Adware? 1st System Check then Internet Security

caewe12 · February 7, 2012

Was infected by System Check. Ran my Malwarebytes disc but wasn't working (in safe mode w/networking). Still in safemode searched for mybleepingcomputer and was redirected. Suddenly Internet Security adware was "running a scan". Tried Malwarebytes disc multiple times it found 6 infected files but wasn't removing them. Downloaded Spybot, ran it, and then found some of the exe files and used File Assassin to delete them. I'm don't think my computer is clean. I'm getting redirected when I use my search engine. My desktop is gone and only some of my programs show up in "All Programs". I only know enough to be dangerous. Help. Thank you. CAE

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24

Run by Ekenbarger's at 17:33:30 on 2012-02-07

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2558.1774 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\program files\real\realplayer\update\realsched.exe

C:\Program Files\SelectRebates\SelectRebates.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\Common Files\AOL\1178326658\ee\AOLSoftware.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

F:\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe

svchost.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Norton Ghost\Agent\VProSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\WINDOWS\system32\dlcccoms.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.cox.net/

uSearch Page = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

mURLSearchHooks: H - No File

mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - f:\spybot~1\spybot~1\SDHelper.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: ShopAtHomeIEHelper Class: {e8daaa30-6caa-4b58-9603-8e54238219e2} - c:\program files\selectrebates\toolbar\ShopAtHomeToolbar.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: Upromise TurboSaver: {06e58e5e-f8cb-4049-991e-a41c03bd419e} - c:\program files\upromise\upromisetoolbar.dll

TB: ShopAtHome.com Toolbar: {98279c38-de4b-4bcf-93c9-8ec26069d6f4} - c:\program files\selectrebates\toolbar\ShopAtHomeToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [bomgar Support Reconnect [1297805904]] "c:\documents and settings\all users\application data\bomgar-scc-4d5af24f\bomgar-scc.exe" -nomulti

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [internet Security] c:\documents and settings\all users\application data\isecurity.exe

uRun: [spybotSD TeaTimer] f:\spybot - search & destroy\spybot - search & destroy\TeaTimer.exe

mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [selectRebates] c:\program files\selectrebates\SelectRebates.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [NapsterShell] c:\program files\napster\napster.exe /systray

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [HostManager] c:\program files\common files\aol\1178326658\ee\AOLSoftware.exe

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [wgjpPXjtqGl.exe] c:\documents and settings\all users\application data\wgjpPXjtqGl.exe

uPolicies-explorer: NoDesktop = 1 (0x1)

mPolicies-system: DisableTaskMgr = 1 (0x1)

IE: &Search - http://tbedits.couponalert.com/one-toolbaredits/menusearch.jhtml?s=100000487&p=CDxdm003YYus&si=CK2Cs7C9yKoCFaUZQgodWFpFyg&a=CF74B0F9-D5D0-4EC8-AC35-8A70571C102D&n=2011081120

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - f:\spybot~1\spybot~1\SDHelper.dll

Trusted Zone: microsoft.com\www.update

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab

DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://www6.iepdirect.com/ScriptX_6_5/smsx.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212869638656

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://e-talk1.whps.org/dwa7W.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.2.1 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{830D72BE-6132-4A2A-B8DD-7BC8B69A920B} : DhcpNameServer = 192.168.2.1 68.105.28.11 68.105.29.11 68.105.28.12

Filter: text/html - {ebf6bf89-93f4-4e89-8fc4-7ead60359ba4} -

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

LSA: Authentication Packages = msv1_0 c:\windows\system32\gebBSLDU

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - WinZipBar Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=CDxdm003YYus&ptb=CF74B0F9-D5D0-4EC8-AC35-8A70571C102D&ind=2011081120&ptnrS=CDxdm003YYus&si=CK2Cs7C9yKoCFaUZQgodWFpFyg&n=77dea9a0&psa=&st=kwd&searchfor=

FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCore.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko19.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}\components\RadioWMPCoreGecko19.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}\components\RadioWMPCoreGecko5.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}\components\RadioWMPCoreGecko6.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}\components\RadioWMPCoreGecko7.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}\components\RadioWMPCoreGecko8.dll

FF - component: c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}\components\RadioWMPCoreGecko9.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\program files\nos\bin\np_gp.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: ShopAtHome.com Intelligent Shopping Toolbar: toolbar@shopathome.com - %profile%\extensions\toolbar@shopathome.com

FF - Ext: Coupons.com Community Toolbar: {37153479-1976-43c3-a1ee-557513977b64} - %profile%\extensions\{37153479-1976-43c3-a1ee-557513977b64}

FF - Ext: WinZipBar Community Toolbar: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - %profile%\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}

.

============= SERVICES / DRIVERS ===============

.

R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2006-5-21 34916]

R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2004-8-10 5120]

R3 SymSnapService;SymSnapService;c:\program files\norton ghost\shared\drivers\SymSnapService.exe [2007-12-20 1553896]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-1-18 34248]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-1-18 40552]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]

.

=============== File Associations ===============

.

regfile=regedit.exe "%1" %*

scrfile="%1" %*

.

=============== Created Last 30 ================

.

2012-01-11 14:32:02 21504 ---ha-w- c:\windows\system32\hidserv.dll

2012-01-11 14:32:02 21504 ---ha-w- c:\windows\system32\dllcache\hidserv.dll

.

==================== Find3M ====================

.

2011-12-26 20:43:04 23624 ---ha-w- c:\windows\system32\drivers\hitmanpro35.sys

.

============= FINISH: 17:40:28.14 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 9/20/2005 7:58:34 PM

System Uptime: 2/6/2012 9:16:35 PM (20 hours ago)

.

Motherboard: Dell Inc. | | 0X8582

Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 146 GiB total, 103.037 GiB free.

D: is CDROM (CDFS)

E: is CDROM ()

F: is FIXED (NTFS) - 466 GiB total, 412.815 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1053: 11/10/2011 3:43:33 PM - System Checkpoint

RP1054: 11/11/2011 4:16:15 PM - System Checkpoint

RP1055: 11/12/2011 4:38:30 PM - System Checkpoint

RP1056: 11/13/2011 5:01:46 PM - System Checkpoint

RP1057: 11/14/2011 5:55:33 PM - System Checkpoint

RP1058: 11/15/2011 6:37:23 PM - System Checkpoint

RP1059: 11/16/2011 6:42:58 PM - System Checkpoint

RP1060: 11/17/2011 6:43:32 PM - System Checkpoint

RP1061: 11/18/2011 7:29:00 PM - System Checkpoint

RP1062: 11/19/2011 9:13:51 PM - System Checkpoint

RP1063: 11/21/2011 3:10:22 PM - System Checkpoint

RP1064: 11/22/2011 3:51:46 PM - System Checkpoint

RP1065: 11/23/2011 4:46:20 PM - System Checkpoint

RP1066: 11/24/2011 5:50:36 PM - System Checkpoint

RP1067: 11/25/2011 6:44:05 PM - System Checkpoint

RP1068: 11/26/2011 6:47:42 PM - System Checkpoint

RP1069: 11/27/2011 7:51:01 PM - System Checkpoint

RP1070: 11/28/2011 8:46:52 PM - System Checkpoint

RP1071: 11/29/2011 8:57:54 PM - System Checkpoint

RP1072: 11/30/2011 9:04:19 PM - System Checkpoint

RP1073: 12/1/2011 9:35:17 PM - System Checkpoint

RP1074: 12/2/2011 9:36:43 PM - System Checkpoint

RP1075: 12/3/2011 10:47:56 PM - System Checkpoint

RP1076: 12/5/2011 7:27:06 AM - System Checkpoint

RP1077: 12/6/2011 1:25:45 PM - System Checkpoint

RP1078: 12/7/2011 1:35:34 PM - System Checkpoint

RP1079: 12/8/2011 2:13:08 PM - System Checkpoint

RP1080: 12/9/2011 5:10:56 PM - System Checkpoint

RP1081: 12/10/2011 6:40:55 PM - System Checkpoint

RP1082: 12/12/2011 5:56:36 AM - System Checkpoint

RP1083: 12/13/2011 6:30:37 AM - System Checkpoint

RP1084: 12/14/2011 7:33:17 AM - System Checkpoint

RP1085: 12/15/2011 8:33:17 AM - System Checkpoint

RP1086: 12/16/2011 9:33:17 AM - System Checkpoint

RP1087: 12/17/2011 9:54:47 AM - System Checkpoint

RP1088: 12/18/2011 10:33:17 AM - System Checkpoint

RP1089: 12/19/2011 11:33:17 AM - System Checkpoint

RP1090: 12/20/2011 12:33:17 PM - System Checkpoint

RP1091: 12/21/2011 1:45:20 PM - System Checkpoint

RP1092: 12/22/2011 2:33:20 PM - System Checkpoint

RP1093: 12/23/2011 3:33:20 PM - System Checkpoint

RP1094: 12/24/2011 3:51:20 PM - System Checkpoint

RP1095: 12/25/2011 4:32:06 PM - System Checkpoint

RP1096: 12/26/2011 12:25:53 PM - Installed %1 %2.

RP1097: 12/26/2011 12:28:35 PM - Restore Point before Corrupt Patch Registry keys

RP1098: 12/26/2011 12:46:43 PM - Installed Windows XP KB942288-v3.

RP1099: 12/26/2011 1:06:41 PM - Removed iTunes

RP1100: 12/26/2011 3:05:16 PM - Removed iTunes

RP1101: 12/26/2011 3:54:36 PM - Installed WinZip 16.0

RP1102: 12/26/2011 4:32:07 PM - Removed WinZip 16.0

RP1103: 12/26/2011 4:32:55 PM - Removed WinZip Courier

RP1104: 12/26/2011 4:33:57 PM - Removed Kaspersky Security Scan

RP1105: 12/26/2011 6:23:50 PM - Removed QuickTime

RP1106: 12/26/2011 6:28:35 PM - Installed QuickTime

RP1107: 12/26/2011 6:46:10 PM - Installed iTunes

RP1108: 12/27/2011 7:44:30 PM - System Checkpoint

RP1109: 12/28/2011 8:43:59 PM - System Checkpoint

RP1110: 12/29/2011 8:45:04 PM - System Checkpoint

RP1111: 12/30/2011 9:23:11 PM - System Checkpoint

RP1112: 12/31/2011 10:35:40 PM - System Checkpoint

RP1113: 1/11/2012 9:52:55 AM - System Checkpoint

RP1114: 1/12/2012 10:15:07 AM - System Checkpoint

RP1115: 1/13/2012 11:09:37 AM - System Checkpoint

RP1116: 1/14/2012 12:17:57 PM - System Checkpoint

RP1117: 1/15/2012 1:12:01 PM - System Checkpoint

RP1118: 1/16/2012 3:24:39 PM - System Checkpoint

RP1119: 1/17/2012 3:48:45 PM - System Checkpoint

RP1120: 1/18/2012 4:43:25 PM - System Checkpoint

RP1121: 1/19/2012 4:56:34 PM - System Checkpoint

RP1122: 1/20/2012 5:35:59 PM - System Checkpoint

RP1123: 1/21/2012 6:56:04 PM - System Checkpoint

RP1124: 1/22/2012 7:26:15 PM - System Checkpoint

RP1125: 1/23/2012 7:28:35 PM - System Checkpoint

RP1126: 1/24/2012 8:15:34 PM - System Checkpoint

RP1127: 1/25/2012 9:06:56 PM - System Checkpoint

RP1128: 1/26/2012 10:03:10 PM - System Checkpoint

RP1129: 1/27/2012 10:49:47 PM - System Checkpoint

RP1130: 1/28/2012 11:45:06 PM - System Checkpoint

RP1131: 1/30/2012 12:38:22 AM - System Checkpoint

RP1132: 1/31/2012 1:32:38 AM - System Checkpoint

RP1133: 2/1/2012 2:26:58 AM - System Checkpoint

RP1134: 2/2/2012 2:57:57 AM - System Checkpoint

RP1135: 2/3/2012 3:53:44 AM - System Checkpoint

RP1136: 2/4/2012 4:51:44 AM - System Checkpoint

RP1137: 2/5/2012 5:45:10 AM - System Checkpoint

RP1138: 2/6/2012 6:39:41 AM - System Checkpoint

RP1139: 2/6/2012 4:31:41 PM - Restore Operation

RP1140: 2/6/2012 4:32:38 PM - Restore Operation

RP1141: 2/6/2012 8:29:24 PM - Removed Bonjour

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Acrobat.com

Adobe AIR

Adobe Download Manager

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X (10.0.1)

AOL Coach Version 1.0(Build:20040229.1 en)

AOL Uninstaller (Choose which Products to Remove)

AOLIcon

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Software Suite

ATI Control Panel

ATI Display Driver

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

Creative MediaSource

DAO 3.5

DB CIF Cam

Dell Media Experience

Dell Photo AIO Printer 924

Dell Picture Studio v3.0

Dell Support 3.2.1

Dell System Restore

EA Download Manager

EarthLink setup files

FoneSync

Get High Speed Internet!

GIMP 2.6.6

Google Chrome

Google Earth

Google SketchUp 6

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel Matrix Storage Manager

Intel® 537EP V9x DF PCI Modem

Intel® PRO Network Connections Software v9.2.4.11

Intel® PROSafe for Wired Connections

Internet Explorer Default Page

iTunes

Jasc Paint Shop Photo Album 5

Jasc Paint Shop Pro Studio, Dell Editon

Java 2 Runtime Environment, SE v1.4.2_03

Java Auto Updater

Java 6 Update 24

Jimmy Neutron Boy Genius

LiveUpdate 3.2 (Symantec Corporation)

Macromedia Flash Player

Malwarebytes' Anti-Malware

McAfee Security Scan Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Picture It! Publishing 2001

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Word 2000 SR-1

Microsoft Works 2001 Setup Launcher

Microsoft Works 6.0

Microsoft Works Suite Add-in for Microsoft Word

MobileMe Control Panel

Modem Event Monitor

Modem Helper

Modem On Hold

Move Networks Media Player for Internet Explorer

Mozilla Firefox (3.6.16)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 6 Service Pack 2 (KB973686)

Musicmatch for Windows Media Player

Napster

Napster Burn Engine

NetZeroInstallers

NickToons Racing

Nikon Message Center

Norton Ghost

Pdf995

PdfEdit995

Photo Click

PictureProject

PowerDVD 5.5

QuickBooks Simple Start Special Edition

Quicken Basic 2000

QuickTime

Rayman Raving Rabbids

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Safari

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB963027)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Shockwave

ShopAtHome.com Toolbar

Sonic DLA

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Sound Blaster Live! 24-bit

SPORE™

SPORE™ Galactic Adventures

Spybot - Search & Destroy

TaxCut Basic 2006

Type to Learn 3

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB972636)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Viewpoint Media Player

WebCyberCoach 3.2 Dell

WebFldrs XP

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer Clean Up

Windows Internet Explorer 8

Windows Media Encoder 9 Series

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WordPerfect Office 12

Works Suite OS Pack

Works Synchronization

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

2/6/2012 8:29:38 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

2/6/2012 4:36:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2/6/2012 4:31:54 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm

2/6/2012 4:30:58 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/1/2012 5:59:11 AM, error: Dhcp [1002] - The IP address lease 68.1.168.30 for the Network Card with network address 00123F758368 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

2/1/2012 5:58:41 AM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{830D72BE-6132-4A2A-B8DD-7BC8B69A920B} because another computer on the network has the same name. The server could not start.

.

==== End Of File ===========================

Maurice Naggar · February 7, 2012

Hello caedwe12,

Make sure you do not do any changes/ adds/ deletes of programs or settings, or get any tools on your own. Make no changes on your own. Always check with me first if you have questions.

Now, make sure you have saved all your work before you begin, and close your open apps.

Download to your Desktop FixPolicies.exe, by Bill Castner, MS-MVP, a self-extracting ZIP archive from

>>> here <<<

Double-click FixPolicies.exe.
Click the "Install" button on the bottom toolbar of the box that will open.
The program will create a new Folder called FixPolicies.
Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
A black box will briefly appear and then close.
This fix may prove temporary. Active malware may revert these changes at your next startup.

Note: If using Firefox right-click on any download links and choose Save As

Save both files to the same place ---- the Desktop.

Please download from here >> OTH << and SAVE to the Desktop

Please download from here >> OTL << and SAVE to the Desktop

Double click the OTH file to run it and click Kill All Processes, your desktop will go blank.

IF you are running Vista or Windows 7, then do a Right-click on OTH and select Run As Administrator to start.

Once OTH has started, click on Start OTL. OTL will now start.

Do the following in OTL:
In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Download Security Check by screen317 and save it to your Desktop: here or here

Run Security Check
Follow the onscreen instructions inside of the command window.
A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

Back in OTH:
Click the Internet Explorer button. Go to this forum & login & return to this topic.
Copy & Paste the ATTACH, EXTRAS, & Checkup logs into your reply here.

caewe12 · February 8, 2012

Ran Security Check but notepad did not pop up. Couldn't find Checkup logs. Should I run it again? Thanks. CAE

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 9/20/2005 7:58:34 PM

System Uptime: 2/6/2012 9:16:35 PM (20 hours ago)

.

Motherboard: Dell Inc. | | 0X8582

Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 146 GiB total, 103.037 GiB free.

D: is CDROM (CDFS)

E: is CDROM ()

F: is FIXED (NTFS) - 466 GiB total, 412.815 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1053: 11/10/2011 3:43:33 PM - System Checkpoint

RP1054: 11/11/2011 4:16:15 PM - System Checkpoint

RP1055: 11/12/2011 4:38:30 PM - System Checkpoint

RP1056: 11/13/2011 5:01:46 PM - System Checkpoint

RP1057: 11/14/2011 5:55:33 PM - System Checkpoint

RP1058: 11/15/2011 6:37:23 PM - System Checkpoint

RP1059: 11/16/2011 6:42:58 PM - System Checkpoint

RP1060: 11/17/2011 6:43:32 PM - System Checkpoint

RP1061: 11/18/2011 7:29:00 PM - System Checkpoint

RP1062: 11/19/2011 9:13:51 PM - System Checkpoint

RP1063: 11/21/2011 3:10:22 PM - System Checkpoint

RP1064: 11/22/2011 3:51:46 PM - System Checkpoint

RP1065: 11/23/2011 4:46:20 PM - System Checkpoint

RP1066: 11/24/2011 5:50:36 PM - System Checkpoint

RP1067: 11/25/2011 6:44:05 PM - System Checkpoint

RP1068: 11/26/2011 6:47:42 PM - System Checkpoint

RP1069: 11/27/2011 7:51:01 PM - System Checkpoint

RP1070: 11/28/2011 8:46:52 PM - System Checkpoint

RP1071: 11/29/2011 8:57:54 PM - System Checkpoint

RP1072: 11/30/2011 9:04:19 PM - System Checkpoint

RP1073: 12/1/2011 9:35:17 PM - System Checkpoint

RP1074: 12/2/2011 9:36:43 PM - System Checkpoint

RP1075: 12/3/2011 10:47:56 PM - System Checkpoint

RP1076: 12/5/2011 7:27:06 AM - System Checkpoint

RP1077: 12/6/2011 1:25:45 PM - System Checkpoint

RP1078: 12/7/2011 1:35:34 PM - System Checkpoint

RP1079: 12/8/2011 2:13:08 PM - System Checkpoint

RP1080: 12/9/2011 5:10:56 PM - System Checkpoint

RP1081: 12/10/2011 6:40:55 PM - System Checkpoint

RP1082: 12/12/2011 5:56:36 AM - System Checkpoint

RP1083: 12/13/2011 6:30:37 AM - System Checkpoint

RP1084: 12/14/2011 7:33:17 AM - System Checkpoint

RP1085: 12/15/2011 8:33:17 AM - System Checkpoint

RP1086: 12/16/2011 9:33:17 AM - System Checkpoint

RP1087: 12/17/2011 9:54:47 AM - System Checkpoint

RP1088: 12/18/2011 10:33:17 AM - System Checkpoint

RP1089: 12/19/2011 11:33:17 AM - System Checkpoint

RP1090: 12/20/2011 12:33:17 PM - System Checkpoint

RP1091: 12/21/2011 1:45:20 PM - System Checkpoint

RP1092: 12/22/2011 2:33:20 PM - System Checkpoint

RP1093: 12/23/2011 3:33:20 PM - System Checkpoint

RP1094: 12/24/2011 3:51:20 PM - System Checkpoint

RP1095: 12/25/2011 4:32:06 PM - System Checkpoint

RP1096: 12/26/2011 12:25:53 PM - Installed %1 %2.

RP1097: 12/26/2011 12:28:35 PM - Restore Point before Corrupt Patch Registry keys

RP1098: 12/26/2011 12:46:43 PM - Installed Windows XP KB942288-v3.

RP1099: 12/26/2011 1:06:41 PM - Removed iTunes

RP1100: 12/26/2011 3:05:16 PM - Removed iTunes

RP1101: 12/26/2011 3:54:36 PM - Installed WinZip 16.0

RP1102: 12/26/2011 4:32:07 PM - Removed WinZip 16.0

RP1103: 12/26/2011 4:32:55 PM - Removed WinZip Courier

RP1104: 12/26/2011 4:33:57 PM - Removed Kaspersky Security Scan

RP1105: 12/26/2011 6:23:50 PM - Removed QuickTime

RP1106: 12/26/2011 6:28:35 PM - Installed QuickTime

RP1107: 12/26/2011 6:46:10 PM - Installed iTunes

RP1108: 12/27/2011 7:44:30 PM - System Checkpoint

RP1109: 12/28/2011 8:43:59 PM - System Checkpoint

RP1110: 12/29/2011 8:45:04 PM - System Checkpoint

RP1111: 12/30/2011 9:23:11 PM - System Checkpoint

RP1112: 12/31/2011 10:35:40 PM - System Checkpoint

RP1113: 1/11/2012 9:52:55 AM - System Checkpoint

RP1114: 1/12/2012 10:15:07 AM - System Checkpoint

RP1115: 1/13/2012 11:09:37 AM - System Checkpoint

RP1116: 1/14/2012 12:17:57 PM - System Checkpoint

RP1117: 1/15/2012 1:12:01 PM - System Checkpoint

RP1118: 1/16/2012 3:24:39 PM - System Checkpoint

RP1119: 1/17/2012 3:48:45 PM - System Checkpoint

RP1120: 1/18/2012 4:43:25 PM - System Checkpoint

RP1121: 1/19/2012 4:56:34 PM - System Checkpoint

RP1122: 1/20/2012 5:35:59 PM - System Checkpoint

RP1123: 1/21/2012 6:56:04 PM - System Checkpoint

RP1124: 1/22/2012 7:26:15 PM - System Checkpoint

RP1125: 1/23/2012 7:28:35 PM - System Checkpoint

RP1126: 1/24/2012 8:15:34 PM - System Checkpoint

RP1127: 1/25/2012 9:06:56 PM - System Checkpoint

RP1128: 1/26/2012 10:03:10 PM - System Checkpoint

RP1129: 1/27/2012 10:49:47 PM - System Checkpoint

RP1130: 1/28/2012 11:45:06 PM - System Checkpoint

RP1131: 1/30/2012 12:38:22 AM - System Checkpoint

RP1132: 1/31/2012 1:32:38 AM - System Checkpoint

RP1133: 2/1/2012 2:26:58 AM - System Checkpoint

RP1134: 2/2/2012 2:57:57 AM - System Checkpoint

RP1135: 2/3/2012 3:53:44 AM - System Checkpoint

RP1136: 2/4/2012 4:51:44 AM - System Checkpoint

RP1137: 2/5/2012 5:45:10 AM - System Checkpoint

RP1138: 2/6/2012 6:39:41 AM - System Checkpoint

RP1139: 2/6/2012 4:31:41 PM - Restore Operation

RP1140: 2/6/2012 4:32:38 PM - Restore Operation

RP1141: 2/6/2012 8:29:24 PM - Removed Bonjour

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Acrobat.com

Adobe AIR

Adobe Download Manager

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X (10.0.1)

AOL Coach Version 1.0(Build:20040229.1 en)

AOL Uninstaller (Choose which Products to Remove)

AOLIcon

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Software Suite

ATI Control Panel

ATI Display Driver

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

Creative MediaSource

DAO 3.5

DB CIF Cam

Dell Media Experience

Dell Photo AIO Printer 924

Dell Picture Studio v3.0

Dell Support 3.2.1

Dell System Restore

EA Download Manager

EarthLink setup files

FoneSync

Get High Speed Internet!

GIMP 2.6.6

Google Chrome

Google Earth

Google SketchUp 6

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel Matrix Storage Manager

Intel® 537EP V9x DF PCI Modem

Intel® PRO Network Connections Software v9.2.4.11

Intel® PROSafe for Wired Connections

Internet Explorer Default Page

iTunes

Jasc Paint Shop Photo Album 5

Jasc Paint Shop Pro Studio, Dell Editon

Java 2 Runtime Environment, SE v1.4.2_03

Java Auto Updater

Java 6 Update 24

Jimmy Neutron Boy Genius

LiveUpdate 3.2 (Symantec Corporation)

Macromedia Flash Player

Malwarebytes' Anti-Malware

McAfee Security Scan Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Picture It! Publishing 2001

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Word 2000 SR-1

Microsoft Works 2001 Setup Launcher

Microsoft Works 6.0

Microsoft Works Suite Add-in for Microsoft Word

MobileMe Control Panel

Modem Event Monitor

Modem Helper

Modem On Hold

Move Networks Media Player for Internet Explorer

Mozilla Firefox (3.6.16)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 6 Service Pack 2 (KB973686)

Musicmatch for Windows Media Player

Napster

Napster Burn Engine

NetZeroInstallers

NickToons Racing

Nikon Message Center

Norton Ghost

Pdf995

PdfEdit995

Photo Click

PictureProject

PowerDVD 5.5

QuickBooks Simple Start Special Edition

Quicken Basic 2000

QuickTime

Rayman Raving Rabbids

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Safari

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB963027)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Shockwave

ShopAtHome.com Toolbar

Sonic DLA

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Sound Blaster Live! 24-bit

SPORE™

SPORE™ Galactic Adventures

Spybot - Search & Destroy

TaxCut Basic 2006

Type to Learn 3

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB972636)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Viewpoint Media Player

WebCyberCoach 3.2 Dell

WebFldrs XP

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer Clean Up

Windows Internet Explorer 8

Windows Media Encoder 9 Series

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WordPerfect Office 12

Works Suite OS Pack

Works Synchronization

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

2/6/2012 8:29:38 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

2/6/2012 4:36:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2/6/2012 4:31:54 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm

2/6/2012 4:30:58 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/1/2012 5:59:11 AM, error: Dhcp [1002] - The IP address lease 68.1.168.30 for the Network Card with network address 00123F758368 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

2/1/2012 5:58:41 AM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{830D72BE-6132-4A2A-B8DD-7BC8B69A920B} because another computer on the network has the same name. The server could not start.

.

==== End Of File ===========================

OTL Extras logfile created on: 2/7/2012 7:08:43 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Ekenbarger's\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 74.40% Memory free

3.09 Gb Paging File | 2.69 Gb Available in Paging File | 87.01% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 145.58 Gb Total Space | 103.03 Gb Free Space | 70.77% Space Free | Partition Type: NTFS

Drive D: | 1.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive F: | 465.76 Gb Total Space | 412.81 Gb Free Space | 88.63% Space Free | Partition Type: NTFS

Computer Name: JAM1 | User Name: Ekenbarger's | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" %*

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

"Disable Config" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)

"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)

"C:\Program Files\Common Files\AOL\1178326658\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1178326658\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)

"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent

"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager

"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1

"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data

"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up

"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition

"{15D9EB74-998E-4A04-B468-51C2E7B32182}" = Microsoft Picture It! Publishing 2001

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 24

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers

"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page

"{36BD0774-6CD6-4FF9-A148-83CA09AC123E}" = Intel® PROSafe for Wired Connections

"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold

"{403EF592-953B-4794-BCEF-ECAB835C2095}" = Intel® PROSafe for Wired Connections

"{40A5DF56-329E-433C-8E79-99807E02F90F}" = Rayman Raving Rabbids

"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B4F81E0-9150-11D4-A594-0050BAC6946A}" = NickToons Racing

"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}" = Microsoft Works Suite Add-in for Microsoft Word

"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon

"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0

"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galactic Adventures

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5

"{6C611DD2-2685-4A76-92B5-ECD237128582}" = Type to Learn 3

"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click

"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer

"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore

"{766E4715-B801-46B3-9D91-12288AB88428}" = DB CIF Cam

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon

"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor

"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!

"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper

"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support

"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager

"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6

"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio

"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience

"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0

"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12

"{B0255743-165B-4BD5-8DA8-37DFB9930014}" = Norton Ghost

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy

"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes

"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster

"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CEB481CC-F57C-4397-81A0-DADD22257047}" = Sound Blaster Live! 24-bit

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari

"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E4375AC9-EDE1-4943-A0E3-801CEB7041DF}" = Dell Support 3.2.1

"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player

"{EE7C3A14-1D20-49F6-B903-491561076F0F}" = ArcSoft Software Suite

"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com

"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0

"{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}" = Works Suite OS Pack

"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)

"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)

"ATI Display Driver" = ATI Display Driver

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows

"DAO 3.5" = DAO 3.5

"Dell Photo AIO Printer 924" = Dell Photo AIO Printer 924

"EADM" = EA Download Manager

"FoneSync" = FoneSync

"Google Chrome" = Google Chrome

"Google Updater" = Google Updater

"ie8" = Windows Internet Explorer 8

"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem

"Jimmy Neutron Boy Genius" = Jimmy Neutron Boy Genius

"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Pdf995" = Pdf995

"PdfEdit995" = PdfEdit995

"PROSetDX" = Intel® PRO Network Connections Software v9.2.4.11

"Quicken Basic 2000" = Quicken Basic 2000

"RealPlayer 12.0" = RealPlayer

"SelectRebatesUninstall" = ShopAtHome.com Toolbar

"Shockwave" = Shockwave

"TaxCut Basic 2006" = TaxCut Basic 2006

"ViewpointMediaPlayer" = Viewpoint Media Player

"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell

"WIC" = Windows Imaging Component

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.6.6

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Works2001Setup" = Microsoft Works 2001 Setup Launcher

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 1/14/2012 2:17:14 PM | Computer Name = JAM1 | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting

module mshtml.dll, version 8.0.6001.19046, fault address 0x000679b8.

Error - 1/28/2012 10:17:22 PM | Computer Name = JAM1 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/28/2012 10:17:24 PM | Computer Name = JAM1 | Source = Application Hang | ID = 1001

Description = Fault bucket 1180947459.

Error - 2/2/2012 5:53:02 PM | Computer Name = JAM1 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/6/2012 6:32:41 PM | Computer Name = JAM1 | Source = MSDTC | ID = 4404

Description = MS DTC Tracing infrastructure : the initialization of the tracing

infrastructure failed. Internal Information : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,

Line: 1115, StartTrace Failed, hr=0x800700a1

Error - 2/6/2012 7:00:46 PM | Computer Name = JAM1 | Source = MSDTC | ID = 4404

Description = MS DTC Tracing infrastructure : the initialization of the tracing

infrastructure failed. Internal Information : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,

Line: 1115, StartTrace Failed, hr=0x800700a1

Error - 2/6/2012 8:22:43 PM | Computer Name = JAM1 | Source = MSDTC | ID = 4404

Description = MS DTC Tracing infrastructure : the initialization of the tracing

infrastructure failed. Internal Information : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,

Line: 1115, StartTrace Failed, hr=0x800700a1

Error - 2/6/2012 9:21:47 PM | Computer Name = JAM1 | Source = MSDTC | ID = 4404

Description = MS DTC Tracing infrastructure : the initialization of the tracing

infrastructure failed. Internal Information : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,

Line: 1115, StartTrace Failed, hr=0x800700a1

Error - 2/6/2012 9:34:49 PM | Computer Name = JAM1 | Source = MSDTC | ID = 4404

Description = MS DTC Tracing infrastructure : the initialization of the tracing

infrastructure failed. Internal Information : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,

Line: 1115, StartTrace Failed, hr=0x800700a1

Error - 2/6/2012 10:20:01 PM | Computer Name = JAM1 | Source = MSDTC | ID = 4404

Description = MS DTC Tracing infrastructure : the initialization of the tracing

infrastructure failed. Internal Information : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,

Line: 1115, StartTrace Failed, hr=0x800700a1

[ System Events ]

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7034

Description = The Creative Service for CDROM Access service terminated unexpectedly.

It has done this 1 time(s).

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7034

Description = The Java Quick Starter service terminated unexpectedly. It has done

this 1 time(s).

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7031

Description = The Apple Mobile Device service terminated unexpectedly. It has done

this 1 time(s). The following corrective action will be taken in 60000 milliseconds:

Restart the service.

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7031

Description = The Norton Ghost service terminated unexpectedly. It has done this

1 time(s). The following corrective action will be taken in 0 milliseconds: Restart

the service.

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7034

Description = The Intel® Matrix Storage Event Monitor service terminated unexpectedly.

It has done this 1 time(s).

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7034

Description = The iPod Service service terminated unexpectedly. It has done this

1 time(s).

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7031

Description = The SymSnapService service terminated unexpectedly. It has done this

1 time(s). The following corrective action will be taken in 60000 milliseconds:

Restart the service.

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7034

Description = The WAN Miniport (ATW) Service service terminated unexpectedly. It

has done this 1 time(s).

Error - 2/7/2012 8:07:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7034

Description = The dlcc_device service terminated unexpectedly. It has done this

1 time(s).

Error - 2/7/2012 8:08:46 PM | Computer Name = JAM1 | Source = Service Control Manager | ID = 7032

Description = The Service Control Manager tried to take a corrective action (Restart

the service) after the unexpected termination of the SymSnapService service, but

this action failed with the following error: %%1056

< End of report >

Maurice Naggar · February 8, 2012

Hello CAE,

Look at my prior response http://forums.malwar...ndpost&p=524598

Did you run Fixpolicies?

Did you run OTH as outlined?

I need the 2 logs from OTL the OTL.txt and Extras.txt

and if you can find Checkup.txt that would be good too

I will not need any DDS logs.

Do NOT do any websurfing at all. Just only go to this forum and just the sites I guide you too.

Your Flash Player is out-dated & poses a security risk. Thus absolutely no websurfing.

Your Java is also out-of-date & I think your Firefox as well. We can cover those a bit later. For now, I need the OTL reports and advise me as to your anti-virus program.

caewe12 · February 8, 2012

Yes, I did everything you requested in your first response yesterday but didn't let Security Check run long enough. I re-ran everything tonight but didn't get a new OTL.extras log. I am sending the one from yesterday. Sorry I sent the wrong logs. No websurfing but I did have to reboot the computer as I could not open Internet Explorer and my desktop file at the same time with OTH. I have McAfee but Windows says it is turned off. The firewall is on. I also have Malwarebytes but it hasn't been scanning like it used to. Thank you for your help. CAE

OTL.txt log

OTL logfile created on: 2/8/2012 5:47:12 PM - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Ekenbarger's\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 80.77% Memory free

3.09 Gb Paging File | 2.85 Gb Available in Paging File | 92.07% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 145.58 Gb Total Space | 103.01 Gb Free Space | 70.76% Space Free | Partition Type: NTFS

Drive D: | 1.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive F: | 465.76 Gb Total Space | 412.81 Gb Free Space | 88.63% Space Free | Partition Type: NTFS

Computer Name: JAM1 | User Name: Ekenbarger's | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/07 19:06:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ekenbarger's\Desktop\OTL.scr

PRC - [2012/02/07 19:06:23 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ekenbarger's\Desktop\OTH.scr

PRC - [2008/01/19 20:01:08 | 004,388,192 | -H-- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe

PRC - [2007/12/20 17:13:46 | 001,553,896 | -H-- | M] (Symantec) -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

========== Modules (No Company Name) ==========

MOD - [2005/06/21 15:22:06 | 000,483,328 | -H-- | M] () -- C:\WINDOWS\system32\dlcclmpm.dll

MOD - [2005/06/06 10:58:38 | 000,065,536 | -H-- | M] () -- C:\WINDOWS\system32\dlcccfg.dll

MOD - [2005/04/01 11:44:16 | 000,061,440 | -H-- | M] () -- C:\Program Files\Dell Photo AIO Printer 924\dlcccnv4.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus®

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2010/01/15 07:49:20 | 000,227,232 | -H-- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2008/01/19 20:01:08 | 004,388,192 | -H-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)

SRV - [2007/12/20 17:13:46 | 001,553,896 | -H-- | M] (Symantec) [On_Demand | Running] -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService)

SRV - [2007/09/12 18:27:24 | 002,999,664 | -H-- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)

SRV - [2006/10/23 07:50:35 | 000,046,640 | RH-- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)

SRV - [2005/06/21 15:19:38 | 000,491,520 | -H-- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\dlcccoms.exe -- (dlcc_device)

SRV - [2005/04/25 08:49:52 | 000,086,142 | -H-- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®

SRV - [2003/08/27 10:29:46 | 000,065,536 | -H-- | M] (America Online, Inc.) [Auto | Stopped] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)

========== Driver Services (SafeList) ==========

DRV - [2009/11/04 16:54:12 | 000,040,552 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)

DRV - [2009/11/04 16:53:40 | 000,034,248 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)

DRV - [2008/04/13 13:56:49 | 000,012,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)

DRV - [2008/01/19 20:12:42 | 000,128,104 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)

DRV - [2008/01/19 19:45:40 | 000,038,112 | -H-- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v2imount.sys -- (v2imount)

DRV - [2008/01/19 19:40:16 | 000,015,088 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)

DRV - [2007/12/20 17:13:54 | 000,136,416 | -H-- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap)

DRV - [2007/04/16 12:28:02 | 000,194,362 | -H-- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)

DRV - [2006/01/26 12:21:04 | 000,034,686 | -H-- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)

DRV - [2006/01/10 11:07:58 | 000,004,864 | -H-- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)

DRV - [2005/04/15 02:14:58 | 001,130,496 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2004/11/02 15:12:14 | 000,019,456 | -H-- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)

DRV - [2004/08/04 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\RDPCDD.sy@ -- (RDPCDD)

DRV - [2004/06/16 03:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)

DRV - [2004/06/09 17:16:00 | 000,840,960 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)

DRV - [2004/03/24 10:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)

DRV - [2004/03/06 04:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)

DRV - [2004/03/06 04:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)

DRV - [2004/03/06 04:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)

DRV - [2003/09/22 13:48:00 | 000,130,192 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2003/09/22 13:47:00 | 000,178,672 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2003/09/19 14:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2003/03/05 18:19:00 | 000,015,840 | -H-- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)

DRV - [2003/01/10 16:13:04 | 000,033,588 | -H-- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - [2002/11/08 19:45:06 | 000,017,217 | -H-- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)

DRV - [1999/09/27 10:48:42 | 000,034,916 | -H-- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "WinZipBar Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "WinZipBar Customized Web Search"

FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3106777&SearchSource=13"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3

FF - prefs.js..extensions.enabledItems: toolbar@shopathome.com:5.2.0.0

FF - prefs.js..extensions.enabledItems: {37153479-1976-43c3-a1ee-557513977b64}:3.5.1.1

FF - prefs.js..extensions.enabledItems: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37}:3.8.1.0

FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=CDxdm003YYus&ptb=CF74B0F9-D5D0-4EC8-AC35-8A70571C102D&ind=2011081120&ptnrS=CDxdm003YYus&si=CK2Cs7C9yKoCFaUZQgodWFpFyg&n=77dea9a0&psa=&st=kwd&searchfor="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/30 16:21:41 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/26 18:23:55 | 000,000,000 | -H-D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/26 18:28:55 | 000,000,000 | -H-D | M]

[2008/12/18 23:18:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Extensions

[2011/12/26 17:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\extensions

[2010/06/10 15:38:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/08/11 19:00:55 | 000,000,000 | ---D | M] (Coupons.com Community Toolbar) -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}

[2011/12/26 15:55:10 | 000,000,000 | ---D | M] (WinZipBar Community Toolbar) -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}

[2011/09/03 08:54:55 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\extensions\toolbar@shopathome.com

[2011/12/16 19:41:06 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\searchplugins\conduit.xml

[2011/10/18 15:04:36 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\searchplugins\CouponAlert_2p.xml

[2011/10/18 15:04:37 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/02/15 18:10:28 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/06/30 16:21:41 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2010/01/08 09:39:45 | 000,000,000 | -H-D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/07/13 16:52:56 | 000,091,552 | -H-- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll

[2011/02/02 21:40:24 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/07/13 16:52:58 | 000,091,552 | -H-- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2012/02/06 20:19:02 | 000,441,060 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 15164 more lines...

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll File not found

O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DLCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()

O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()

O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1178326658\ee\aolsoftware.exe (America Online, Inc.)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)

O4 - HKLM..\Run: [selectRebates] C:\Program Files\SelectRebates\SelectRebates.exe ()

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [wgjpPXjtqGl.exe] C:\Documents and Settings\All Users\Application Data\wgjpPXjtqGl.exe File not found

O4 - HKCU..\Run: [bomgar Support Reconnect [1297805904]] "C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4D5AF24F\bomgar-scc.exe" -nomulti File not found

O4 - HKCU..\Run: [internet Security] C:\Documents and Settings\All Users\Application Data\isecurity.exe File not found

O4 - HKCU..\Run: [spybotSD TeaTimer] F:\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1

O8 - Extra context menu item: &Search - http://tbedits.couponalert.com/one-toolbaredits/menusearch.jhtml?s=100000487&p=CDxdm003YYus&si=CK2Cs7C9yKoCFaUZQgodWFpFyg&a=CF74B0F9-D5D0-4EC8-AC35-8A70571C102D&n=2011081120 File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKCU\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www6.iepdirect.com/ScriptX_6_5/smsx.cab (MeadCo ScriptX)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212869638656 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://e-talk1.whps.org/dwa7W.cab (Domino Web Access 7 Control)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{830D72BE-6132-4A2A-B8DD-7BC8B69A920B}: DhcpNameServer = 192.168.2.1 68.105.28.11 68.105.29.11 68.105.28.12

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Ekenbarger's\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ekenbarger's\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\gebBSLDU) - File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{33803d90-0df6-11df-977a-00038a000015}\Shell\AutoRun\command - "" = I:\PMB_Portable.exe

O33 - MountPoints2\{c9f521f1-80d6-11dd-ae4d-0015966fac46}\Shell\AutoRun\command - "" = H:\PMB_Portable.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O35 - HKCU\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/07 19:06:38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ekenbarger's\Desktop\OTL.scr

[2012/02/07 19:06:22 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ekenbarger's\Desktop\OTH.scr

[2012/02/07 19:03:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ekenbarger's\Desktop\FixPolicies

[2012/02/07 17:33:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ekenbarger's\Start Menu\Programs\Administrative Tools

[2012/02/07 17:24:08 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Ekenbarger's\Desktop\dds.scr

[2012/02/06 20:34:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ekenbarger's\Recent

[2012/02/06 19:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy

[2012/02/06 19:40:35 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Ekenbarger's\Desktop\spybotsd162.exe

[2012/02/06 19:29:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/02/06 14:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ekenbarger's\Start Menu\Programs\System Check

[2012/01/11 19:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ekenbarger's\Desktop\pics

[2012/01/11 19:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ekenbarger's\Desktop\Cheryl's

[2012/01/11 09:32:02 | 000,021,504 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll

[2005/09/16 00:27:14 | 000,065,536 | -H-- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\Documents and Settings\Ekenbarger's\Desktop\*.tmp files -> C:\Documents and Settings\Ekenbarger's\Desktop\*.tmp -> ]

[14 C:\Documents and Settings\Ekenbarger's\My Documents\*.tmp files -> C:\Documents and Settings\Ekenbarger's\My Documents\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/08 17:43:04 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1946173170-350803515-410004273-1006.job

[2012/02/08 17:43:03 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1946173170-350803515-410004273-1006.job

[2012/02/08 17:15:01 | 000,000,886 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012/02/08 16:24:21 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{873B1363-0F14-410A-AFDF-0559EB90EA7E}.job

[2012/02/08 16:15:01 | 000,000,882 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012/02/08 14:54:01 | 000,000,868 | -H-- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2012/02/07 19:22:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/02/07 19:22:05 | 2682,425,344 | -HS- | M] () -- C:\hiberfil.sys

[2012/02/07 19:14:21 | 000,879,683 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Desktop\SecurityCheck.exe

[2012/02/07 19:06:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ekenbarger's\Desktop\OTL.scr

[2012/02/07 19:06:23 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ekenbarger's\Desktop\OTH.scr

[2012/02/07 19:01:31 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Desktop\FixPolicies.exe

[2012/02/07 17:24:09 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Ekenbarger's\Desktop\dds.scr

[2012/02/07 17:12:06 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Desktop\oo9mvqzj.exe

[2012/02/07 16:56:39 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Desktop\Shortcut (2) to Cheryl's.lnk

[2012/02/07 16:47:51 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Shortcut to Desktop.lnk

[2012/02/06 21:23:09 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Desktop\Shortcut to Cheryl's.lnk

[2012/02/06 20:19:02 | 000,441,060 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2012/02/06 19:42:27 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Desktop\Spybot - Search & Destroy.lnk

[2012/02/06 19:42:27 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2012/02/06 19:39:14 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Ekenbarger's\Desktop\spybotsd162.exe

[2012/02/06 18:35:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/02/06 14:52:57 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\Ekenbarger's\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk

[2012/02/04 22:17:01 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012/01/11 09:30:44 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\Documents and Settings\Ekenbarger's\Desktop\*.tmp files -> C:\Documents and Settings\Ekenbarger's\Desktop\*.tmp -> ]

[14 C:\Documents and Settings\Ekenbarger's\My Documents\*.tmp files -> C:\Documents and Settings\Ekenbarger's\My Documents\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/07 19:14:17 | 000,879,683 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Desktop\SecurityCheck.exe

[2012/02/07 19:01:30 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Desktop\FixPolicies.exe

[2012/02/07 17:12:05 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Desktop\oo9mvqzj.exe

[2012/02/07 16:56:39 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Desktop\Shortcut (2) to Cheryl's.lnk

[2012/02/07 16:47:51 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Shortcut to Desktop.lnk

[2012/02/07 06:12:36 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Start Menu\Programs\Internet Explorer (2).lnk

[2012/02/06 21:23:09 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Desktop\Shortcut to Cheryl's.lnk

[2012/02/06 21:19:19 | 2682,425,344 | -HS- | C] () -- C:\hiberfil.sys

[2012/02/06 19:41:39 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Desktop\Spybot - Search & Destroy.lnk

[2012/02/06 19:41:39 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2012/02/06 18:27:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/02/06 14:52:57 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk

[2011/05/21 09:05:16 | 000,709,456 | -H-- | C] () -- C:\WINDOWS\is-JCNJV.exe

[2011/05/17 19:09:15 | 000,013,884 | -HS- | C] () -- C:\Documents and Settings\Ekenbarger's\Local Settings\Application Data\3m68k04uhh2v0qs0ndbrt8fyr74347y1k

[2011/05/17 19:09:15 | 000,013,884 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3m68k04uhh2v0qs0ndbrt8fyr74347y1k

[2011/05/06 14:29:52 | 000,023,624 | -H-- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2011/03/13 09:09:42 | 000,638,976 | -H-- | C] () -- C:\WINDOWS\System32\dlccpmui.dll

[2011/03/13 09:09:42 | 000,106,496 | -H-- | C] () -- C:\WINDOWS\System32\dlccinsr.dll

[2011/03/13 09:09:41 | 000,372,736 | -H-- | C] () -- C:\WINDOWS\System32\dlccih.exe

[2011/03/13 09:09:41 | 000,155,648 | -H-- | C] () -- C:\WINDOWS\System32\dlccins.dll

[2011/03/13 09:09:41 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlccvs.dll

[2011/03/13 09:09:40 | 000,413,696 | -H-- | C] () -- C:\WINDOWS\System32\dlcccomm.dll

[2011/03/13 09:09:40 | 000,368,640 | -H-- | C] () -- C:\WINDOWS\System32\dlcccfg.exe

[2011/03/13 09:09:40 | 000,114,688 | -H-- | C] () -- C:\WINDOWS\System32\dlccpplc.dll

[2011/03/13 09:09:39 | 001,134,592 | -H-- | C] () -- C:\WINDOWS\System32\dlccusb1.dll

[2011/03/13 09:09:39 | 000,770,048 | -H-- | C] () -- C:\WINDOWS\System32\dlcchbn3.dll

[2011/03/13 09:09:39 | 000,483,328 | -H-- | C] () -- C:\WINDOWS\System32\dlcclmpm.dll

[2011/03/13 09:09:38 | 000,704,512 | -H-- | C] () -- C:\WINDOWS\System32\dlcccomc.dll

[2011/03/13 09:09:38 | 000,491,520 | -H-- | C] () -- C:\WINDOWS\System32\dlcccoms.exe

[2011/03/13 09:09:38 | 000,155,648 | -H-- | C] () -- C:\WINDOWS\System32\dlccprox.dll

[2011/03/13 09:09:37 | 001,183,744 | -H-- | C] () -- C:\WINDOWS\System32\dlccserv.dll

[2011/03/13 09:09:36 | 000,036,864 | -H-- | C] () -- C:\WINDOWS\System32\dlcccur.dll

[2011/03/13 09:09:35 | 000,430,080 | -H-- | C] () -- C:\WINDOWS\System32\dlccutil.dll

[2011/03/13 09:09:35 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\dlcccu.dll

[2011/03/13 09:09:32 | 000,176,128 | -H-- | C] () -- C:\WINDOWS\System32\dlccinsb.dll

[2011/03/13 09:09:32 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\dlcccub.dll

[2011/03/13 09:09:31 | 000,131,072 | -H-- | C] () -- C:\WINDOWS\System32\dlccjswr.dll

[2011/03/13 09:09:25 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\dlcccfg.dll

[2011/02/17 18:00:30 | 000,034,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamcatchme.sys

[2010/05/11 06:24:12 | 000,000,222 | -H-- | C] () -- C:\WINDOWS\System32\SunData.ini

[2010/05/11 06:22:51 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\TTL3Util.ini

[2010/05/11 06:22:37 | 000,000,288 | -H-- | C] () -- C:\WINDOWS\TTL3.ini

[2010/01/07 20:19:32 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys

[2008/12/17 20:03:46 | 000,073,984 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2008/10/17 08:26:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\FoneSync.INI

[2008/09/13 18:00:52 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/07/02 13:55:05 | 000,000,234 | -H-- | C] () -- C:\WINDOWS\TFF32.ini

[2007/10/13 10:41:53 | 000,101,824 | -H-- | C] () -- C:\Program Files\MC

[2007/08/22 22:41:51 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2007/05/28 14:39:51 | 000,010,240 | -H-- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2007/05/28 14:29:32 | 000,000,584 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat

[2007/04/14 10:55:37 | 000,000,107 | -H-- | C] () -- C:\WINDOWS\wpd99.drv

[2007/04/14 10:55:17 | 000,118,784 | -H-- | C] () -- C:\WINDOWS\System32\pdfmona.dll

[2007/04/08 19:50:42 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini

[2006/11/25 18:38:40 | 000,001,827 | -H-- | C] () -- C:\WINDOWS\cdPlayer.ini

[2006/10/01 19:24:21 | 000,000,037 | -H-- | C] () -- C:\WINDOWS\Viewer.ini

[2006/05/21 09:25:51 | 000,000,024 | -H-- | C] () -- C:\WINDOWS\qfnonl.ini

[2006/05/21 08:02:13 | 000,000,696 | -H-- | C] () -- C:\WINDOWS\QUICKEN.INI

[2006/05/21 08:02:12 | 000,000,185 | -H-- | C] () -- C:\WINDOWS\intuprof.ini

[2006/05/21 08:02:10 | 000,006,838 | -H-- | C] () -- C:\WINDOWS\ICOADB32.DAT

[2005/11/03 15:34:18 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI

[2005/10/05 18:40:34 | 000,001,786 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2005/10/05 18:40:34 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\86307A10A8.sys

[2005/09/21 07:41:46 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Local Settings\Application Data\fusioncache.dat

[2005/09/20 19:12:22 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Application Data\PFP120JPR.{PB

[2005/09/20 19:12:22 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Ekenbarger's\Application Data\PFP120JCM.{PB

[2005/09/16 00:58:59 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini

[2005/09/16 00:50:31 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat

[2005/09/16 00:46:43 | 001,048,576 | -H-- | C] () -- C:\WINDOWS\System32\SFMAN.DAT

[2005/09/16 00:46:43 | 000,000,231 | -H-- | C] () -- C:\WINDOWS\AC3API.INI

[2005/09/16 00:46:34 | 000,003,278 | -H-- | C] () -- C:\WINDOWS\System32\LudaP17.ini

[2005/09/16 00:46:34 | 000,000,029 | -H-- | C] () -- C:\WINDOWS\System32\ctzapxx.ini

[2005/09/16 00:46:29 | 000,000,072 | -H-- | C] () -- C:\WINDOWS\SBWIN.INI

[2005/09/16 00:27:14 | 000,060,928 | -H-- | C] () -- C:\WINDOWS\System32\P17.dll

[2005/09/16 00:27:14 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\System32\P17CPI.dll

[2005/09/16 00:27:04 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe

[2005/09/16 00:27:00 | 000,087,540 | -H-- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2005/09/16 00:26:34 | 000,000,394 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/01/28 08:08:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/10 13:12:05 | 000,000,780 | -H-- | C] () -- C:\WINDOWS\orun32.ini

[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004/08/10 13:02:15 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004/08/10 13:01:18 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2004/08/10 12:57:52 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/08/10 12:57:15 | 000,351,384 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2004/08/10 12:51:21 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/10 12:51:20 | 000,442,466 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/08/10 12:51:20 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/10 12:51:20 | 000,071,732 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/08/10 12:51:20 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/10 12:51:18 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat

[2004/08/10 12:51:17 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin

[2004/08/10 12:51:16 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat

[2004/08/10 12:51:12 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/10 12:51:11 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/10 12:51:05 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/10 12:50:56 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin

========== LOP Check ==========

[2009/06/24 20:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Logs

[2011/02/03 14:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts

[2011/12/26 15:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2008/01/05 19:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster

[2007/04/14 10:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995

[2008/12/19 21:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard

[2009/06/24 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPORE

[2008/12/20 00:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!

[2007/03/11 23:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2011/12/26 15:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipEC

[2011/12/26 18:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/10/04 08:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/06/04 14:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2011/12/26 12:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\ElevatedDiagnostics

[2011/04/10 12:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\gtk-2.0

[2007/01/29 18:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\Leadertech

[2011/07/31 17:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\Nikon

[2007/05/13 06:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\SmartDraw

[2010/06/16 17:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\SPORE

[2007/03/11 23:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ekenbarger's\Application Data\Viewpoint

[2012/02/08 16:24:21 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{873B1363-0F14-410A-AFDF-0559EB90EA7E}.job

========== Purity Check ==========

< End of report >

OTL Extras log