drivers\wadv07nt.sys
2011-05-16 03:36:04 11295 ------w- c:\windows\system32\drivers\wadv08nt.sys
2011-05-16 03:34:51 884712 ------w- c:\program files\msn\msncorefiles\install\msn9components\digcore.exe
2011-05-16 03:13:10 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-05-16 03:13:00 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-16 02:47:27 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2011-05-16 02:45:34 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-05-16 02:45:34 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-05-16 02:39:38 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-05-16 02:38:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-05-16 02:38:34 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-05-16 02:37:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-05-16 02:37:14 357888 -c----w- c:\windows\system32\dllcache\srv.sys
2011-05-16 02:35:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-05-16 02:34:40 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-05-16 02:32:01 455936 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-05-16 02:31:07 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2011-05-16 02:30:57 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-05-16 02:29:06 35328 -c----w- c:\windows\system32\dllcache\sc.exe
2011-05-16 02:29:06 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-05-16 02:29:05 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-05-16 02:29:04 110592 -c----w- c:\windows\system32\dllcache\services.exe
2011-05-16 02:29:03 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-05-16 02:29:02 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-05-16 02:29:01 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-05-16 02:29:00 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2011-05-16 02:28:58 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-05-16 02:28:58 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-05-16 02:28:49 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-05-16 02:28:39 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-05-16 02:28:27 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-05-16 02:24:57 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-05-16 02:22:22 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-05-16 02:20:08 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-05-16 02:10:23 -------- d-----w- c:\documents and settings\all users\application data\Skype Extras
2011-05-16 01:56:05 -------- d-----r- c:\program files\Skype
2011-05-16 01:56:01 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-05-16 01:55:29 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-05-16 01:39:59 -------- d-----w- c:\windows\system32\PreInstall
2011-05-16 01:39:44 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2011-05-16 01:39:14 -------- d--h--w- c:\windows\$hf_mig$
2011-05-16 01:27:47 -------- d-----w- c:\documents and settings\anne e. crews\application data\Malwarebytes
2011-05-16 01:26:52 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-16 01:26:09 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-05-16 01:25:51 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-16 01:25:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-16 01:18:59 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\LogiShrd
2011-05-16 01:15:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-05-16 01:15:53 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-05-16 00:56:48 5504 ----a-w- c:\windows\system32\drivers\mstee.sys
2011-05-16 00:55:57 -------- d-----w- c:\windows\system32\NtmsData
2011-05-16 00:54:31 10880 ----a-w- c:\windows\system32\drivers\ndisip.sys
2011-05-16 00:54:25 15232 ----a-w- c:\windows\system32\drivers\streamip.sys
2011-05-16 00:54:24 16384 ----a-w- c:\windows\system32\ipsink.ax
2011-05-16 00:54:17 11136 ----a-w- c:\windows\system32\drivers\slip.sys
2011-05-16 00:54:09 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys
2011-05-16 00:53:53 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys
2011-05-16 00:53:38 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys
2011-05-16 00:50:25 -------- d-----w- c:\documents and settings\anne e. crews\application data\Avira
2011-05-16 00:47:45 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2011-05-16 00:47:45 28672 ----a-w- c:\windows\system32\vidcap.ax
2011-05-16 00:47:44 61952 ----a-w- c:\windows\system32\kstvtune.ax
2011-05-16 00:47:44 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2011-05-16 00:47:40 43008 ----a-w- c:\windows\system32\ksxbar.ax
2011-05-16 00:34:24 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\Adobe
2011-05-16 00:33:00 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\ApplicationHistory
2011-05-16 00:11:36 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-05-16 00:11:31 -------- d-----w- c:\program files\Avira
2011-05-16 00:11:31 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-05-16 00:08:16 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-15 23:47:25 -------- d-----w- c:\program files\High-Speed Options
2011-05-15 23:47:25 -------- d-----w- c:\program files\common files\FTL Shared
2011-05-15 23:46:59 658033 ----a-w- c:\program files\online services\netscape online setup\NSSetup_SonyOEM.exe
2011-05-15 23:46:59 128608 ----a-w- c:\program files\online services\netscape online setup\Unwise.exe
2011-05-15 23:46:28 -------- d-----w- c:\program files\Viewpoint
2011-05-15 23:46:27 90832 ----a-w- c:\windows\NSUninst.exe
2011-05-15 23:43:49 180736 ----a-w- c:\windows\system32\Sony XBRITE.scr
2011-05-15 23:42:38 18944 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2011-05-15 23:42:38 17920 ----a-w- c:\windows\system32\mdimon.dll
2011-05-15 23:35:21 -------- d-sh--w- c:\documents and settings\anne e. crews\UserData
2011-05-15 23:32:11 -------- d-----w- c:\documents and settings\all users\application data\VAIO Media Platform
2011-05-15 23:32:04 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-05-15 23:32:04 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-05-15 23:32:04 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-05-15 23:32:04 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-05-15 23:32:04 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-05-15 23:32:04 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-05-15 23:32:04 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-05-15 23:32:04 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-05-15 23:29:32 2981888 ----a-w- c:\windows\system32\iplw7.dll
2011-05-15 23:29:29 2785280 ----a-w- c:\windows\system32\iplm6.dll
2011-05-15 23:29:29 2531328 ----a-w- c:\windows\system32\iplp6.dll
2011-05-15 23:29:29 2502656 ----a-w- c:\windows\system32\iplpx.dll
2011-05-15 23:29:28 53248 ----a-w- c:\windows\system32\ipl.dll
2011-05-15 23:29:28 2973696 ----a-w- c:\windows\system32\ipla6.dll
2011-05-15 23:29:28 2686976 ----a-w- c:\windows\system32\iplm5.dll
2011-05-15 23:29:28 19968 ----a-w- c:\windows\system32\Cpuinf32.dll
2011-05-15 23:26:35 757760 ----a-w- c:\windows\system32\CDDBUI.dll
2011-05-15 23:26:35 630784 ----a-w- c:\windows\system32\CDDBControl.dll
2011-05-15 23:24:56 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2011-05-15 23:24:56 20480 ----a-w- c:\windows\system32\IVIresize.dll
2011-05-15 23:24:56 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2011-05-15 23:24:56 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2011-05-15 23:24:56 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2011-05-15 23:24:56 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2011-05-15 23:24:47 -------- d-----w- c:\program files\InterVideo
2011-05-15 23:20:33 -------- d-----w- c:\windows\system32\SoftwareDistribution
.
==================== Find3M ====================
.
.
============= FINISH: 13:35:28.55 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:01:38 AM

Posted 18 June 2011 - 09:36 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Shannon

#3 Senteami1

Senteami1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 20 June 2011 - 08:41 AM

Hi, thanks for replying.

Computer still slow. Downloaded superantispyware free edition and scanned. But did not help. Computer still slow. Flushed superantispyware.

Not much done since that. Nothing noteworthy.

Pages take forever to load, sometimes I am taken to another tab without clicking on it. Many times it says "not responding".

Here is the DDS.txt log: :-)
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\anne e. crews\application data\mozilla\firefox\profiles\fkxwhnkq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R? gupdate;Google Update Service (gupdate)
R? VAIO Entertainment File Import Service;VAIO Entertainment File Import Service
R? VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter
S? AntiVirSchedulerService;Avira AntiVir Scheduler
S? AntiVirService;Avira AntiVir Guard
S? avgio;avgio
S? avgntflt;avgntflt
S? WinDefend;Windows Defender
.
=============== Created Last 30 ================
.
2011-06-19 13:57:11 -------- d-----w- C:\cff84149c34a270e7f1115edbafe321c
2011-06-18 22:54:52 -------- d-----w- c:\program files\common files\xing shared
2011-06-18 21:48:48 -------- d-----w- c:\documents and settings\all users\application data\YouTube Downloader
2011-06-18 21:48:21 -------- d-----w- c:\program files\YouTube Downloader
2011-06-18 00:40:35 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-06-18 00:13:58 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2011-06-18 00:08:45 -------- d-----w- c:\documents and settings\all users\application data\Research In Motion
2011-06-18 00:07:13 -------- d-----w- c:\program files\Research In Motion
2011-06-18 00:07:13 -------- d-----w- c:\program files\common files\Research In Motion
2011-06-17 23:39:06 -------- d-----w- c:\windows\system32\XPSViewer
2011-06-17 23:35:30 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-06-17 23:31:20 117760 ------w- c:\windows\system32\prntvpt.dll
2011-06-17 23:31:19 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-06-17 23:31:18 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-06-17 23:31:18 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-06-17 23:31:17 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-06-17 23:31:17 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-06-17 23:31:14 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-06-17 23:31:14 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-06-17 23:31:08 -------- d-----w- C:\87851f1473a1bf3795b1ec225be69bb7
2011-06-17 13:05:18 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9d4eac86-498d-49ca-b52b-032182b0ee27}\mpengine.dll
2011-06-16 19:46:29 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-06-13 17:04:59 -------- d-----w- c:\program files\Registry Easy
2011-06-10 17:57:59 -------- d-----w- c:\documents and settings\all users\application data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-10 17:44:55 -------- d-----w- c:\documents and settings\anne e. crews\application data\Uniblue
2011-06-10 17:43:58 -------- d-----w- c:\program files\Uniblue
2011-06-10 17:41:51 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\PackageAware
2011-06-10 14:03:08 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-06-06 17:55:30 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-06-04 22:37:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-04 22:37:57 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-03 07:17:49 -------- d-----w- C:\7eedd29bd6ffe22b98786f93fc4340
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-06-01 18:09:00 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-06-01 18:08:59 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-06-01 18:08:59 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-06-01 18:04:00 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\Apple
2011-06-01 18:02:59 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\Apple Computer
2011-05-30 19:09:36 -------- d-----w- c:\documents and settings\anne e. crews\local settings\application data\WMTools Downloaded Files
2011-05-21 18:09:26 -------- d-----w- c:\windows\pss
2011-05-21 17:56:17 -------- d-----w- c:\documents and settings\anne e. crews\application data\DriverCure
2011-05-21 17:56:15 -------- d-----w- c:\documents and settings\anne e. crews\application data\ParetoLogic
2011-05-21 17:54:04 -------- d-----w- c:\program files\ParetoLogic
2011-05-21 17:54:04 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic
.
==================== Find3M ====================
.
2011-06-18 22:53:03 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-06-18 22:53:01 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-06-18 20:49:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-29 14:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 14:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-19 15:54:28 507904 ----a-r- c:\windows\system32\btwapi.dll
2011-05-15 23:46:27 90832 ----a-w- c:\windows\NSUninst.exe
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-01 22:07:59 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
============= FINISH: 7:52:50.64 ===============

Attach folder "attached"...


I must go go now! GMER scan still not complete. Will complete and try to post results today as well as following rest of instructions.

Attached Files



#4 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 21 June 2011 - 10:27 AM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth Code, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".



NEXT:


Running OTL

We need to create a FULL OTL Report
  • Please download OTL from here:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized

NEXT:


Please provide an update on how things are running in your next reply.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#5 Senteami1

Senteami1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 21 June 2011 - 04:35 PM

Thanks for replying. In the meantime computer CRASHED and I had to press the F10 key to revert it to factory origins. I still have some issues with it. It's a little bit faster but I would like you to still look at the scans.

Remember this computer was given to me by a friend who used it to STORE FAMILY PHOTOS and who never cared for the health of her computer. :-)Therefore I do not know "it's past" nor do I know whether pressing the F10 key removed all programs, including spyware, etc.

I have done the DDS.txt scan, the Attach.txt scan and the GMER scan which I posted here:

My link

#6 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 21 June 2011 - 04:42 PM

Okay. I'd still like to have you run the instructions in my previous post for Rootkit Unhooker and for OTL.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#7 Senteami1

Senteami1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 24 June 2011 - 11:00 AM

Rootkit unhooker (REPORT) (copied and pasted):

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xEE710000 C:\WINDOWS\system32\DRIVERS\LV302V32.SYS 2682880 bytes (Logitech Inc., Logitech Webcam Software Driver)
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2192768 bytes (Microsoft Corporation, NT Kernel & System)
0xBF081000 C:\WINDOWS\System32\ati3duag.dll 2158592 bytes (ATI Technologies Inc. , ati3duag.dll)
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF71EA000 C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 1044480 bytes (Conexant Systems, Inc., HSF_DP driver)
0xF7351000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 856064 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xF7143000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 684032 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xF7083000 C:\WINDOWS\system32\drivers\ALCXWDM.SYS 618496 bytes (Realtek Semiconductor Corp., Realtek AC'97 Audio Driver (WDM))
0xF74C2000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xBF290000 C:\WINDOWS\System32\ativvaxx.dll 520192 bytes (ATI Technologies Inc. , Radeon Video Acceleration Universal Driver)
0xEE6A0000 C:\WINDOWS\System32\Drivers\aswSnx.SYS 458752 bytes (AVAST Software, avast! Virtualization Driver)
0xEEA37000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6FFF000 C:\WINDOWS\system32\drivers\ALCXSENS.SYS 393216 bytes (Sensaura Ltd, Sensaura WDM 3D Audio Driver)
0xF6F74000 C:\WINDOWS\system32\DRIVERS\ExpasAG.sys 393216 bytes (Atheros Communications, Inc., Driver for Atheros AR5001 Wireless Network Adapter)
0xF6CB1000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xEEBBC000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xED902000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xEE99F000 C:\WINDOWS\System32\Drivers\aswSP.SYS 303104 bytes (AVAST Software, avast! self protection module)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xED5F1000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xBF049000 C:\WINDOWS\System32\ati2cqag.dll 229376 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 225280 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xF730C000 C:\WINDOWS\system32\DRIVERS\HSFHWALI.sys 200704 bytes (Conexant Systems, Inc., HSFHWALI WDM driver)
0xF75FE000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xEDA21000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7495000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xEEAA7000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xEEAF4000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xEEA11000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF705F000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6F50000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF72E9000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xEEAD2000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xF7578000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF75B0000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF75CF000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF747B000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF7598000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xEE660000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF6FE8000 C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 94208 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0xEE2D9000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF754F000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6F28000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xEDC84000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6FD4000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF733D000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0x806EF000 C:\WINDOWS\system32\hal.dll 81152 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xEEC15000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7566000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF75ED000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6F17000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF6F3F000 C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys 69632 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xF6D2F000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF78BD000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF788D000 C:\WINDOWS\system32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF765D000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF789D000 C:\WINDOWS\system32\drivers\tifmsony.sys 65536 bytes (Texas Instruments, tifmsony.sys)
0xF780D000 C:\WINDOWS\system32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xF786D000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF76CD000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xEDE89000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF77BD000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF766D000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF76AD000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF787D000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF76DD000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF768D000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF76FD000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF77ED000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF78AD000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF767D000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF76ED000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF77CD000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xF764D000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF773D000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF771D000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xED73A000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF769D000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF781D000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF785D000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF770D000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF77DD000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xF77FD000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF793D000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF79DD000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7965000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7A05000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF78CD000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF798D000 C:\WINDOWS\system32\DRIVERS\RimSerial.sys 28672 bytes (Research in Motion Ltd, RIM Virtual Serial Driver)
0xF7A0D000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF794D000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7945000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7955000 C:\WINDOWS\System32\Drivers\SonyNC.sys 24576 bytes (Sony Corporation, Sony Notebook Control driver)
0xF79CD000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF79E5000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xF79C5000 C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 20480 bytes (-, -)
0xF79D5000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF78D5000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7975000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF78DD000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7985000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF796D000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF795D000 C:\WINDOWS\system32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xF79B5000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7A6D000 atisgkaf.sys 16384 bytes (ATI Technologies Inc., ATI AGP GART Driver)
0xF7A65000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF7B2D000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF7B41000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xF7AE5000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7A69000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
0xEE638000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF7A5D000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF7A61000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF6F07000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7B09000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xEDB32000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12288 bytes (Conexant, Diagnostic Interface DRIVER)
0xF7B0D000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7B31000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7422000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7B51000 aliide.sys 8192 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0xF7B89000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7B5F000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7B87000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7B4D000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7B8B000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7B8D000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7B7D000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0xF7B81000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7B85000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7B4F000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D21000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7CFF000 C:\WINDOWS\system32\DRIVERS\DMICall.sys 4096 bytes (Sony Corporation, Windows 2000 DMI Call Kernel Driver)
0xF7D56000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7C86000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7C15000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
==============================================
>Stealth
==============================================

OTL.Txt:

OTL logfile created on: 6/24/2011 10:44:47 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Anne E. Crews\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.98 Mb Total Physical Memory | 118.66 Mb Available Physical Memory | 26.55% Memory free
1.03 Gb Paging File | 0.50 Gb Available in Paging File | 48.17% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.87 Gb Total Space | 38.39 Gb Free Space | 75.46% Space Free | Partition Type: NTFS

Computer Name: HERBIE153 | User Name: Anne E. Crews | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/24 10:42:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anne E. Crews\My Documents\Downloads\OTL.exe
PRC - [2011/06/15 23:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2004/06/29 23:45:12 | 000,180,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2004/06/29 16:49:34 | 000,122,880 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKServ.exe
PRC - [2004/06/26 16:48:42 | 000,389,120 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKWnd.exe
PRC - [2004/01/17 05:36:44 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
PRC - [2003/11/07 20:21:28 | 000,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2003/02/26 14:08:42 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe


========== Modules (SafeList) ==========

MOD - [2011/06/24 10:42:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anne E. Crews\My Documents\Downloads\OTL.exe
MOD - [2011/05/10 07:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008/04/13 19:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/07/09 17:28:14 | 001,826,816 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2004/07/08 21:27:20 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
SRV - [2004/07/08 21:26:54 | 000,118,877 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service)
SRV - [2004/07/08 21:19:04 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2004/07/08 21:17:54 | 000,278,528 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter)
SRV - [2004/06/22 11:58:14 | 000,733,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2004/06/22 11:58:14 | 000,733,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2004/06/16 03:42:34 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP)
SRV - [2004/06/16 03:42:34 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2004/06/16 03:41:06 | 000,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2003/10/30 12:48:10 | 001,286,144 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 07:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2005/01/28 13:44:28 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\blackbox.dll -- (BlackBox)
DRV - [2004/08/03 17:32:22 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2004/07/10 23:37:00 | 000,747,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/07/07 17:12:02 | 000,391,616 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS)
DRV - [2004/06/09 20:52:00 | 000,625,249 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/05/21 15:46:50 | 000,065,024 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2003/12/12 01:54:00 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/11 14:50:54 | 000,196,736 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2003/12/11 14:48:46 | 000,681,344 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/12/11 14:47:10 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/11/07 13:28:34 | 000,067,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2003/09/29 16:31:38 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/04/23 17:06:00 | 000,013,174 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2000/12/05 18:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 22:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3463466281-431222850-920315710-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3463466281-431222850-920315710-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-21-3463466281-431222850-920315710-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"

FF - HKLM\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/21 12:02:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/21 11:00:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/06/21 11:01:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anne E. Crews\Application Data\Mozilla\Extensions
[2011/06/22 09:03:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anne E. Crews\Application Data\Mozilla\Firefox\Profiles\qg176zx1.default\extensions
[2011/06/22 09:03:41 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\Anne E. Crews\Application Data\Mozilla\Firefox\Profiles\qg176zx1.default\extensions\firefox@ghostery.com
[2011/06/21 13:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/21 13:01:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNE E. CREWS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QG176ZX1.DEFAULT\EXTENSIONS\{1A0C9EBE-DDF9-4B76-B8A3-675C77874D37}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNE E. CREWS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QG176ZX1.DEFAULT\EXTENSIONS\{27C60876-B5C9-4335-B4F3-52B26782220C}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNE E. CREWS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QG176ZX1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNE E. CREWS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QG176ZX1.DEFAULT\EXTENSIONS\{DD3D7613-0246-469D-BC65-2A3CC1668ADC}.XPI
[2011/06/21 10:59:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/22 11:16:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/15 23:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-3463466281-431222850-920315710-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-3463466281-431222850-920315710-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-3463466281-431222850-920315710-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CreateCD_Reminder] C:\WINDOWS\SONYSYS\VAIO Recovery\Reminder.exe (Sony Electronics, Inc)
O4 - HKLM..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKServ.exe (Sony Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] File not found
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3463466281-431222850-920315710-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward &Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cac&hed Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Si&milar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 76.164.186.221 76.164.186.222
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\VAIO SLIT Pattern Wallpaper TrueColor 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO SLIT Pattern Wallpaper TrueColor 1280x800.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/13 20:23:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/24 08:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/06/23 15:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\Help
[2011/06/23 15:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Help
[2011/06/23 14:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\Temp
[2011/06/23 08:43:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/06/22 16:16:45 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2011/06/22 16:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BlackBerry
[2011/06/22 16:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/22 16:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2011/06/22 10:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Desktop\BleepingComputer
[2011/06/22 10:24:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/06/22 09:14:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/06/22 09:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/06/22 09:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2011/06/22 09:14:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/06/22 09:14:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/06/22 09:00:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/06/22 08:48:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/06/22 08:48:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/06/22 08:21:00 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/06/21 21:41:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Research In Motion
[2011/06/21 21:16:36 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2011/06/21 19:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/06/21 19:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/06/21 19:06:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/06/21 19:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/06/21 19:04:22 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/06/21 19:04:22 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/06/21 19:04:22 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/06/21 19:04:22 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/06/21 19:04:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/06/21 19:04:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/06/21 19:04:20 | 000,000,000 | ---D | C] -- C:\a7c7e11372cb121c531f5a7d1ec5803c
[2011/06/21 18:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011/06/21 17:32:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/06/21 17:27:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011/06/21 16:17:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/06/21 16:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/06/21 15:31:01 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011/06/21 15:31:01 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011/06/21 15:31:01 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011/06/21 15:31:01 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011/06/21 15:31:00 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011/06/21 15:31:00 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011/06/21 15:30:48 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011/06/21 15:30:48 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011/06/21 15:30:48 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011/06/21 15:30:48 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011/06/21 15:30:45 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011/06/21 15:30:43 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011/06/21 15:30:37 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011/06/21 15:30:34 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011/06/21 15:30:33 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011/06/21 15:30:33 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011/06/21 15:24:53 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011/06/21 15:24:53 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011/06/21 15:24:53 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011/06/21 15:24:53 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011/06/21 15:24:53 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011/06/21 15:24:53 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011/06/21 15:24:52 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011/06/21 15:24:52 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011/06/21 15:24:52 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011/06/21 15:24:52 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011/06/21 15:24:51 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011/06/21 15:24:51 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011/06/21 15:24:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011/06/21 15:24:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011/06/21 15:24:51 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011/06/21 15:24:50 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011/06/21 15:24:50 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011/06/21 15:24:50 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011/06/21 15:24:50 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011/06/21 15:24:50 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011/06/21 15:24:50 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011/06/21 14:45:19 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/06/21 14:44:46 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/06/21 14:43:12 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/06/21 14:42:49 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/06/21 14:41:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/06/21 14:41:48 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2011/06/21 14:41:13 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2011/06/21 14:41:11 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/06/21 14:41:10 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/06/21 14:41:08 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/06/21 14:39:06 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2011/06/21 14:34:02 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2011/06/21 14:33:54 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/06/21 14:31:21 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2011/06/21 14:30:33 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2011/06/21 14:30:25 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2011/06/21 14:25:34 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2011/06/21 14:22:17 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2011/06/21 13:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\AdobeUM
[2011/06/21 13:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\Adobe
[2011/06/21 13:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\My Documents\My eBooks
[2011/06/21 13:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/06/21 13:07:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/06/21 13:07:02 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/06/21 13:07:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/06/21 13:02:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Skype
[2011/06/21 13:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/06/21 13:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/06/21 13:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/06/21 12:59:33 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/06/21 12:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011/06/21 12:51:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\My Documents\My Videos
[2011/06/21 12:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\ApplicationHistory
[2011/06/21 12:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\LogiShrd
[2011/06/21 12:28:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Leadertech
[2011/06/21 12:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2011/06/21 12:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2011/06/21 12:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/06/21 12:26:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\Desktop\My Pictures
[2011/06/21 12:16:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011/06/21 12:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2011/06/21 12:15:11 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011/06/21 12:15:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011/06/21 12:15:08 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011/06/21 12:15:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2011/06/21 12:14:59 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011/06/21 12:08:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/06/21 12:03:15 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/06/21 12:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/06/21 12:03:14 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/06/21 12:03:11 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/06/21 12:03:11 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/06/21 12:03:10 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/21 12:03:08 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/06/21 12:03:08 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/06/21 12:03:08 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/06/21 12:02:16 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/06/21 12:02:14 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/06/21 12:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/21 12:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/21 11:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VAIO Wireless Utility
[2011/06/21 11:23:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\High-Speed Internet Options
[2011/06/21 11:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\High-Speed Options
[2011/06/21 11:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FTL Shared
[2011/06/21 11:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\America Online
[2011/06/21 11:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2011/06/21 11:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Netscape
[2011/06/21 11:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AOL Instant Messenger
[2011/06/21 11:19:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2011/06/21 11:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/06/21 11:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2011/06/21 11:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/06/21 11:16:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011/06/21 11:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/06/21 11:14:03 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/06/21 11:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Macromedia
[2011/06/21 11:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Adobe
[2011/06/21 11:13:12 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/21 11:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works
[2011/06/21 11:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/06/21 11:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/06/21 11:06:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VAIO Media Platform
[2011/06/21 11:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VAIO Media
[2011/06/21 11:03:17 | 002,981,888 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplw7.dll
[2011/06/21 11:03:16 | 002,531,328 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplp6.dll
[2011/06/21 11:03:16 | 002,502,656 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplpx.dll
[2011/06/21 11:03:15 | 002,785,280 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm6.dll
[2011/06/21 11:03:14 | 002,686,976 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm5.dll
[2011/06/21 11:03:12 | 002,973,696 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipla6.dll
[2011/06/21 11:03:12 | 000,053,248 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipl.dll
[2011/06/21 11:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PictureGear Studio
[2011/06/21 11:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\My Documents\Downloads
[2011/06/21 11:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\Mozilla
[2011/06/21 11:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Mozilla
[2011/06/21 11:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/06/21 11:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVgate Plus
[2011/06/21 11:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/06/21 10:59:50 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/21 10:59:49 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/21 10:59:49 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/21 10:59:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/21 10:59:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/21 10:59:13 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll
[2011/06/21 10:59:13 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll
[2011/06/21 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SonicStage
[2011/06/21 10:58:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Anne E. Crews\UserData
[2011/06/21 10:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\InterVideo WinDVD 5
[2011/06/21 10:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2011/06/21 10:55:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft
[2011/06/21 10:55:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Anne E. Crews\Cookies
[2011/06/21 10:55:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data
[2011/06/21 10:55:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\Favorites
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Symantec
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Sun
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Sony Corporation
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Intuit
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Application Data\Identities
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\Google
[2011/06/21 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Desktop
[2011/06/21 10:55:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Anne E. Crews\SendTo
[2011/06/21 10:55:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Anne E. Crews\Recent
[2011/06/21 10:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Startup
[2011/06/21 10:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\Start Menu
[2011/06/21 10:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\My Documents\My Pictures
[2011/06/21 10:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\My Documents\My Music
[2011/06/21 10:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\My Documents
[2011/06/21 10:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Accessories
[2011/06/21 10:55:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Anne E. Crews\Templates
[2011/06/21 10:55:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Anne E. Crews\PrintHood
[2011/06/21 10:55:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Anne E. Crews\NetHood
[2011/06/21 10:55:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings
[2011/06/21 10:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\MoodLogic
[2011/06/21 10:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\Microsoft
[2011/06/21 10:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142050}
[2011/06/21 10:52:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2004/08/13 20:05:12 | 000,131,072 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/24 10:20:35 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/24 10:17:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/24 10:17:05 | 468,766,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/24 08:03:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/23 21:05:10 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/06/23 14:11:16 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/23 12:25:15 | 000,093,914 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Desktop\ManBuildFllScalNoahArk.JPG
[2011/06/22 21:16:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/22 16:17:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_RimUsb_01009.Wdf
[2011/06/22 16:17:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/06/22 16:09:40 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Desktop Software.lnk
[2011/06/22 13:30:24 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Microsoft Office PowerPoint 2003.lnk
[2011/06/22 12:15:11 | 000,436,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/22 12:15:10 | 000,068,616 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/22 10:42:12 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/22 10:25:11 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/06/22 10:23:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/22 10:22:52 | 000,167,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/22 09:36:48 | 000,082,906 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Desktop\ChristKotsiopoulosLightning.jpg
[2011/06/22 08:59:58 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/06/22 08:31:32 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Desktop\Microsoft Office Word 2003.lnk
[2011/06/21 21:46:09 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2011/06/21 17:48:16 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Adobe Reader X.lnk
[2011/06/21 17:32:25 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/21 17:31:38 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/06/21 17:31:38 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/06/21 14:56:56 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\defogger_reenable
[2011/06/21 13:00:20 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Skype.lnk
[2011/06/21 12:51:46 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\fusioncache.dat
[2011/06/21 12:39:06 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/06/21 12:35:09 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Windows Movie Maker.lnk
[2011/06/21 12:32:55 | 000,001,646 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Logitech Vid HD.lnk
[2011/06/21 12:31:19 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Microsoft Office PowerPoint Viewer 2003.lnk
[2011/06/21 12:28:46 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Logitech Vid.lnk
[2011/06/21 12:27:31 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Logitech Webcam Software.lnk
[2011/06/21 12:26:35 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Desktop\Shortcut to E-mail.lnk
[2011/06/21 12:26:31 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Desktop\Shortcut to My Computer.lnk
[2011/06/21 12:26:22 | 000,000,347 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Desktop\My Documents.lnk
[2011/06/21 12:03:16 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\avast! Free Antivirus.lnk
[2011/06/21 12:03:09 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/21 11:24:50 | 000,001,501 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\VAIO Wireless Utility.lnk
[2011/06/21 11:22:56 | 000,009,192 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2011/06/21 11:19:37 | 000,001,782 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Microsoft Office 2003 60-Day Trial.lnk
[2011/06/21 11:19:25 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/06/21 11:13:12 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/21 11:07:35 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\VAIO Media Setup.lnk
[2011/06/21 11:00:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/06/21 11:00:40 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/21 11:00:40 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/21 10:59:34 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/21 10:59:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/21 10:59:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/21 10:59:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/21 10:59:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/21 10:55:53 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Windows Media Player.lnk
[2011/06/21 10:54:36 | 000,000,942 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/06/21 10:54:32 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_PCG-K33(UC).mrk
[2011/06/21 10:54:31 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/06/21 10:54:29 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Registration reminder 3.job
[2011/06/21 10:54:29 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Registration reminder 2.job
[2011/06/21 10:54:28 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Registration reminder 1.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/23 21:05:09 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/06/23 14:14:29 | 003,429,103 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\BIBLE AND NUMBERS PDF
[2011/06/23 14:11:16 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/23 12:23:56 | 000,093,914 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\ManBuildFllScalNoahArk.JPG
[2011/06/22 20:43:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/22 16:17:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_RimUsb_01009.Wdf
[2011/06/22 16:17:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/06/22 16:09:40 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Desktop Software.lnk
[2011/06/22 09:36:00 | 000,082,906 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\ChristKotsiopoulosLightning.jpg
[2011/06/21 21:20:11 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2011/06/21 17:48:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Adobe Reader X.lnk
[2011/06/21 17:48:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/21 17:19:06 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/21 15:30:35 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/06/21 15:29:50 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/06/21 15:24:53 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/06/21 14:56:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\defogger_reenable
[2011/06/21 13:06:02 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/21 13:01:59 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011/06/21 13:00:20 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Skype.lnk
[2011/06/21 12:51:46 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Local Settings\Application Data\fusioncache.dat
[2011/06/21 12:49:02 | 468,766,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/21 12:39:06 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/06/21 12:35:09 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Windows Movie Maker.lnk
[2011/06/21 12:32:55 | 000,001,646 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Logitech Vid HD.lnk
[2011/06/21 12:31:25 | 000,002,483 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Microsoft Office PowerPoint 2003.lnk
[2011/06/21 12:31:19 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Microsoft Office PowerPoint Viewer 2003.lnk
[2011/06/21 12:28:46 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Logitech Vid.lnk
[2011/06/21 12:28:29 | 000,002,497 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\Microsoft Office Word 2003.lnk
[2011/06/21 12:27:31 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Logitech Webcam Software.lnk
[2011/06/21 12:26:35 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\Shortcut to E-mail.lnk
[2011/06/21 12:26:31 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\Shortcut to My Computer.lnk
[2011/06/21 12:26:22 | 000,000,347 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Desktop\My Documents.lnk
[2011/06/21 12:03:16 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\avast! Free Antivirus.lnk
[2011/06/21 11:24:50 | 000,001,501 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\VAIO Wireless Utility.lnk
[2011/06/21 11:23:28 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\America Online 9.0.lnk
[2011/06/21 11:22:42 | 000,009,192 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2011/06/21 11:21:21 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Welcome to VAIO life.lnk
[2011/06/21 11:20:47 | 000,180,736 | ---- | C] () -- C:\WINDOWS\System32\Sony XBRITE.scr
[2011/06/21 11:20:47 | 000,000,069 | ---- | C] () -- C:\WINDOWS\System32\Sony XBRITE.ini
[2011/06/21 11:19:37 | 000,001,782 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Microsoft Office 2003 60-Day Trial.lnk
[2011/06/21 11:19:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/06/21 11:12:00 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2011/06/21 11:12:00 | 000,001,701 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/06/21 11:07:35 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\VAIO Media Setup.lnk
[2011/06/21 11:03:12 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2011/06/21 11:00:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/06/21 11:00:40 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/21 11:00:40 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/21 11:00:40 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/21 10:56:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2011/06/21 10:56:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2011/06/21 10:56:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2011/06/21 10:56:57 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2011/06/21 10:56:57 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2011/06/21 10:56:55 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2011/06/21 10:55:53 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\My Documents\Windows Media Player.lnk
[2011/06/21 10:55:38 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/21 10:55:38 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/06/21 10:55:36 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Remote Assistance.lnk
[2011/06/21 10:55:36 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Windows Media Player.lnk
[2011/06/21 10:55:36 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Internet Explorer.lnk
[2011/06/21 10:55:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Anne E. Crews\Start Menu\Programs\Outlook Express.lnk
[2011/06/21 10:54:32 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_PCG-K33(UC).mrk
[2011/06/21 10:54:29 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Registration reminder 3.job
[2011/06/21 10:54:28 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Registration reminder 2.job
[2011/06/21 10:54:28 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Registration reminder 1.job
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/04/30 22:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2004/08/24 21:40:39 | 000,606,208 | ---- | C] () -- C:\WINDOWS\System32\lpykrp.exe
[2004/08/24 21:23:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/24 20:55:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2004/08/16 16:49:53 | 000,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/16 12:02:09 | 000,289,128 | R--- | C] () -- C:\WINDOWS\q329390_wxp_sp2_x86_enu.exe
[2004/08/16 12:01:44 | 000,381,288 | R--- | C] () -- C:\WINDOWS\q329048_wxp_sp2_x86_enu.exe
[2004/08/16 12:01:08 | 000,111,552 | ---- | C] () -- C:\WINDOWS\setup.exe
[2004/08/16 11:58:04 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\elcric.dat
[2004/08/16 11:44:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL
[2004/08/16 11:41:20 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/13 20:27:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/13 20:19:53 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/13 20:05:07 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/08/13 20:05:07 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/08/13 20:04:56 | 000,000,724 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/13 20:04:14 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/13 20:04:10 | 000,436,268 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/13 20:04:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/13 20:04:10 | 000,068,616 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/13 20:04:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/13 20:04:09 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/13 20:04:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/13 20:04:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/13 20:03:58 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/13 20:03:58 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/13 20:03:46 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/13 20:03:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/13 13:13:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/13 13:11:59 | 000,167,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/07/23 10:53:30 | 000,373,967 | ---- | C] () -- C:\WINDOWS\ml-uninstall-v10.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/06 13:55:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\ml-WA3Shutdown.exe
[2002/06/12 15:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2002/04/02 19:08:34 | 000,311,108 | ---- | C] () -- C:\WINDOWS\ml-cleanup.exe
[2002/04/02 19:08:32 | 000,036,868 | ---- | C] () -- C:\WINDOWS\ml-winamp-shutdown.exe
[2001/10/24 18:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

< End of report >

Extras.Txt

OTL Extras logfile created on: 6/24/2011 10:44:47 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Anne E. Crews\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.98 Mb Total Physical Memory | 118.66 Mb Available Physical Memory | 26.55% Memory free
1.03 Gb Paging File | 0.50 Gb Available in Paging File | 48.17% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.87 Gb Total Space | 38.39 Gb Free Space | 75.46% Space Free | Partition Type: NTFS

Computer Name: HERBIE153 | User Name: Anne E. Crews | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3463466281-431222850-920315710-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"1330:UDP" = 1330:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe)
"1331:UDP" = 1331:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01AF4645-78E6-46C4-B528-54863679CC40}" = VAIO SLIT-C Screen Saver
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0DF00135-D5A7-476A-BFB3-EDFF2840076A}" = VAIO Wireless Utility
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{266AEE68-5718-4A31-BDD3-D356B1250C70}" = VAIO SLIT Pattern Wallpaper
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{48820099-ED7D-424B-890C-9A82EF00656C}" = VAIO Update 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6990A2BF-D1D2-11D3-81BC-00609789C908}" = Sony Video Shared Library
"{6F1974D6-4249-43B6-88B0-9A9B8A33956C}" = OpenMG Secure Module 4.0.00
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 3.1
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 2.1.00
"{75157F34-02C6-4831-BD66-3BC49E7A8394}" = BlackBerry Desktop Software 6.1
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 3.1
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD 5 for VAIO
"{936FADC9-C609-471A-B6F2-A33E2E660D1A}" = Sony Notebook Setup
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BB311F54-39D6-4A03-8E18-053D1B2833D7}" = HotKey Utility
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Setup" = AOL Setup
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_8175104D" = SoftV92 Data Fax Modem with SmartCP
"High-Speed Internet Options" = High-Speed Internet Options
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{6F1974D6-4249-43B6-88B0-9A9B8A33956C}" = OpenMG Secure Module 4.0.00
"InstallShield_{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support
"InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"Logitech Vid" = Logitech Vid HD
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"OpenMG HotFix4.0-04-06-21-01" = OpenMG Limited Patch 4.0-04-07-14-01
"Sony XBRITE Screen Saver" = Sony XBRITE Screen Saver
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Welcome to VAIO life" = Welcome to VAIO life
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/21/2011 8:09:45 PM | Computer Name = HERBIE153 | Source = MsiInstaller | ID = 10005
Description = Product: BlackBerry Desktop Software -- BlackBerry Desktop Software
requires that your computer is running Windows XP SP3 or later.

Error - 6/21/2011 8:24:21 PM | Computer Name = HERBIE153 | Source = MsiInstaller | ID = 10005
Description = Product: BlackBerry Desktop Software -- BlackBerry Desktop Software
requires that your computer is running Windows XP SP3 or later.

Error - 6/21/2011 9:29:48 PM | Computer Name = HERBIE153 | Source = Application Error | ID = 1000
Description = Faulting application vaioslic.scr, version 1.1.0.0, faulting module
vaioslic.scr, version 1.1.0.0, fault address 0x0000de89.

Error - 6/21/2011 10:36:13 PM | Computer Name = HERBIE153 | Source = MsiInstaller | ID = 10005
Description = Product: BlackBerry Desktop Software -- BlackBerry Desktop Software
requires that your computer is running Windows XP SP3 or later.

Error - 6/21/2011 10:45:58 PM | Computer Name = HERBIE153 | Source = MsiInstaller | ID = 10005
Description = Product: BlackBerry Desktop Software -- BlackBerry Desktop Software
requires that your computer is running Windows XP SP3 or later.

Error - 6/21/2011 10:52:12 PM | Computer Name = HERBIE153 | Source = MsiInstaller | ID = 10005
Description = Product: BlackBerry Desktop Software -- BlackBerry Desktop Software
requires that your computer is running Windows XP SP3 or later.

Error - 6/22/2011 5:17:45 PM | Computer Name = HERBIE153 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application rim.desktop.exe, version 6.1.0.35, stamp 4dee095a,
faulting module ntdll.dll, version 5.1.2600.5755, stamp 49901d48, debug? 0, fault
address 0x00028c0b.

Error - 6/24/2011 9:05:32 AM | Computer Name = HERBIE153 | Source = Application Error | ID = 1005
Description = Windows cannot access the file E:\Setup\Setup.exe for one of the following
reasons: there is a problem with the network connection, the disk that the file
is stored on, or the storage drivers installed on this computer; or the disk is
missing. Windows closed the program Setup program because of this error. Program:
Setup program File: E:\Setup\Setup.exe The error value is listed in the Additional
Data section. User Action 1. Open the file again. This situation might be a temporary
problem that corrects itself when the program runs again. 2. If the file still cannot
be accessed and - It is on the network, your network administrator should verify
that there is not a problem with the network and that the server can be contacted.
-
It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the
disk is fully inserted into the computer. 3. Check and repair the file system by
running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click
OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem
persists, restore the file from a backup copy. 5. Determine whether other files
on the same disk can be opened. If not, the disk might be damaged. If it is a hard
disk, contact your administrator or computer hardware vendor for further assistance.
Additional
Data Error value: C0000240 Disk type: 5

Error - 6/24/2011 9:06:01 AM | Computer Name = HERBIE153 | Source = Application Error | ID = 1000
Description = Faulting application Setup.exe, version 11.80.1065.0, faulting module
Setup.exe, version 11.80.1065.0, fault address 0x0004c1c3.

Error - 6/24/2011 9:06:25 AM | Computer Name = HERBIE153 | Source = Application Error | ID = 1001
Description = Fault bucket 00504417.

[ System Events ]
Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/21/2011 6:31:01 PM | Computer Name = HERBIE153 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126


< End of report >

Sofar, everything seems fine. The OTL did not find anything! :-)
As for the other 2 scan results, they are CHINESE to me LOL!

#8 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 24 June 2011 - 11:21 AM

Hi!

As for the other 2 scan results, they are CHINESE to me LOL!

haha :hysterical:

OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :OTL
    O3 - HKU\S-1-5-21-3463466281-431222850-920315710-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-3463466281-431222850-920315710-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
    O4 - HKLM..\Run: [KernelFaultCheck] File not found
    O4 - HKLM..\Run: [Mouse Suite 98 Daemon] File not found
    O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Please download JavaRa and unzip it to your desktop.

***Please close any instances of Internet Explorer before continuing!***

  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.


NEXT:



Scanning with MalwareBytes' Anti-Malware

Please download Malwarebytes' Anti-Malware (v1.51.0.1200) and save it to your desktop.
Download Link 1
Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.



NEXT:



ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:



Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#9 Senteami1

Senteami1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 25 June 2011 - 08:59 AM

OK done it but I can't retrieve the log.
This is how I tried to retrieve the log: I clicked on "Start" and on "Search" and typed the entire folder name C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log


(the search program prompted me to tell when the program was modified. I gave today's date (June 25 2011)

This is the message I got:
C:\_OTL\MovedFiles refers to a location that is unavailable. It could be on a hard drive on this computer, or on a network. Check to make sure that the disk is properly inserted, or that you are connected to the Internet or your network, and then try again. If it still cannot be located, the information might have been moved to a different location.

How do I retrieve that log?

Also forgot to say but yesterday I had a blue screen all of a sudden,while I was on the Internet. I had to shut down my computer.
Today, when I opened my computer, a message that that "the System had recovered from a serious error." (with no further details)

Then, as I was browsing my computer took me to this microsoft page (!):
http://wer.microsoft.com/responses/Response.aspx/10/en-us/5.1.2600.2.00010300.3.0?SGD=ba295bd5-775e-43cc-808b-ee900dbaffd8#here

(I did have to RE ENABLE the defogger function in order to use my printer (needed to). I first re enabled it then download the drivers for my printer. Had to download them again since as I said, I had to press the F10 key to revert my computer to its factory settings.

Thanks for your help. :-)

#10 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 25 June 2011 - 11:06 AM

Hi!

Don't worry about the OTL log file for now. Please proceed with the rest of the instructions in my previous post.

Thanks for that information regarding the BSOD.

Edited by SweetTech, 25 June 2011 - 11:06 AM.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#11 Senteami1

Senteami1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 25 June 2011 - 04:26 PM

JavaRa log: (copied and pasted)

================================

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sat Jun 25 14:19:21 2011

Found and removed: C:\Program Files\Java\j2re1.4.2_05

Found and removed: C:\WINDOWS\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142050}

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: JavaPlugin.FamilyVersionSupport

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: JavaScript

Found and removed: JavaScript Author

Found and removed: JavaScript1.1

Found and removed: JavaScript1.1 Author

Found and removed: JavaScript1.2

Found and removed: JavaScript1.2 Author

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

Found and removed: Software\Classes\JavaPlugin.142_05

Found and removed: Software\JavaSoft\Java Update

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\JavaPlugin

Found and removed: SOFTWARE\Classes\JavaPlugin.142_05

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.4.2.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_05

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

FINISHED REPORTING


Malwarebytes log results
================

-----Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6949

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6/25/2011 2:48:25 PM
mbam-log-2011-06-25 (14-48-24).txt

Scan type: Quick scan
Objects scanned: 160237
Time elapsed: 18 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



ESETScan found no threats! :-)

SECURITY CHECK RESULTS (copied and pasted)
==========================================

Results of screen317's Security Check version 0.99.15
Windows XP Service Pack 3
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 26
Java 2 Runtime Environment, SE v1.4.2_05
Adobe Flash Player 10.3.181.26
Adobe Reader X (10.1.0)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Windows Defender MSASCui.exe
Windows Defender MsMpEng.exe
Windows Defender MSASCui.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
``````````End of Log````````````

Thanks for your help!

=============================

#12 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 25 June 2011 - 04:50 PM

Hi!

No problem!

You should go to Add/Remove Programs and remove: Java 2 Runtime Environment, SE v1.4.2_05

You should also update Internet Explorer to at least version 8 if not 9 (which is the latest version).

OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    netsvcs
    drivers32
    hklm\software\clients\startmenuinternet|command /rs
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push the Quick Scan button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



What outstanding issues (if any) are you still experiencing with your computer?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#13 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 27 June 2011 - 10:12 AM

Still with me?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#14 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:01:38 AM

Posted 28 June 2011 - 09:11 AM

Due to lack of feedback this thread will now be closed. If you still require assistance, and would like to have your thread re-opened, please feel free to send me a Private Message (PM) being sure to include a link to your topic, and I'd be happy to re-open it.


Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users