OTL logfile created on: 11/29/2009 9:20:11 AM - Run 1 OTL by OldTimer - Version 3.1.11.2 Folder = C:\Documents and Settings\Jesse\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 767.01 Mb Total Physical Memory | 272.16 Mb Available Physical Memory | 35.48% Memory free 1.46 Gb Paging File | 0.97 Gb Available in Paging File | 66.68% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.26 Gb Total Space | 19.56 Gb Free Space | 52.51% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 1.86 Gb Total Space | 0.69 Gb Free Space | 37.31% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MANRIQUEZ Current User Name: Jesse Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009/11/29 09:19:04 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jesse\Desktop\OTL.exe PRC - [2009/11/24 15:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009/08/28 13:38:10 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2009/08/28 13:37:56 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2009/08/28 13:37:42 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/03/21 12:34:47 | 00,655,360 | ---- | M] () -- C:\Program Files\Imation\USB_ImationFlashDetect.exe PRC - [2009/01/30 13:52:48 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/07/07 09:42:06 | 02,156,368 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2003/12/22 08:38:42 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe PRC - [2003/09/16 05:19:24 | 00,237,568 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2003/08/04 17:28:18 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe PRC - [2001/08/17 14:36:42 | 00,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe ========== Modules (SafeList) ========== MOD - [2009/11/29 09:19:04 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jesse\Desktop\OTL.exe MOD - [2006/08/25 07:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009/08/28 13:37:42 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/01/30 13:52:48 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService) SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2004/01/04 23:27:32 | 00,065,795 | ---- | M] (HP) -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12) SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2009/11/24 15:50:59 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009/11/24 15:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/24 15:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/24 15:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/24 15:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/11/24 15:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL) DRV - [2009/08/28 13:38:10 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009/08/28 13:38:09 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2009/08/25 13:09:02 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/01/08 17:00:54 | 00,016,640 | ---- | M] (Wondershare) -- C:\WINDOWS\system32\drivers\DsAudioDevice_282.sys -- (DsAudioDevice_282) DRV - [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2004/10/07 17:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2004/08/03 22:08:21 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004/08/03 21:29:54 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004/01/04 23:27:34 | 00,021,488 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2004/01/04 23:27:34 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2004/01/04 23:27:32 | 00,051,056 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\hpzid412.sys -- (HPZid412) DRV - [2001/08/18 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2001/08/17 05:28:02 | 00,907,456 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT) DRV - [2001/08/17 04:50:26 | 00,731,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4.sys -- (nv4) DRV - [2001/08/17 04:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM) DRV - [2001/08/17 04:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM) DRV - [2001/08/17 04:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM) DRV - [2001/08/17 04:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk) DRV - [2001/08/17 04:11:06 | 00,066,591 | ---- | M] (3Com Corporation) -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/27 21:22:38 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/27 21:22:19 | 00,000,000 | ---D | M] [2009/11/27 21:22:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jesse\Application Data\Mozilla\Extensions [2009/11/29 08:59:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jesse\Application Data\Mozilla\Firefox\Profiles\pkg28de4.default\extensions [2009/11/27 21:22:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions O1 HOSTS File: (250319 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 208.43.47.212 a1.review.zdnet.com O1 - Hosts: 208.43.47.212 reviews.riverstreams.co.uk O1 - Hosts: 208.43.47.212 d1.reviews.cnet.com O1 - Hosts: 208.43.47.212 review.2009softwarereviews.com O1 - Hosts: 208.43.47.212 reviews.download.com O1 - Hosts: 208.43.47.212 reviews.pcadvisor.co.uk O1 - Hosts: 208.43.47.212 reviews.pcmag.com O1 - Hosts: 208.43.47.212 reviews.pcpro.co.uk O1 - Hosts: 208.43.47.212 reviews.techradar.com O1 - Hosts: 208.43.47.212 toptenreviews.com O1 - Hosts: 208.43.47.212 www.reevoo.com O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 8722 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online. ) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online. ) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online. ) O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DXDllRegExe] File not found O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.) O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found O4 - HKCU..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe File not found O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\Jesse\Start Menu\Programs\Startup\Imation_Flash_Detect.lnk = C:\Program Files\Imation\USB_ImationFlashDetect.exe () O4 - Startup: C:\Documents and Settings\Jesse\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies) O4 - Startup: C:\Documents and Settings\Jesse\Start Menu\Programs\Startup\PowerReg Scheduler.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 41 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: 40 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommo...20Installer.cab (Support.com Configuration Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1170687395223 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/02/04 11:05:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2009/11/29 09:19:04 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jesse\Desktop\OTL.exe [2009/11/29 08:59:07 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Jesse\Desktop\RootRepeal.exe [2009/11/29 08:53:29 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Jesse\Desktop\ATF-Cleaner.exe [2009/11/29 08:51:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009/11/29 08:51:16 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT [2009/11/29 08:50:34 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Jesse\Desktop\erunt-setup.exe [2009/11/29 08:23:50 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009/11/29 08:23:49 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009/11/29 08:23:48 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009/11/29 08:23:42 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009/11/29 08:23:41 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009/11/29 08:23:41 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009/11/29 08:23:41 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009/11/29 08:23:41 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009/11/29 08:23:12 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009/11/29 08:23:04 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2009/11/28 21:13:23 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Jesse\IECompatCache [2009/11/28 20:36:55 | 01,839,984 | ---- | C] (Trend Micro) -- C:\Documents and Settings\Jesse\Desktop\HousecallLauncher(2).exe [2009/11/28 18:32:27 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/11/28 18:32:25 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/11/28 18:32:25 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/11/28 17:52:21 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2009/11/28 17:52:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2009/11/27 22:29:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009/11/27 21:22:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jesse\Local Settings\Application Data\Mozilla [2009/11/27 21:22:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jesse\Application Data\Mozilla [2009/11/27 21:22:15 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/11/27 17:20:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jesse\Application Data\Malwarebytes [2009/11/27 17:19:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/11/25 21:45:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jesse\Local Settings\Application Data\edbmnv [2009/11/17 13:33:13 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Jesse\PrivacIE [2009/11/17 13:30:08 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Jesse\IETldCache [2009/11/17 13:26:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009/11/17 13:25:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009/11/17 13:19:30 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009/11/17 13:19:30 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009/11/17 13:19:28 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009/11/17 13:19:23 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009/11/13 16:40:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2009/11/13 16:40:44 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild [2009/11/13 16:40:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2009/11/13 16:40:31 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2009/11/13 16:39:44 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2009/11/13 16:39:44 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2009/11/13 16:39:43 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2009/11/13 16:39:43 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2009/11/13 16:39:43 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2009/11/13 16:39:43 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2009/11/13 16:39:42 | 00,000,000 | ---D | C] -- C:\d22a9cc1ee80b925221080 [2009/11/13 16:34:59 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0 [2009/11/09 19:54:27 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009/11/09 19:54:03 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector [2009/11/09 19:47:48 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2009/11/09 19:46:35 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2009/11/09 19:46:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2009/11/09 19:42:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft [2009/11/07 19:32:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jesse\Application Data\Gradekeeper [2009/11/07 19:30:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\Gradekeeper [2009/11/07 19:30:19 | 00,000,000 | ---D | C] -- C:\Program Files\Gradekeeper [2009/10/30 18:52:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jesse\Application Data\DriverCure [2009/10/30 18:52:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2009/10/30 18:52:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2009/11/29 09:19:21 | 00,843,187 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\SecurityCheck.exe [2009/11/29 09:19:04 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jesse\Desktop\OTL.exe [2009/11/29 08:59:32 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Jesse\Desktop\RootRepeal.exe [2009/11/29 08:58:26 | 00,464,491 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\RootRepeal.zip [2009/11/29 08:55:27 | 00,047,616 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\Win32kDiag.exe [2009/11/29 08:53:29 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Jesse\Desktop\ATF-Cleaner.exe [2009/11/29 08:51:29 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\NTREGOPT.lnk [2009/11/29 08:51:29 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\ERUNT.lnk [2009/11/29 08:50:35 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Jesse\Desktop\erunt-setup.exe [2009/11/29 08:47:50 | 06,029,312 | -H-- | M] () -- C:\Documents and Settings\Jesse\NTUSER.DAT [2009/11/29 08:30:34 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\tdlcmd.dll [2009/11/29 08:28:07 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/11/29 08:25:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/11/29 08:25:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/11/29 08:25:23 | 80,433,9712 | -HS- | M] () -- C:\hiberfil.sys [2009/11/29 08:24:28 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Jesse\ntuser.ini [2009/11/29 08:23:51 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk [2009/11/29 08:23:41 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009/11/29 08:22:42 | 45,898,635 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/11/29 08:22:42 | 00,106,123 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/11/28 22:38:38 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Jesse\defogger_reenable [2009/11/28 22:26:00 | 00,292,352 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\23hvrpq3.exe [2009/11/28 22:25:46 | 00,524,800 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\dds.scr [2009/11/28 22:25:24 | 00,050,621 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\Defogger.exe [2009/11/28 20:36:50 | 01,839,984 | ---- | M] (Trend Micro) -- C:\Documents and Settings\Jesse\Desktop\HousecallLauncher(2).exe [2009/11/28 19:57:34 | 00,000,803 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\Internet Explorer.lnk [2009/11/28 18:32:31 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/28 18:00:14 | 00,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job [2009/11/28 17:59:57 | 00,250,319 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/11/28 17:52:37 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\Spybot - Search & Destroy.lnk [2009/11/28 17:47:04 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\settings.dat [2009/11/28 08:01:28 | 00,000,737 | ---- | M] () -- C:\WINDOWS\win.ini [2009/11/28 08:01:28 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/11/28 08:01:28 | 00,000,211 | RHS- | M] () -- C:\boot.ini [2009/11/28 08:00:19 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\housecall.guid.cache [2009/11/27 22:39:25 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009/11/27 21:22:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009/11/27 21:22:23 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/11/27 15:04:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009/11/25 13:58:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2009/11/24 15:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009/11/24 15:51:09 | 00,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009/11/24 15:50:59 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009/11/24 15:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009/11/24 15:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009/11/24 15:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009/11/24 15:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009/11/24 15:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009/11/24 15:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009/11/18 12:37:18 | 00,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/11/18 12:37:18 | 00,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/11/18 12:37:17 | 00,522,560 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/11/15 20:00:47 | 00,016,384 | ---- | M] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/11/13 17:04:23 | 00,020,688 | ---- | M] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/11/13 17:00:46 | 00,123,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/11/07 19:30:23 | 00,001,596 | ---- | M] () -- C:\Documents and Settings\Jesse\Desktop\Gradekeeper.lnk [2009/11/06 22:16:28 | 06,921,474 | -H-- | M] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\IconCache.db [2009/11/02 19:38:28 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\Jesse\My Documents\Jesus Manrique1.doc(rhet. precis).doc [2009/10/30 18:52:26 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2009/11/29 09:19:21 | 00,843,187 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\SecurityCheck.exe [2009/11/29 08:58:29 | 00,464,491 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\RootRepeal.zip [2009/11/29 08:55:31 | 00,047,616 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\Win32kDiag.exe [2009/11/29 08:51:29 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\NTREGOPT.lnk [2009/11/29 08:51:29 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\ERUNT.lnk [2009/11/29 08:23:51 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk [2009/11/29 08:23:12 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx [2009/11/29 08:22:16 | 00,024,064 | ---- | C] () -- C:\WINDOWS\System32\tdlcmd.dll [2009/11/28 22:39:37 | 00,292,352 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\23hvrpq3.exe [2009/11/28 22:39:29 | 00,524,800 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\dds.scr [2009/11/28 22:38:38 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Jesse\defogger_reenable [2009/11/28 22:38:11 | 00,050,621 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\Defogger.exe [2009/11/28 19:57:34 | 00,000,803 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\Internet Explorer.lnk [2009/11/28 18:32:31 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/28 17:52:37 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\Spybot - Search & Destroy.lnk [2009/11/28 17:47:04 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\settings.dat [2009/11/28 08:00:19 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\housecall.guid.cache [2009/11/27 21:22:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/11/27 21:22:23 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/11/27 17:38:47 | 80,433,9712 | -HS- | C] () -- C:\hiberfil.sys [2009/11/07 19:30:23 | 00,001,596 | ---- | C] () -- C:\Documents and Settings\Jesse\Desktop\Gradekeeper.lnk [2009/11/01 22:39:11 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\Jesse\My Documents\Jesus Manrique1.doc(rhet. precis).doc [2009/10/30 18:52:34 | 00,000,442 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job [2009/10/30 18:52:25 | 00,000,416 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job [2009/08/29 18:41:12 | 00,002,552 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI [2009/02/21 12:01:27 | 00,000,147 | ---- | C] () -- C:\WINDOWS\Disney's Magic Artist.INI [2009/01/24 10:59:00 | 00,000,088 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI [2009/01/17 16:37:15 | 00,000,217 | ---- | C] () -- C:\WINDOWS\QTW.INI [2009/01/17 16:36:35 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll [2009/01/17 15:58:52 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat [2009/01/17 15:50:03 | 00,001,135 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2009/01/15 19:30:36 | 00,016,384 | ---- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/02/05 09:38:45 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004/01/04 23:27:36 | 00,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2009/11/17 13:32:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar [2009/10/30 19:03:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure [2009/10/30 18:52:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2009/09/23 13:51:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/05/16 01:01:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/10/30 18:52:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jesse\Application Data\DriverCure [2009/11/07 19:52:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jesse\Application Data\Gradekeeper [2009/03/14 07:01:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech [2009/11/28 18:00:14 | 00,000,442 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job [2009/10/30 18:52:26 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job ========== Purity Check ========== < End of report > OTL Extras logfile created on: 11/29/2009 9:20:11 AM - Run 1 OTL by OldTimer - Version 3.1.11.2 Folder = C:\Documents and Settings\Jesse\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 767.01 Mb Total Physical Memory | 272.16 Mb Available Physical Memory | 35.48% Memory free 1.46 Gb Paging File | 0.97 Gb Available in Paging File | 66.68% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.26 Gb Total Space | 19.56 Gb Free Space | 52.51% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 1.86 Gb Total Space | 0.69 Gb Free Space | 37.31% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MANRIQUEZ Current User Name: Jesse Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "9051:UDP" = 9051:UDP:LocalSubNet:Enabled:Verizon Tech Wizard ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5 "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan "{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan "{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1 "{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0 "{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal "{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3EE9EB18-62AD-4F68-AD11-2DF358CBDCA2}" = RollerCoaster Tycoon "{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe