Jump to content

superhawk

Honorary Members
 View Profile  See their activity

  • Posts

    28

  • Joined

  • Last visited

 Content Type 

Everything posted by superhawk

  1. superhawk
    I did as you asked (deleted UTorrent), and then followed your directions for the scan (copy and paste) however, the scan stopped and the following 'bubble' appeared: MBAMService terminated unexpectedly: see Event Log for details. But the computer was frozen (locked up). Everything on the desktop disappeared except the desktop background picture, the OTL screen and MBAM message. I re-booted and tried again with the same results. What am I doing wrong? Jay
  2. superhawk
    Thank you, Maniac, for your assistance. The following are what you've requested. I really do appreciate this. Let me know what else I can do. Jay (Superhawk) Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.04.07.11 Windows XP Service Pack 2 x86 NTFS Internet Explorer 7.0.5730.11 Owner :: COMPUTER [administrator] Protection: Enabled 4/7/2012 11:40:36 PM mbam-log-2012-04-07 (23-40-36).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 182377 Time elapsed: 7 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) OTL logfile created on: 4/8/2012 8:47:14 AM - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Owner\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1015.48 Mb Total Physical Memory | 253.74 Mb Available Physical Memory | 24.99% Memory free 2.38 Gb Paging File | 1.47 Gb Available in Paging File | 61.64% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 143.88 Gb Total Space | 65.86 Gb Free Space | 45.77% Space Free | Partition Type: NTFS Drive D: | 5.16 Gb Total Space | 1.79 Gb Free Space | 34.77% Space Free | Partition Type: FAT32 Drive F: | 27.94 Gb Total Space | 14.15 Gb Free Space | 50.65% Space Free | Partition Type: FAT32 Drive G: | 233.75 Gb Total Space | 202.90 Gb Free Space | 86.80% Space Free | Partition Type: NTFS Computer Name: COMPUTER | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/04/07 23:37:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe PRC - [2012/04/04 18:16:29 | 000,742,264 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe PRC - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe PRC - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe PRC - [2011/12/01 06:11:06 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\VERIZONDM\bin\sprtcmd.exe PRC - [2011/10/19 18:13:46 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/12/02 11:30:46 | 001,095,336 | ---- | M] (Auslogics) -- C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe PRC - [2007/06/21 14:06:28 | 001,318,912 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/05/11 06:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe PRC - [2007/03/12 13:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007/03/12 13:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006/11/07 17:34:26 | 000,053,248 | ---- | M] (Chicony) -- C:\WINDOWS\ModPS2Key.exe PRC - [2006/11/07 17:08:40 | 000,547,840 | ---- | M] () -- C:\WINDOWS\zHotkey.exe PRC - [2006/09/01 11:13:52 | 000,487,424 | ---- | M] () -- C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\ZDWlan.exe PRC - [2003/12/25 19:53:08 | 000,270,336 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\GA311.exe ========== Modules (No Company Name) ========== MOD - [2012/04/08 02:33:14 | 001,755,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12040800\algo.dll MOD - [2012/04/07 13:07:21 | 001,755,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12040701\algo.dll MOD - [2012/04/05 04:28:44 | 001,754,112 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12040500\algo.dll MOD - [2011/10/19 18:58:04 | 001,003,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\60c3690533633d00ad58c252233af648\System.Configuration.ni.dll MOD - [2011/10/19 18:57:53 | 000,237,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\4322b7a091e842659855f3d776049198\CustomMarshalers.ni.dll MOD - [2011/10/19 18:56:17 | 005,623,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\9a1588049400c5d2e5adca628948fb18\System.Xml.ni.dll MOD - [2011/10/19 18:54:57 | 008,130,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\68a2426bea6c6e516ed0729f0fa586cd\System.ni.dll MOD - [2011/10/19 18:54:31 | 011,304,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3da75e6fa6243633469098ff1e30120a\mscorlib.ni.dll MOD - [2011/10/19 18:53:20 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2011/10/19 18:53:14 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll MOD - [2011/10/19 18:53:12 | 000,068,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2010/12/02 11:31:10 | 000,348,328 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics BoostSpeed\madExcept_.bpl MOD - [2010/12/02 11:31:10 | 000,182,440 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics BoostSpeed\madBasic_.bpl MOD - [2010/12/02 11:31:10 | 000,048,808 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl MOD - [2007/01/13 06:01:28 | 000,475,136 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll MOD - [2007/01/13 06:01:28 | 000,397,312 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll MOD - [2006/11/07 17:08:40 | 000,547,840 | ---- | M] () -- C:\WINDOWS\zHotkey.exe MOD - [2006/09/01 11:13:52 | 000,487,424 | ---- | M] () -- C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\ZDWlan.exe MOD - [2006/09/01 11:13:44 | 000,045,056 | ---- | M] () -- C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\ZDWlan.dll MOD - [2006/05/08 13:06:26 | 000,212,992 | ---- | M] () -- C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\dot1x_dll.dll MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- F:\WinRAR\RarExt.dll MOD - [2004/08/04 15:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2003/12/25 19:53:08 | 000,270,336 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\GA311.exe MOD - [2003/12/25 19:53:08 | 000,049,152 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\Rtl8169LibC.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012/03/28 19:31:20 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter) SRV - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm) SRV - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm) SRV - [2011/10/19 18:13:46 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL) SRV - [2007/08/29 17:58:47 | 000,181,800 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\mbr.sys -- (mbr) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012/03/06 19:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/03/06 19:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/03/06 19:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012/03/06 19:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/03/06 19:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012/03/06 19:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012/03/06 18:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010/07/15 20:45:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2008/08/12 00:08:32 | 000,157,568 | R--- | M] (ViXS Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xcbda.sys -- (xcbdaNtsc) ASUS PHC3-100 (NTSC) DRV - [2007/04/23 20:12:28 | 004,402,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/02/27 12:39:26 | 000,032,256 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2006/10/10 13:53:48 | 000,005,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2006/08/24 13:44:14 | 000,477,696 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) DRV - [2006/02/27 07:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006/02/16 17:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2005/09/23 20:26:40 | 001,094,751 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/06/08 18:44:20 | 000,020,608 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BRGSp50.sys -- (BRGSp50) DRV - [2004/10/25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C) DRV - [2003/12/25 19:53:10 | 000,011,237 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\diag69xp.sys -- (Diag69xp) DRV - [2003/12/25 19:53:10 | 000,008,440 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LANPkt.sys -- (LANPkt) DRV - [2001/08/17 08:10:58 | 000,069,692 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el575ND5.sys -- (el575nd5) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKLM\..\SearchScopes,DefaultScope = {DC6A1391-C464-47F9-89A6-8204B5926FEE} IE - HKLM\..\SearchScopes\{DC6A1391-C464-47F9-89A6-8204B5926FEE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650 IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.yahoo.com/ IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\..\SearchScopes,DefaultScope = {BC4AF00B-4E70-406E-84C4-6311F39303B2} IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\..\SearchScopes\{BC4AF00B-4E70-406E-84C4-6311F39303B2}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\..\SearchScopes\{DC6A1391-C464-47F9-89A6-8204B5926FEE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GWYE IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "http://www.btsearch.name/" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/18 10:06:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/05 09:23:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/18 19:50:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/05 09:23:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/01/05 16:27:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/10/21 10:12:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions [2012/04/03 23:39:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\91ytp5be.default\extensions [2012/02/16 20:09:50 | 000,000,000 | ---D | M] (Click&Clean) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\91ytp5be.default\extensions\clickclean@hotcleaner.com [2012/03/25 22:57:55 | 000,000,000 | ---D | M] ("Torrent") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\91ytp5be.default\extensions\MFToolbar@skywebsearch.com [2012/03/18 19:50:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91YTP5BE.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91YTP5BE.DEFAULT\EXTENSIONS\{792BDDFE-2E7C-42ED-B18D-18154D2761BD}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91YTP5BE.DEFAULT\EXTENSIONS\{B347DFB4-AC21-11DD-9016-B77D55D89593}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91YTP5BE.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91YTP5BE.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91YTP5BE.DEFAULT\EXTENSIONS\TOGGLEPRIVATEBROWSING@SUPERNOVA00.BIZ.XPI [2012/03/05 09:23:34 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2012/03/18 19:50:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/11/21 14:01:00 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\BAE.dll (Gateway Inc.) O3 - HKLM\..\Toolbar: (Show Xmlbar Toolbar) - {6B896ADB-4A82-46e2-858C-13134782CE34} - C:\Program Files\Xmlbar\56 Downloader\IEBar\xbietb.dll (Xmlbar.com) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [ModPS2] C:\WINDOWS\ModPS2Key.exe (Chicony) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [showWnd] C:\WINDOWS\ShowWnd.exe () O4 - HKLM..\Run: [VERIZONDM] C:\Program Files\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk = C:\Program Files\NETGEAR GA311 Adapter\GA311.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\ZDWlan.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3282513949-1523809867-2825289854-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O8 - Extra context menu item: &Xmlbar Search - http://www.xmlbar.com/iebar/iemenu.php?lang=English&ver=1.0 File not found O9 - Extra Button: Run 56Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files\Xmlbar\56 Downloader\56Downloader(xmlbar).exe (Xmlbar.com, Inc.) O9 - Extra 'Tools' menuitem : 56 Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files\Xmlbar\56 Downloader\56Downloader(xmlbar).exe (Xmlbar.com, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79FA29D3-2724-4F82-866D-7B62D3F3C634}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/05/06 20:38:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2004/09/13 11:15:24 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ] O33 - MountPoints2\{63de94e0-fbec-11e0-83e4-806d6172696f}\Shell\AutoRun\command - "" = F:\Info.exe folder.htt 480 480 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/04/07 23:37:46 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe [2012/04/04 18:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2012/04/04 14:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\SupportSoft [2012/04/04 14:29:06 | 000,000,000 | ---D | C] -- C:\Program Files\VERIZONDM [2012/04/04 14:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft [2012/04/04 14:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft [2012/04/04 14:21:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2012/04/04 11:55:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Verizon [2012/04/04 11:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TechWizard [2012/04/03 23:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2012/04/03 23:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware [2012/04/03 23:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com [2012/04/03 23:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012/04/03 23:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2012/03/28 19:23:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos [2012/03/26 16:53:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes [2012/03/26 16:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/03/26 16:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012/03/26 16:52:56 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/03/26 16:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/03/25 23:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\1-Click YouTube Downloader [2012/03/25 23:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\1-Click YouTube Downloader [2012/03/25 01:22:13 | 000,000,000 | ---D | C] -- C:\YouTubeVideos [2012/03/23 11:38:24 | 000,000,000 | ---D | C] -- C:\downloads [2012/03/23 11:33:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\56 Downloader(xmlbar) [2012/03/23 11:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Xmlbar [2012/03/12 01:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\.minecraft [2012/01/14 21:22:39 | 000,048,128 | ---- | C] (DBS GmbH, Bremen-Germany) -- C:\Program Files\WNDTLS32.DLL [2012/01/14 21:22:38 | 000,605,184 | ---- | C] (DFL Software, Inc.) -- C:\Program Files\LLI32.DLL [2012/01/14 21:22:38 | 000,238,080 | ---- | C] (DBS GmbH) -- C:\Program Files\TX4OLE.OCX [2012/01/14 21:22:38 | 000,173,568 | ---- | C] (DFL Software, Inc.) -- C:\Program Files\LLO32.DLL [2012/01/14 21:22:38 | 000,066,560 | ---- | C] (DBS GmbH) -- C:\Program Files\TXTLS32.DLL [2011/10/20 14:45:33 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/04/08 08:13:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/04/07 23:37:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe [2012/04/05 12:04:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012/04/05 12:04:48 | 000,117,248 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/04/05 11:57:42 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\Owner\default.pls [2012/04/04 11:55:42 | 000,000,260 | ---- | M] () -- C:\WINDOWS\System32\cmdVBS.vbs [2012/04/04 11:55:42 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\MSIevent.bat [2012/04/04 11:55:29 | 000,001,946 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vz In-Home Agent.lnk [2012/04/04 11:54:54 | 000,002,015 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FiOS Information.lnk [2012/04/04 11:54:53 | 000,002,044 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Install Verizon Media Manager.lnk [2012/04/04 00:01:22 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job [2012/04/03 23:59:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/04/03 23:59:47 | 1064,882,176 | -HS- | M] () -- C:\hiberfil.sys [2012/04/03 23:58:13 | 000,001,756 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\SUPERAntiSpyware Professional.lnk [2012/03/27 17:45:48 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/03/25 23:16:00 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\1-Click YouTube Downloader.lnk [2012/03/23 11:48:08 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\vso_ts_preview.xml [2012/03/23 11:35:02 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\56 Downloader.lnk [2012/03/18 15:43:05 | 000,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/03/18 15:43:05 | 000,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/03/18 10:06:25 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012/03/18 09:52:52 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/04/04 11:55:42 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\cmdVBS.vbs [2012/04/04 11:55:42 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\MSIevent.bat [2012/04/04 11:55:29 | 000,001,946 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vz In-Home Agent.lnk [2012/04/04 11:54:54 | 000,002,015 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FiOS Information.lnk [2012/04/04 11:54:53 | 000,002,044 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Install Verizon Media Manager.lnk [2012/04/03 23:58:13 | 000,001,756 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\SUPERAntiSpyware Professional.lnk [2012/03/28 19:31:21 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/03/27 17:45:48 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/03/25 23:16:00 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\1-Click YouTube Downloader.lnk [2012/03/23 11:35:02 | 000,000,882 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\56 Downloader.lnk [2012/01/14 21:22:40 | 000,244,984 | ---- | C] () -- C:\Program Files\TUTIL32.DLL [2012/01/14 21:22:38 | 000,314,880 | ---- | C] () -- C:\Program Files\TX32.DLL [2011/11/20 23:00:26 | 000,002,528 | ---- | C] () -- C:\WINDOWS\FCIC.INI [2011/10/29 23:40:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe [2011/10/29 23:40:37 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2011/10/29 23:40:37 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2011/10/25 08:56:41 | 000,017,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\CCDECODE.sys [2011/10/25 08:54:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2011/10/21 10:51:23 | 000,117,248 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/21 10:12:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/10/21 09:36:31 | 000,000,070 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2011/10/21 09:02:38 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011/10/20 18:24:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011/10/20 15:00:40 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\vso_ts_preview.xml [2011/10/20 14:45:33 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\inst.exe [2011/10/20 14:45:33 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat [2011/10/20 14:45:33 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf [2011/10/20 12:20:38 | 000,716,470 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate [2011/10/19 18:26:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011/10/19 18:24:01 | 000,547,840 | ---- | C] () -- C:\WINDOWS\zHotkey.exe [2011/10/19 18:24:01 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll [2011/10/19 18:24:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe [2011/10/19 18:24:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll [2011/10/19 18:23:35 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll [2011/10/19 17:53:14 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT [2011/10/19 15:09:24 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2011/10/19 15:09:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2011/10/19 15:09:09 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2011/10/19 15:09:08 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2011/10/19 15:09:04 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2011/10/19 15:08:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2011/10/19 15:08:53 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2011/10/19 15:08:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2011/10/19 15:08:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2011/10/19 15:07:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2011/10/19 15:06:27 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2010/07/15 20:45:44 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll ========== LOP Check ========== [2011/10/30 18:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/11/20 23:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FirstClass [2012/04/04 14:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft [2012/04/08 08:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/11/05 11:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk [2011/10/21 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent [2011/10/19 18:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} [2011/10/25 08:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B7A015B7-4802-4678-8CEC-700380BA9AFD} [2011/10/19 18:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView [2012/03/12 02:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.minecraft [2012/03/23 11:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\56 Downloader(xmlbar) [2011/11/27 11:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Application Updater [2012/03/26 20:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Auslogics [2012/03/05 09:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DDMSettings [2012/01/15 01:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DeepBurner [2011/10/21 10:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FUJIFILM [2011/10/19 18:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView [2012/04/04 11:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TechWizard [2011/10/31 15:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird [2012/04/08 08:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent [2012/03/23 11:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso [2012/04/04 00:01:22 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B < End of report > OTL Extras logfile created on: 4/8/2012 8:47:14 AM - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Owner\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1015.48 Mb Total Physical Memory | 253.74 Mb Available Physical Memory | 24.99% Memory free 2.38 Gb Paging File | 1.47 Gb Available in Paging File | 61.64% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 143.88 Gb Total Space | 65.86 Gb Free Space | 45.77% Space Free | Partition Type: NTFS Drive D: | 5.16 Gb Total Space | 1.79 Gb Free Space | 34.77% Space Free | Partition Type: FAT32 Drive F: | 27.94 Gb Total Space | 14.15 Gb Free Space | 50.65% Space Free | Partition Type: FAT32 Drive G: | 233.75 Gb Total Space | 202.90 Gb Free Space | 86.80% Space Free | Partition Type: NTFS Computer Name: COMPUTER | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-3282513949-1523809867-2825289854-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "9051:UDP" = 9051:UDP:LocalSubNet:Enabled:FiOS Tech Wizard "50000:UDP" = 50000:UDP:*:Enabled:IHA_MessageCenter ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Disabled:Nero Home -- (Nero AG) "C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation) "G:\Program Files\uTorrent\uTorrent.exe" = G:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\VSO\VSO Downloader\2\VsoDownloader.exe" = C:\Program Files\VSO\VSO Downloader\2\VsoDownloader.exe:*:Enabled:VSO Downloader -- (VSO Software) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}" = Vz In Home Agent "{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0 "{43FFE159-3199-4188-A1CD-629166AD1033}" = Nero 7 Ultra Edition "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{581CE7EA-A30D-0000-1211-088635773309}" = IOGEAR 802.11 b+g Utility "{5B35C417-2649-11D6-83D1-0050FC01225C}" = FirstClass® Client "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.9.347 "{DB70FB55-1515-4C75-95C8-FFBD5FE041F8}_is1" = VSO Downloader 2.5.1.2 "{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Gigabit Adapter "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5DAFD10-6E61-49BF-B3C5-5AA9AF3A0863}" = Verizon Download Manager "{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver "1-Click YouTube Downloader_is1" = 1-Click YouTube Downloader 6.0 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Active@ Data CD/DVD Burner v 2.0" = Active@ Data CD/DVD Burner v 2.0 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem "avast" = avast! Free Antivirus "DivX Setup" = DivX Setup "HDMI" = Intel® Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Smart Wizard Utility "IrfanView" = IrfanView (remove only) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "MozBackup" = MozBackup 1.5.1 "Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US) "Mozilla Thunderbird 11.0.1 (x86 en-US)" = Mozilla Thunderbird 11.0.1 (x86 en-US) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.11 "WildTangent emachines Master Uninstall" = eMachines Games "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinPcapInst" = WinPcap 4.1.2 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xmlbar 56Downloader" = 56 Downloader(xmlbar)(remove only) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 1/17/2012 10:19:25 AM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application showtime.exe, version 3.5.5.1, faulting module showtime.exe, version 3.5.5.1, fault address 0x000a2e3c. Error - 1/30/2012 10:20:40 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application formsmaker.exe, version 7.0.0.0, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b. Error - 1/30/2012 10:21:00 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application formsmaker.exe, version 7.0.0.0, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b. Error - 2/8/2012 3:36:03 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application i_view32.exe, version 4.3.0.0, faulting module video.dll, version 4.3.0.0, fault address 0x0000267f. Error - 2/8/2012 3:38:00 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application i_view32.exe, version 4.3.0.0, faulting module video.dll, version 4.3.0.0, fault address 0x00003083. Error - 2/22/2012 5:35:50 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application formsmaker.exe, version 7.0.0.0, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b. Error - 2/22/2012 5:36:01 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application formsmaker.exe, version 7.0.0.0, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b. Error - 2/29/2012 4:23:08 PM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application showtime.exe, version 3.5.5.1, faulting module nevideo.ax, version 4.9.4.1, fault address 0x000738d0. Error - 3/2/2012 11:08:13 AM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application showtime.exe, version 3.5.5.1, faulting module nevideo.ax, version 4.9.4.1, fault address 0x000738d0. Error - 3/8/2012 10:07:22 AM | Computer Name = COMPUTER | Source = Application Error | ID = 1000 Description = Faulting application nero.exe, version 7.8.5.0, faulting module msvcp71.dll, version 7.10.3077.0, fault address 0x0003040d. [ System Events ] Error - 11/14/2011 8:34:24 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/14/2011 8:34:24 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/21/2011 2:49:49 AM | Computer Name = COMPUTER | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.0.11 for the Network Card with network address E091F5A0276A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). < End of report >
  3. superhawk
    I have 'Malwarebytes', 'Avast', and 'SUPER Anti-Spyware', and yet I now have 'btsearch.name' insisting on being my Mozilla homepage. I also have 'Malwarebytes' constantly popping up with another 'incoming' or 'outgoing' site that is only numbers. I would really appreciate any help you can offer. Thanks, Jdds.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.