DougH

I had posted these reports back early in the thread and THEY did make it to the desktop, Never the less, Here they are again. I may have downloaded that twice trying to get a "program" for lack of a better word to the desk top. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2 Run by at 14:44:06 on 2012-12-19 . ============== Running Processes ================ . c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\msfeedssync.exe C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\spider.exe C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Apple Software Update\SoftwareUpdate.exe C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k netsvcs . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.facebook.com/?ref=hp uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://register.hp.com/servlet/WebReg.servlets.ProdReg1Servlet?appID=java_wreg_wreg_genpg&PURCH_DT_MONTH=05&PURCH_DT_DAY=09&PURCH_DT_YEAR=2006&product_name=&PROD_SERIAL_ID=&gwCountry=US&language=EN&prodOS= uProxyOverride = localhost BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a mRun: [Reminder] c:\windows\creator\Remind_XP.exe mRun: [RecGuard] c:\windows\sminst\RecGuard.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE mRun: [Logitech Utility] Logi_MwX.Exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{9A6A80FD-0F58-4843-B72C-9977A81D7CA8} : DHCPNameServer = 192.168.1.254 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R? Application Updater;Application Updater R? SkypeUpdate;Skype Updater R? WinDefend;Windows Defender S? MpFilter;Microsoft Malware Protection Driver . =============== Created Last 30 ================ . 2012-12-19 14:41:10 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c1978e95-89f5-49c5-92ba-4e9d138298a0}\mpengine.dll 2012-12-17 20:34:04 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-12-16 19:20:15 -------- d-sh--w- \RECYCLER 2012-12-15 20:19:58 -------- d-sha-r- C:\cmdcons 2012-12-15 20:19:58 -------- d-sha-r- \cmdcons 2012-12-15 20:17:14 98816 ----a-w- c:\windows\sed.exe 2012-12-15 20:17:14 256000 ----a-w- c:\windows\PEV.exe 2012-12-15 20:17:14 208896 ----a-w- c:\windows\MBR.exe 2012-12-15 20:16:36 -------- d---a-w- \Qoobox 2012-12-15 04:30:23 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2012-12-15 00:46:57 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-12-15 00:46:57 214256 ----a-w- c:\windows\system32\muweb.dll 2012-12-15 00:46:57 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-12-14 21:31:41 -------- d-----w- c:\program files\Microsoft Security Client 2012-12-14 08:14:19 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2fa7de67-2618-491a-b20f-546e12f5dd78}\mpengine.dll 2012-12-13 23:26:29 -------- d-----w- c:\program files\trend micro 2012-12-13 23:26:22 -------- d-----w- \rsit 2012-12-13 21:11:24 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-12-13 21:11:22 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-12-13 21:11:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-12-13 02:43:08 -------- d-----w- c:\program files\NT Registry Optimizer . ==================== Find3M ==================== . 2012-12-13 21:10:49 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-11-06 00:41:17 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll 2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll 2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-30 01:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 . CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process. device: opened successfully user: error reading MBR . Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver 1 ntkrnlpa!IofCallDriver[0x804EE180] -> \Device\Harddisk0\DR0[0x8235D9C0] 3 CLASSPNP[0xF84D5FD7] -> ntkrnlpa!IofCallDriver[0x804EE180] -> \Device\00000085[0x823D1280] 5 ACPI[0xF834C620] -> ntkrnlpa!IofCallDriver[0x804EE180] -> \Device\Ide\IAAStorageDevice-0[0x82390030] kernel: MBR read successfully _asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x7a; } user != kernel MBR !!! . ============= FINISH: 14:46:10.35 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 7/21/2006 12:01:32 AM System Uptime: 12/18/2012 8:23:47 AM (30 hours ago) . Motherboard: Hewlett-Packard | | 30A8 Processor: Intel® Celeron® M CPU 410 @ 1.46GHz | U1 | 1463/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 29 GiB total, 2.608 GiB free. D: is FIXED (FAT32) - 8 GiB total, 1.123 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () H: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1145: 11/2/2012 2:01:26 AM - Software Distribution Service 3.0 RP1146: 11/3/2012 2:42:02 AM - System Checkpoint RP1147: 11/4/2012 2:38:29 AM - System Checkpoint RP1148: 11/5/2012 3:21:03 AM - System Checkpoint RP1149: 11/6/2012 1:50:19 AM - Software Distribution Service 3.0 RP1150: 11/7/2012 3:12:36 AM - System Checkpoint RP1151: 11/8/2012 4:12:02 AM - System Checkpoint RP1152: 11/9/2012 1:48:31 AM - Software Distribution Service 3.0 RP1153: 11/10/2012 6:08:41 AM - System Checkpoint RP1154: 11/11/2012 6:56:07 AM - System Checkpoint RP1155: 11/12/2012 7:37:38 AM - System Checkpoint RP1156: 11/13/2012 1:50:06 AM - Software Distribution Service 3.0 RP1157: 11/14/2012 3:01:25 AM - System Checkpoint RP1158: 11/14/2012 11:33:37 PM - Software Distribution Service 3.0 RP1159: 11/15/2012 5:23:41 AM - Software Distribution Service 3.0 RP1160: 11/16/2012 2:15:59 AM - Software Distribution Service 3.0 RP1161: 11/17/2012 11:02:30 AM - System Checkpoint RP1162: 11/18/2012 11:54:22 AM - System Checkpoint RP1163: 11/19/2012 12:39:18 PM - System Checkpoint RP1164: 11/20/2012 11:45:09 AM - Software Distribution Service 3.0 RP1165: 11/21/2012 4:04:57 PM - System Checkpoint RP1166: 11/22/2012 5:44:21 PM - System Checkpoint RP1167: 11/23/2012 6:42:36 AM - Software Distribution Service 3.0 RP1168: 11/24/2012 9:44:02 AM - System Checkpoint RP1169: 11/25/2012 11:00:35 AM - System Checkpoint RP1170: 11/26/2012 1:32:18 PM - System Checkpoint RP1171: 11/27/2012 2:15:32 AM - Software Distribution Service 3.0 RP1172: 11/28/2012 3:03:56 AM - System Checkpoint RP1173: 11/29/2012 10:29:21 AM - System Checkpoint RP1174: 11/30/2012 1:49:36 AM - Software Distribution Service 3.0 RP1175: 12/1/2012 3:30:03 AM - System Checkpoint RP1176: 12/2/2012 4:05:46 AM - System Checkpoint RP1177: 12/3/2012 4:15:36 AM - System Checkpoint RP1178: 12/4/2012 10:01:08 AM - Software Distribution Service 3.0 RP1179: 12/4/2012 12:29:09 PM - Installed QuickTime RP1180: 12/6/2012 1:39:37 AM - System Checkpoint RP1181: 12/7/2012 1:48:37 AM - Software Distribution Service 3.0 RP1182: 12/8/2012 2:03:03 AM - System Checkpoint RP1183: 12/9/2012 2:51:46 AM - System Checkpoint RP1184: 12/10/2012 4:53:36 AM - System Checkpoint RP1185: 12/11/2012 1:48:51 AM - Software Distribution Service 3.0 RP1186: 12/12/2012 4:19:30 AM - System Checkpoint RP1187: 12/12/2012 6:07:58 PM - Software Distribution Service 3.0 RP1188: 12/13/2012 3:10:40 PM - Installed Java 7 Update 9 RP1189: 12/14/2012 2:13:29 AM - Software Distribution Service 3.0 RP1190: 12/14/2012 3:48:46 PM - Software Distribution Service 3.0 RP1191: 12/14/2012 10:23:45 PM - Software Distribution Service 3.0 RP1192: 12/15/2012 3:39:38 PM - Software Distribution Service 3.0 RP1193: 12/16/2012 1:53:10 AM - Software Distribution Service 3.0 RP1194: 12/17/2012 4:48:38 AM - System Checkpoint RP1195: 12/17/2012 2:33:37 PM - Software Distribution Service 3.0 RP1196: 12/18/2012 2:47:41 PM - System Checkpoint RP1197: 12/19/2012 8:40:59 AM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . ALLDATA for Windows Apple Application Support Apple Software Update BufferChm CCleaner Click to Call with Skype Conexant HD Audio CP_AtenaShokunin1Config CP_CalendarTemplates1 cp_LightScribeConfig cp_OnlineProjectsConfig CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config cp_PosterPrintConfig cp_UpdateProjectsConfig CueTour Customer Experience Enhancement Destinations DeviceManagementQFolder ERUNT 1.1j Free Easy Burner V 4.0 FullDPAppQFolder Google Chrome HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP DVD Play 2.1 HP Game Console and games HP Help and Support HP Imaging Device Functions 6.0 HP Photosmart Premier Software 6.0 HP Rhapsody HP Update HP User Guides--System Recovery HP User Guides 0019 HP Wireless Assistant 2.00 E1 HpSdpAppCoreApp InstantShareDevices Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers Java 7 Update 9 Java Auto Updater Lernout & Hauspie TruVoice American English TTS Engine Lexmark Toolbar LightScribe 1.4.74.1 LimeWire 5.5.10 Locked Programs Logitech Desktop Messenger Logitech MouseWare 9.79 Logitech QuickCam Logitech QuickCam Driver Package Logitech Resource Center Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money 2006 Microsoft National Language Support Downlevel APIs Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Security Client Microsoft Security Essentials Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Web Publishing Wizard 1.52 Microsoft Works MobileMe Control Panel Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Netscape Browser (remove only) NTREGOPT 1.1j Office 2003 Trial Assistant OptionalContentQFolder PhotoGallery PowerISO PrintMaster Quicken 2005 Quicken Family Lawyer 2001 QuickTime RandMap Safari Search Settings v1.2.3 Security Update for CAPICOM (KB931906) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2753842) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Serif DrawPlus 3.0 SkinsHP1 Skype™ 5.10 SmartAudio Sonic Audio Module Sonic Copy Module Sonic Data Module Sonic Express Labeler Sonic MyDVD Plus Sonic Update Manager Sonic_PrimoSDK Sprint SmartView swMSM Synaptics Pointing Device Driver Texas Instruments PCIxx21/x515/xx12 drivers. The Plain-Language Law Dictionary TIPCI TourSetup Unload Update for Windows Internet Explorer 8 (KB973874) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB982664) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB942763) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP WildTangent Web Driver Windows Defender Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinRAR archiver Wireless Home Network Setup . ==== Event Viewer Messages From Past Week ======== . 12/16/2012 2:23:31 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 12/16/2012 2:23:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde PCIIde Pcmcia ViaIde 12/15/2012 2:16:14 PM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================

Here is an attachment. A screenshot of the dll that keeps popping up dll.bmp

I will have to take a screen shot of it and attach I guess. It is a prompt that pops up every once and a while. Will do that next time it comes up.

It seems to be working about like it has been, so it's OK. if we can get that DLL:start thing to go away I say we call it a success. You think maybe I should try a reload of IE? maybe then the HP update manager can do what it wants to do and if not then i can hit the HP website and see if i can solve that issue there.

Chrome is what I have set as default, and that is what I use almost exclusively. Sometimes firefox. yes I am able to download EXE files now. I do still have that DLL:start thing that keeps popping up though. I don't know where it is at, and don't know how to make it stop. I haven't been on the internet since you asked me not to, I will go play MW now and see.

It seems all these items you tell me to download need to go to the desktop, but I don't seem to get that option. I do have some on the desk to though. Sorry I'm not that computer savvy The up date manager I was referring to is HP update manager I believe. I do have windows updates, and i am able to get those and download them regularly. I think that is reflected in the logs we have saved. Farbar Service Scanner Version: 10-12-2012 Ran by Curtis Lumpkin (administrator) on 18-12-2012 at 11:48:44 Running from "C:\Documents and Settings\Curtis Lumpkin\My Documents\Downloads" Microsoft Windows XP Service Pack 3 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== Security Center: ============ File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit C:\WINDOWS\system32\netman.dll => MD5 is legit C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit C:\WINDOWS\system32\wscsvc.dll => MD5 is legit C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit Extra List: ======= Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) 0x0700000004000000010000000200000003000000050000000600000007000000 IpSec Tag value is correct. **** End of log ****

The update manager that I assume came with the computer, or so I think. it is a pop up balloon task bar icon that shows up from time to time. I tried to let it run after reading on here about things needing to update or there will be opportunity for malware and viruses to get in so I let it run which I stopped doing a long time ago because it wouldn't finish.

Ok I have it on the dessktop, and yes i have put everything including the quotations and then I tried it without the quotations.

I was not given any chance as to where I saves this. While I clicked to run it, I'm not sure it took. should I try to open and run it again?

When I try to run this: "%userprofile%\desktop\Inherit.exe" "c:\Program Files\Internet Explorer\iexplore.exe" It says it can't find it.

Also my Update manager can not update, and I don't believe it has in a long time. 2 years I suspect. It seems to need IE to do what it does, maybe that is why it won't update.

That Dll: Start check box continues to pop up several times a day. I'm not impressed with the RAM memory I have available. I ran a search and was not able to find:TDSSKiller.[Version]_[Date]_[Time]_log.txt. I have heard the term root directory before but I don't know how to get there. OTL logfile created on: 12/18/2012 8:46:07 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Curtis Lumpkin\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 502.05 Mb Total Physical Memory | 153.48 Mb Available Physical Memory | 30.57% Memory free 2.90 Gb Paging File | 2.49 Gb Available in Paging File | 85.99% Paging File free Paging file location(s): C:\pagefile.sys 2500 3000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.23 Gb Total Space | 2.68 Gb Free Space | 9.18% Space Free | Partition Type: NTFS Drive D: | 8.01 Gb Total Space | 1.12 Gb Free Space | 14.01% Space Free | Partition Type: FAT32 Computer Name: CURTIS | User Name: Curtis Lumpkin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/12/18 08:45:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Curtis Lumpkin\My Documents\Downloads\OTL.exe PRC - [2012/12/13 15:10:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/12/04 19:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012/06/06 16:50:51 | 000,066,864 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe PRC - [2009/11/08 21:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE PRC - [2009/03/08 03:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe PRC - [2008/08/14 16:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe PRC - [2008/08/14 16:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe PRC - [2008/08/14 16:11:14 | 000,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe PRC - [2008/07/26 07:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2008/07/26 07:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005/12/23 22:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe PRC - [2005/09/24 10:42:32 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe PRC - [2003/11/14 08:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE ========== Modules (No Company Name) ========== MOD - [2012/12/04 19:15:15 | 000,460,904 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll MOD - [2012/12/04 19:15:14 | 004,008,040 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012/12/04 19:14:21 | 000,157,304 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012/12/04 19:14:20 | 000,275,576 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012/12/04 19:14:19 | 002,168,952 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012/11/15 05:29:41 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_200e62fe\mscorlib.dll MOD - [2012/11/15 05:29:36 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_12031a39\system.drawing.dll MOD - [2012/11/15 05:29:15 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ea1d63d2\system.xml.dll MOD - [2012/11/15 05:28:58 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f2cd22e4\system.windows.forms.dll MOD - [2012/11/15 05:28:17 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_53e6b217\system.dll MOD - [2012/11/15 05:27:47 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll MOD - [2012/11/15 05:27:34 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll MOD - [2012/06/13 02:11:26 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll MOD - [2012/06/06 16:50:26 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll MOD - [2009/12/12 15:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2008/08/14 16:22:36 | 000,112,912 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.DLL MOD - [2008/08/14 16:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe MOD - [2008/08/14 16:13:30 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\LogiVOIPDevicePlugin.dll MOD - [2008/08/14 16:13:08 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless4001.dll MOD - [2008/08/14 16:13:08 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless.dll MOD - [2008/08/14 16:12:10 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll MOD - [2008/08/14 16:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe MOD - [2008/08/14 16:11:48 | 000,345,872 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\DevMngr.dll MOD - [2008/07/26 07:24:04 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LVCOMSER\LVCSPS.dll MOD - [2007/08/21 13:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll MOD - [2006/04/11 22:54:12 | 000,167,936 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\common\CLDataSync.dll MOD - [2006/03/27 10:23:30 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll MOD - [2006/03/27 10:23:30 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll MOD - [2006/03/27 10:23:20 | 001,044,480 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll MOD - [2006/03/27 10:23:18 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll MOD - [2006/03/27 10:23:16 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll MOD - [2006/03/27 10:23:16 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll MOD - [2006/03/27 10:23:16 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll MOD - [2006/03/27 10:23:12 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll MOD - [2006/03/27 10:23:12 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll MOD - [2006/03/27 10:23:12 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll MOD - [2006/03/27 10:23:12 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll MOD - [2006/03/27 10:23:12 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll MOD - [2006/03/27 10:23:12 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll MOD - [2006/03/27 10:23:12 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll MOD - [2006/03/27 10:23:12 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll MOD - [2006/03/27 10:23:12 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll MOD - [2006/03/27 10:23:12 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll MOD - [2006/03/27 10:23:12 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll MOD - [2006/03/27 10:23:12 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll MOD - [2006/03/27 10:23:12 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll MOD - [2006/03/27 10:23:12 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll MOD - [2006/03/27 10:23:12 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll MOD - [2006/03/27 10:23:10 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll MOD - [2006/03/27 10:23:10 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll MOD - [2006/03/27 10:23:10 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll MOD - [2006/03/27 10:23:10 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll MOD - [2006/03/27 10:23:10 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll MOD - [2006/03/27 10:23:10 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll MOD - [2006/03/27 10:23:10 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll MOD - [2006/03/27 10:23:10 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll MOD - [2006/03/27 10:23:10 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll MOD - [2006/03/27 10:07:36 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll MOD - [2006/03/27 10:05:20 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll MOD - [2005/12/23 22:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012/12/13 15:10:51 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/04/20 19:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2010/01/07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Disabled | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2008/10/15 12:02:34 | 000,111,872 | ---- | M] (PCTEL) [Disabled | Stopped] -- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe -- (SprintRcAppSvc) SRV - [2008/07/26 07:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008/07/26 07:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CURTIS~1\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2009/12/26 15:42:23 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2009/11/08 21:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2008/10/15 11:58:34 | 000,171,144 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWNC5E00.sys -- (SWNC5E00) DRV - [2008/10/15 11:58:34 | 000,149,512 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmx00.sys -- (swmx00) DRV - [2008/10/15 11:58:34 | 000,024,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt) DRV - [2008/10/15 11:58:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50) DRV - [2008/10/15 11:58:26 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI) DRV - [2008/10/15 11:58:18 | 000,038,680 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctnullport.sys -- (Nmea) DRV - [2008/10/15 11:56:10 | 000,032,408 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5) DRV - [2008/07/26 09:26:22 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008/07/26 09:22:34 | 002,570,520 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2008/07/26 07:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2006/04/18 05:29:06 | 000,569,856 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2006/03/02 05:03:32 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006/01/19 03:18:52 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2005/09/19 14:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2005/09/19 14:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005/09/19 14:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2005/08/22 09:07:00 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/08/22 09:06:16 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005/08/22 09:06:10 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2003/11/07 03:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2) DRV - [2003/11/07 03:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8'>http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=hp IE - HKCU\..\SearchScopes,DefaultScope = {59B52DB8-285B-47FE-8900-723980FDE25A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{4E9D7047-7CD1-494F-8A78-48E06B2042A8}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms} IE - HKCU\..\SearchScopes\{59B52DB8-285B-47FE-8900-723980FDE25A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPID_en IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..extensions.enabledAddons: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8153 FF - prefs.js..network.proxy.no_proxies_on: "localhost" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/04 12:34:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/04 12:34:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2012/12/04 12:34:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2012/12/04 12:34:58 | 000,000,000 | ---D | M] [2009/11/10 17:54:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Extensions [2009/09/27 01:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Extensions\mozswing@mozswing.org [2012/04/28 13:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Firefox\Profiles\poh7zzax.default\extensions [2012/04/28 13:55:03 | 000,000,000 | ---D | M] (MafiaBots.com Community Toolbar) -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Firefox\Profiles\poh7zzax.default\extensions\{9c562686-dfb1-4de4-9711-0fc7b065a54e} [2010/09/22 14:25:54 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Firefox\Profiles\poh7zzax.default\extensions\en-US@dictionaries.addons.mozilla.org [2012/04/28 13:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/08/28 10:36:20 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/04/20 19:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/04/20 19:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/04/20 19:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google Search = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Click Trap Remover = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gbjnnkbagjpofgaljnneciaeihcnogno\1.1.3_0\ CHR - Extension: Social Fixer = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ipjaijdkhejnbfpodmofannadgfokfnm\7.321_0\ CHR - Extension: MWAddon Chromium Client = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\llfmkjppmncfcgdebajkjnopgodlcaoe\1.42.2_0\ CHR - Extension: Spockholm Mafia Toolbar = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nkfaeghnhcdmgdjjnjggpgfhlefbfcpl\1.0.0_0\ CHR - Extension: Gmail = C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012/12/15 14:36:47 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe (SoftThinks) O4 - HKLM..\Run: [sprint SmartView] C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe (Sprint) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A6A80FD-0F58-4843-B72C-9977A81D7CA8}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/12/16 13:20:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/12/15 14:19:58 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012/12/15 14:17:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012/12/15 14:17:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012/12/15 14:17:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012/12/15 14:17:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012/12/15 14:16:36 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/12/15 14:09:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Sun [2012/12/14 22:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2012/12/14 22:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype [2012/12/14 22:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012/12/14 18:46:57 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2012/12/14 18:46:57 | 000,017,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2012/12/14 15:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012/12/13 21:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Curtis Lumpkin\Desktop\RK_Quarantine [2012/12/13 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2012/12/13 17:26:22 | 000,000,000 | ---D | C] -- C:\rsit [2012/12/13 17:19:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012/12/13 17:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT [2012/12/13 17:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2012/12/13 15:11:24 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012/12/13 15:11:22 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012/12/13 15:11:19 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012/12/13 15:11:10 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012/12/13 15:11:10 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012/12/13 15:11:09 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012/12/12 21:41:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Curtis Lumpkin\Start Menu\Programs\Administrative Tools [2012/12/12 20:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\NT Registry Optimizer [2012/12/12 20:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NT Registry Optimizer [2012/12/04 12:32:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime [2012/12/04 12:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2012/12/04 12:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2012/12/04 09:51:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Curtis Lumpkin\Recent [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/12/18 08:45:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2924791899-322899344-3724509738-1006UA.job [2012/12/18 08:44:20 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012/12/18 08:35:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D57521A4-1C33-4EC0-AF90-43E62C6753F8}.job [2012/12/18 08:34:43 | 000,000,313 | ---- | M] () -- C:\hpqp.ini [2012/12/18 08:34:38 | 000,000,039 | ---- | M] () -- C:\XP_TV.ini [2012/12/18 08:34:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/12/18 08:34:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile [2012/12/18 08:34:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/12/18 08:34:05 | 526,503,936 | -HS- | M] () -- C:\hiberfil.sys [2012/12/17 03:45:09 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2924791899-322899344-3724509738-1006Core.job [2012/12/15 14:41:15 | 000,380,918 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/12/15 14:41:15 | 000,053,166 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/12/15 14:36:47 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012/12/15 14:20:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012/12/14 22:26:26 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2012/12/14 15:33:08 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2012/12/13 22:01:29 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Shortcut to Win32kDiag.exe.lnk [2012/12/13 20:17:03 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\My Documents\spider.sav [2012/12/13 18:04:05 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Shortcut to erunt-setup.exe.lnk [2012/12/13 18:03:53 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Shortcut to RSIT.exe.lnk [2012/12/13 17:17:18 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\NTREGOPT.lnk [2012/12/13 17:17:18 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\ERUNT.lnk [2012/12/13 15:10:51 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012/12/13 15:10:49 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012/12/13 15:10:49 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012/12/13 15:10:49 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012/12/13 15:10:49 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012/12/13 15:10:49 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012/12/13 15:10:49 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012/12/12 20:46:08 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\ntuser.bak [2012/12/12 18:33:52 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/12 18:18:11 | 000,324,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/12/12 18:14:43 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/12/12 13:56:34 | 000,002,363 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/12/12 13:56:31 | 000,002,385 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Google Chrome.lnk [2012/12/12 13:51:24 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/12/04 12:32:33 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2012/11/24 07:30:33 | 000,000,486 | ---- | M] () -- C:\Documents and Settings\Curtis Lumpkin\My Documents\cc_20121124_073027.reg [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/12/15 14:20:05 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012/12/15 14:19:59 | 000,260,272 | RHS- | C] () -- C:\cmldr [2012/12/15 14:17:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012/12/15 14:17:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012/12/15 14:17:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012/12/15 14:17:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012/12/15 14:17:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012/12/14 22:26:26 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2012/12/14 15:42:29 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012/12/14 15:33:08 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif [2012/12/14 15:32:33 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/12/13 22:01:29 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Shortcut to Win32kDiag.exe.lnk [2012/12/13 18:04:05 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Shortcut to erunt-setup.exe.lnk [2012/12/13 18:03:53 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\Shortcut to RSIT.exe.lnk [2012/12/13 17:17:18 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\ERUNT.lnk [2012/12/12 20:43:09 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Desktop\NTREGOPT.lnk [2012/12/12 18:33:52 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/12 18:13:56 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012/12/04 12:32:32 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2012/12/04 12:25:22 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/12/04 12:24:13 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk [2012/11/24 07:30:32 | 000,000,486 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\My Documents\cc_20121124_073027.reg [2012/05/09 01:24:42 | 004,456,448 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\ntuser.bak [2012/02/15 19:52:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/11 21:56:09 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011/08/11 13:56:39 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2006/07/27 14:36:38 | 000,001,422 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Application Data\wklnhst.dat [2006/07/20 23:02:31 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\fusioncache.dat [2006/07/20 18:32:48 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/03/27 10:05:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2008/10/15 11:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5400 Series [2010/08/26 21:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications [2008/10/18 10:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund [2008/10/18 10:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software [2010/08/02 00:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure [2011/07/29 08:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO [2009/09/09 01:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings [2010/01/20 20:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprint [2006/07/20 18:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent [2009/12/24 19:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/06/23 13:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/11/28 03:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/09/09 12:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} [2008/10/15 12:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\5400 Series [2010/08/02 00:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\DriverCure [2010/08/02 19:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\FreeBurner [2012/04/14 20:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\go [2006/07/25 13:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Leadertech [2010/07/15 08:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\LimeWire [2009/09/09 03:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\MSNInstaller [2008/07/02 10:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Netscape [2010/07/02 00:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Search Settings [2010/01/20 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Sierra Wireless [2010/01/20 20:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Sprint [2010/09/04 15:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\TeamViewer [2008/10/15 12:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\Template [2006/07/20 18:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Curtis Lumpkin\Application Data\WildTangent ========== Purity Check ========== < End of report > OTL Extras logfile created on: 12/18/2012 8:46:07 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Curtis Lumpkin\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 502.05 Mb Total Physical Memory | 153.48 Mb Available Physical Memory | 30.57% Memory free 2.90 Gb Paging File | 2.49 Gb Available in Paging File | 85.99% Paging File free Paging file location(s): C:\pagefile.sys 2500 3000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.23 Gb Total Space | 2.68 Gb Free Space | 9.18% Space Free | Partition Type: NTFS Drive D: | 8.01 Gb Total Space | 1.12 Gb Free Space | 14.01% Space Free | Partition Type: FAT32 Computer Name: CURTIS | User Name: Curtis Lumpkin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\HP Rhapsody\rhapsody.exe" = C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody -- (RealNetworks, Inc.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC) "C:\Program Files\Sprint\Sprint SmartView\SwiApiMux.exe" = C:\Program Files\Sprint\Sprint SmartView\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.) "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module "{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup "{0FFD55FA-40CE-4B7F-9001-A06930C63FA2}" = Sprint SmartView "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar "{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement "{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2 "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1 "{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder "{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam "{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1 "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1 "{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant "{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig "{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1 "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79 "{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{73090A5A-E0C0-4E0B-A320-E183877061A5}" = ALLDATA for Windows "{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK "{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7F815C5F-D2A4-4173-B7C0-55A9D6F87E38}" = MobileMe Control Panel "{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig "{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client "{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour "{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = TourSetup "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A35C2323-3CEA-405C-9569-EF5DDE930B2F}" = PrintMaster "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module "{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}" = SmartAudio "{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari "{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module "{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype "{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig "{BC96BBA7-C634-460E-AD18-A0A994213F80}" = HP User Guides--System Recovery "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1 "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{E74E3D81-773B-4DCF-B706-50236F80BD81}" = HP User Guides 0019 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices "CCleaner" = CCleaner "CNXT_HDAUDIO" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_CPL30A5m" = HDAUDIO Soft Data Fax Modem with SmartCP "ERUNT_is1" = ERUNT 1.1j "Free Easy Burner_is1" = Free Easy Burner V 4.0 "HP Game Console" = HP Game Console and games "HP Imaging Device Functions" = HP Imaging Device Functions 6.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.0 "HP Rhapsody" = HP Rhapsody "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement "InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005 "InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LimeWire" = LimeWire 5.5.10 "Locked Programs" = Locked Programs "Logitech Resource Center" = Logitech Resource Center "lvdrivers_11.80" = Logitech QuickCam Driver Package "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft Security Client" = Microsoft Security Essentials "Money2006b" = Microsoft Money 2006 "Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Netscape Browser" = Netscape Browser (remove only) "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NTREGOPT_is1" = NTREGOPT 1.1j "PowerISO" = PowerISO "PROSet" = Intel® PRO Network Connections Drivers "Quicken Family Lawyer 2001" = Quicken Family Lawyer 2001 "Serif DrawPlus 3.0" = Serif DrawPlus 3.0 "SynTPDeinstKey" = Synaptics Pointing Device Driver "The Plain-Language Law Dictionary" = The Plain-Language Law Dictionary "tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine "WebPost" = Microsoft Web Publishing Wizard 1.52 "WildTangent CDA" = WildTangent Web Driver "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12/13/2012 4:10:32 PM | Computer Name = CURTIS | Source = Application Hang | ID = 1002 Description = Hanging application spider.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/13/2012 5:05:02 PM | Computer Name = CURTIS | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/13/2012 8:03:12 PM | Computer Name = CURTIS | Source = Application Hang | ID = 1002 Description = Hanging application RSIT.exe, version 3.3.6.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/13/2012 10:17:25 PM | Computer Name = CURTIS | Source = Application Hang | ID = 1002 Description = Hanging application RSIT.exe, version 3.3.6.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/14/2012 5:32:20 PM | Computer Name = CURTIS | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 12/14/2012 5:50:55 PM | Computer Name = CURTIS | Source = Microsoft Security Client | ID = 5000 Description = Error - 12/15/2012 4:06:53 PM | Computer Name = CURTIS | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 12/15/2012 10:46:47 PM | Computer Name = CURTIS | Source = MPSampleSubmission | ID = 5000 Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 1.1.9002.0, P3 1.141.1884.0, P4 1.141.1884.0, P5 00000555771e020f_cb29f38abf6d2528ef952a966aedb2adb7125d76, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL. Error - 12/16/2012 3:32:55 PM | Computer Name = CURTIS | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 12/16/2012 7:52:27 PM | Computer Name = CURTIS | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. [ System Events ] Error - 11/23/2012 8:34:08 AM | Computer Name = CURTIS | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 11/23/2012 8:34:08 AM | Computer Name = CURTIS | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe. Reference error message: The operation completed successfully. . Error - 11/29/2012 10:32:41 AM | Computer Name = CURTIS | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 11/29/2012 10:32:41 AM | Computer Name = CURTIS | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 11/29/2012 10:32:41 AM | Computer Name = CURTIS | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe. Reference error message: The operation completed successfully. . Error - 12/3/2012 8:22:42 PM | Computer Name = CURTIS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error - 12/3/2012 8:23:05 PM | Computer Name = CURTIS | Source = iaStor | ID = 262153 Description = The device, \Device\Ide\iaStor0, did not respond within the timeout period. Error - 12/15/2012 4:16:14 PM | Computer Name = CURTIS | Source = Service Control Manager | ID = 7034 Description = The Process Monitor service terminated unexpectedly. It has done this 1 time(s). Error - 12/16/2012 4:23:23 PM | Computer Name = CURTIS | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: AliIde PCIIde Pcmcia ViaIde Error - 12/16/2012 4:23:31 PM | Computer Name = CURTIS | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. < End of report > Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials `````````Anti-malware/Other Utilities Check:````````` Windows Defender Malwarebytes Anti-Malware version 1.65.1.1000 CCleaner Java 7 Update 9 Mozilla Firefox 12.0 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````

It reads all clear. No log popped up. Seems it didn't pick up anything. Only took a few seconds to run. I'm starting to Jones already for MW's. LOL NEXT!

I been online all day and the computer seems to speed up and slow down for no apparent reason, at least nothing that I am aware of. An example: I am online with 2 tabs open and running a script in mafia wars and I try to go to "My Documents". One time it will take it 6 seconds to open to my documents, and other time it will take literally 1 minute. I timed it. Also when online, there is a hesitation from when i click and when it responds, and it seems that sometimes it isn't going to respond at all so I click a second time and then it goes.

Here is the log, it found 2 items immediately when the scan started. Going to surf and play MWs, see how it goes. I did remove the DDS logs, but I believe it is going to ask to run again. I will post in a bit and say how it's going. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.16.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Curtis Lumpkin :: CURTIS [limited] 12/16/2012 1:35:17 PM mbam-log-2012-12-16 (13-35-17).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 277238 Time elapsed: 44 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab PDF Creator (Adware.Agent) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Program Files\FoxTabPDFConverter\Uninstall\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully. (end)

Combo fix took about 20 minutes to run. No problems with it. I thought I had a recovery console, maybe it needed updating. IDK I will play some MWs and surf awhile, see how it's goin. I hadn't mentioned it before but that DDS thingie seems to want to continue to run, every so often it will pop up and ask to scan. Sometimes every 20 minutes or maybe as much as a couple of hours. here is the Combofix log (I wasn't given the option of naming any files: ComboFix 12-12-14.01 - Curtis Lumpkin 12/15/2012 14:25:18.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.250 [GMT -6:00] Running from: c:\documents and settings\Curtis Lumpkin\My Documents\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Curtis Lumpkin\WINDOWS c:\program files\Search Settings c:\program files\Search Settings\FF\chrome.manifest c:\program files\Search Settings\FF\chrome\content\plugin.js c:\program files\Search Settings\FF\chrome\content\plugin.xul c:\program files\Search Settings\FF\chrome\content\protection.js c:\program files\Search Settings\FF\chrome\content\utils.js c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties c:\program files\Search Settings\FF\components\IFBHOSearch.xpt c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt c:\program files\Search Settings\FF\components\SearchSettingsFF.dll c:\program files\Search Settings\FF\install.rdf c:\program files\Search Settings\SearchSettings.dll c:\program files\Search Settings\SearchSettings.exe c:\program files\Search Settings\SearchSettingsRes409.dll c:\windows\desktop c:\windows\desktop\Install America Online - Free Trial.lnk c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\wt c:\windows\wt\data.wts c:\windows\wt\updater\wcmdmgr.exe c:\windows\wt\updater\wcmdmgrl.exe c:\windows\wt\updater\wt.ini c:\windows\wt\webdriver.dll c:\windows\wt\webdriver\4.1.1\actorobject.dll c:\windows\wt\webdriver\4.1.1\dx5drv.dll c:\windows\wt\webdriver\4.1.1\dx7drv.dll c:\windows\wt\webdriver\4.1.1\objectbundle.dll c:\windows\wt\webdriver\4.1.1\sound.dll c:\windows\wt\webdriver\4.1.1\wdcaps.ded c:\windows\wt\webdriver\4.1.1\wdengine.dll c:\windows\wt\webdriver\4.1.1\webdriver.dll c:\windows\wt\webdriver\4.1.1\wthost.exe c:\windows\wt\webdriver\4.1.1\wthostctl.dll c:\windows\wt\webdriver\4.1.1\wtmulti.dll c:\windows\wt\webdriver\4.1.1\wtmulti.jar c:\windows\wt\webdriver\4.1.1\wtwmplug.ax c:\windows\wt\webdriver\4.1.1\wtwmplug.ini c:\windows\wt\webdriver\export.dat c:\windows\wt\webdriver\jdriver.dll c:\windows\wt\webdriver\rdriver.dll c:\windows\wt\webdriver\wildtangent.jar c:\windows\wt\webdriver\wtdmmp.dll c:\windows\wt\webdriver\wtdmmpi.jar c:\windows\wt\webdriver\wtdmmpv.dll c:\windows\wt\wt3d.dll c:\windows\wt\wt3d.ini c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\controlPanel\index.html c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\update_info\data.wts c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmp.dll c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpi.jar c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpv.dll c:\windows\wt\wtupdates\dmmp\3.0.2.000\install\dmmp.cdanfo c:\windows\wt\wtupdates\dmmp\3.0.2.000\install\DMMP_Uninstall.cdas c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlPanel\index.html c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll c:\windows\wt\wtupdates\DRM\3.2.0.19\files\wt.sto c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas c:\windows\wt\wtupdates\Webd\4.1.1\files\actorobject.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\controlPanel\index.html c:\windows\wt\wtupdates\Webd\4.1.1\files\dx5drv.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\dx7drv.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\jdriver.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\data.wts c:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\webdriver.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\wt3d.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\npWTHost.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\nsIWTHostPlugin.xpt c:\windows\wt\wtupdates\Webd\4.1.1\files\ObjectBundle.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\rdriver.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\Sound.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\update_info\data.wts c:\windows\wt\wtupdates\Webd\4.1.1\files\wdcaps.ded c:\windows\wt\wtupdates\Webd\4.1.1\files\wdengine.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331.cdanfo c:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331_fileList.cdas c:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331_Uninstall.cdas c:\windows\wt\wtupdates\Webd\4.1.1\files\webdriver.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\wildtangent.jar c:\windows\wt\wtupdates\Webd\4.1.1\files\wt3d.ini c:\windows\wt\wtupdates\Webd\4.1.1\files\WTHost.exe c:\windows\wt\wtupdates\Webd\4.1.1\files\WTHostCtl.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\wtmulti.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\wtmulti.jar c:\windows\wt\wtupdates\Webd\4.1.1\files\wtvh.dll c:\windows\wt\wtupdates\Webd\4.1.1\files\wtwmplug.ax c:\windows\wt\wtupdates\Webd\4.1.1\files\wtwmplug.ini c:\windows\wt\wtupdates\Webd\4.1.1\install\Webd4_1_1.cdanfo c:\windows\wt\wtupdates\Webd\4.1.1\install\Webd4_1_1_Uninstall.cdas c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.html c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfo c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdas c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dll c:\windows\wt\wtupdates\wtdmmp\update_info\data.wts c:\windows\wt\wtupdates\wtupdater\appinfo.dat c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts c:\windows\wt\wtvh.dll D:\Autorun.inf . . ((((((((((((((((((((((((( Files Created from 2012-11-15 to 2012-12-15 ))))))))))))))))))))))))))))))) . . 2012-12-13 23:17 . 2012-12-13 23:18 -------- d-----w- c:\program files\ERUNT 2012-12-13 21:11 . 2012-12-13 21:10 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-12-13 21:11 . 2012-12-13 21:10 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-12-13 21:11 . 2012-12-13 21:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-12-13 03:49 . 2012-12-13 03:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-12-13 02:43 . 2012-12-13 02:43 -------- d-----w- c:\program files\NT Registry Optimizer 2012-12-04 18:24 . 2012-12-04 18:24 -------- d-----w- c:\program files\Apple Software Update . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-13 21:10 . 2010-06-18 08:51 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-11-13 01:25 . 2004-08-04 21:00 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-11-08 18:00 . 2009-09-19 04:51 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-11-06 00:41 . 2004-08-04 21:00 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-11-02 02:02 . 2004-08-04 21:00 375296 ----a-w- c:\windows\system32\dpnet.dll 2012-11-01 12:17 . 2004-08-04 21:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-11-01 12:17 . 2004-08-04 21:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-11-01 12:17 . 2004-08-04 21:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35 . 2004-08-04 21:00 385024 ----a-w- c:\windows\system32\html.iec 2012-10-02 18:04 . 2004-08-04 21:00 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-30 01:54 . 2010-07-28 00:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-21 01:19 . 2012-04-28 19:53 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-04 761948] "Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2008-10-15 17664] "Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-04-12 102400] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 19968] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-15 454656] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-18 61952] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Photosmart Premier Fast Start.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-6-6 66864] . c:\documents and settings\Default User\Start Menu\Programs\Startup\ Vongo Tray.lnk - c:\program files\Vongo\Tray.exe [N/A] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Vongo Service"=2 (0x2) "Symantec Core LC"=2 (0x2) "N360"=2 (0x2) "CLTNetCnService"=2 (0x2) "ccSetMgr"=2 (0x2) "ccEvtMgr"=2 (0x2) "Bonjour Service"=2 (0x2) "Automatic LiveUpdate Scheduler"=2 (0x2) "LiveUpdate Notice Service"=2 (0x2) "LiveUpdate Notice Ex"=2 (0x2) "Apple Mobile Device"=2 (0x2) "LiveUpdate"=3 (0x3) "GBPoll"=2 (0x2) "SprintRcAppSvc"=3 (0x3) "IDriverT"=3 (0x3) "Application Updater"=2 (0x2) "LightScribeService"=2 (0x2) "JavaQuickStarterService"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP Rhapsody\\rhapsody.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Sprint\\Sprint SmartView\\SwiApiMux.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:28 PM 160944] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/12/2012 9:49 PM 40776] S4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [1/7/2010 11:51 PM 380928] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57] . 2012-12-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2924791899-322899344-3724509738-1006Core.job - c:\documents and settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-09 05:45] . 2012-12-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2924791899-322899344-3724509738-1006UA.job - c:\documents and settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-09 05:45] . 2012-12-15 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 23:25] . 2012-12-15 c:\windows\Tasks\User_Feed_Synchronization-{D57521A4-1C33-4EC0-AF90-43E62C6753F8}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 09:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/?ref=hp uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://register.hp.com/servlet/WebReg.servlets.ProdReg1Servlet?appID=java_wreg_wreg_genpg&PURCH_DT_MONTH=05&PURCH_DT_DAY=09&PURCH_DT_YEAR=2006&product_name=&PROD_SERIAL_ID=&gwCountry=US&language=EN&prodOS= uInternet Settings,ProxyOverride = localhost TCP: DhcpNameServer = 192.168.1.254 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\Curtis Lumpkin\Application Data\Mozilla\Firefox\Profiles\poh7zzax.default\ . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-12-15 14:37 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????^??????(?@???????@ . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2924791899-322899344-3724509738-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(6664) c:\windows\system32\WININET.dll c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\program files\Logitech\MouseWare\System\LgWndHk.dll c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\wscntfy.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Logitech\MouseWare\system\em_exec.exe c:\progra~1\HPQ\Shared\HPQTOA~1.EXE c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe . ************************************************************************** . Completion time: 2012-12-15 14:44:45 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-15 20:44 . Pre-Run: 3,133,431,808 bytes free Post-Run: 3,173,715,968 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 49C6D490B749CF22526966612C881054

I installed Microsoft essentials, done the restart, updates, and ran a full scan. No threats found.

When i ran the Win32kDiag and put that line in the run box It said that it could not find it. I am not allowed to copy the line form that dialogue box to share it here.

Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! `````````Anti-malware/Other Utilities Check:````````` Windows Defender Malwarebytes Anti-Malware version 1.65.1.1000 CCleaner Java 7 Update 9 Mozilla Firefox 12.0 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Windows Defender MSASCui.exe Windows Defender MsMpEng.exe Windows Defender MSASCui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` RogueKiller V8.4.0 [Dec 12 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Curtis Lumpkin [Admin rights] Mode : Scan -- Date : 12/13/2012 21:57:46 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 1 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHV2040BH +++++ --- User --- [MBR] 8650ee84ac79ba2baf4e762b50ce4d1b [bSP] 08a9369fa3c1f8478a5e6508e9f3488e : Toshiba tatooed MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 29933 Mo 1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 61320105 | Size: 8220 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_12132012_02d2157.txt >> RKreport[1]_S_12132012_02d2157.txt

malware bytes.

It is off by about 4 minutes. I mention this because I noticed the log mentions: Computer Name: CURTIS Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized I have had some time issues in the past. Actually, and I know this is gonna sound ridiculous, but the clock on this computer seems to get out of time. I have Direct TV time right in front of me, I have a clock (digital), and one of them always seems to get out of synch.

Ignore this post I am comparing my clock to yours timestamp.

Actually I believe it was the agreement that held me up. After leaving it running for about an hour and a half I had a eureka moment (I like those) and stopped it and done a restart, then opened highjack again, it stalled at the same spot, then an agreement thingie popped up. I agreed and it all unfolded as it should have so there we go. Now for the bad news, I continued with your suggestions and opened IE for the first time in ages and it will not do squat. it just spins its little indicator, but it will not go to ANY web sites. I tried it with add ons turned off too adn still nothing. I do have my window defender off right now. Here are the logs from Random highjacker: info.txt logfile of random's system information tool 1.09 2012-12-13 20:21:53 ======Uninstall list====== -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ALLDATA for Windows-->C:\Program Files\InstallShield Installation Information\{73090A5A-E0C0-4E0B-A320-E183877061A5}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Click to Call with Skype-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -ICPL30A5a.INF Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033 ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" Free Easy Burner V 4.0-->"C:\Program Files\Free Easy Burner\unins000.exe" HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_CPL30A5m\HXFSETUP.EXE -U -ICPL30A5m.inf Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall HP Game Console and games-->C:\Program Files\WildTangent\Apps\hpuninstall.exe HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log HP Update-->MsiExec.exe /X{612F4E20-3661-4D44-AD79-823F1B613FB3} HP User Guides 0019-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E74E3D81-773B-4DCF-B706-50236F80BD81}\setup.exe" -l0x9 -removeonly HP User Guides--System Recovery-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC96BBA7-C634-460E-AD18-A0A994213F80}\Setup.exe" -l0x9 -removeonly HP Wireless Assistant 2.00 E1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2 Intel® PRO Network Connections Drivers-->Prounstl.exe Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF} Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall Lexmark Toolbar-->regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll" LimeWire 5.5.10-->"C:\Program Files\LimeWire\uninstall.exe" Locked Programs-->C:\PROGRA~1\QUICKE~2\UNWISE.EXE C:\PROGRA~1\QUICKE~2\INSTALL.LOG Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL Logitech MouseWare 9.79 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876} Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46} Malwarebytes Anti-Malware version 1.65.1.1000-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB2698023)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2698023\M2698023Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} Mozilla Firefox 12.0 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe" MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe" NTREGOPT 1.1j-->"C:\Program Files\NT Registry Optimizer\unins000.exe" Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726} PowerISO-->"C:\Program Files\PowerISO\uninstall.exe" PrintMaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A35C2323-3CEA-405C-9569-EF5DDE930B2F}\setup.exe" -l0x9 anything Quicken 2005-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2DBE41DD-2129-4C65-A3D3-5647236A60F3} anything Quicken Family Lawyer 2001-->C:\PROGRA~1\QUICKE~2\QUICKE~1\UNWISE.EXE C:\PROGRA~1\QUICKE~2\QUICKE~1\INSTALL.LOG QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C} Safari-->MsiExec.exe /I{AFAC914D-9E83-4A89-8ABE-427521C82CCF} Search Settings v1.2.3-->MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB} Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2722913)-->"C:\WINDOWS\ie8updates\KB2722913-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2744842)-->"C:\WINDOWS\ie8updates\KB2744842-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe" Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe" Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe" Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe" Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe" Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe" Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe" Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe" Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe" Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe" Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe" Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe" Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe" Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe" Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe" Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe" Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe" Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe" Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" Serif DrawPlus 3.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Serif\dp30\DrawPlus_uninst.isu" Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A} SmartAudio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}\setup.exe" -l0x9 -removeonly -S Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Sprint SmartView-->MsiExec.exe /X{0FFD55FA-40CE-4B7F-9001-A06930C63FA2} swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033 The Plain-Language Law Dictionary-->C:\PROGRA~1\QUICKE~2\THEPLA~1\UNWISE.EXE C:\PROGRA~1\QUICKE~2\THEPLA~1\INSTALL.LOG TourSetup-->MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708} Update for Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB982664)-->"C:\WINDOWS\ie8updates\KB982664-IE8\spuninst\spuninst.exe" Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe" Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe" Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe" Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe" Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe" Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe" Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Wireless Home Network Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09D8492A-C8E2-421E-927D-46800FB327A3}\Setup.exe" -l0x9 -removeonly ======System event log====== Computer Name: CURTIS Event Code: 57 Message: The system failed to flush data to the transaction log. Corruption may occur. Record Number: 66185 Source Name: Ftdisk Time Written: 20120815120535.000000-300 Event Type: warning User: Computer Name: CURTIS Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Record Number: 66172 Source Name: W32Time Time Written: 20120810102142.000000-300 Event Type: warning User: Computer Name: CURTIS Event Code: 59 Message: Generate Activation Context failed for C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe. Reference error message: The operation completed successfully. . Record Number: 66149 Source Name: SideBySide Time Written: 20120809204231.000000-300 Event Type: error User: Computer Name: CURTIS Event Code: 59 Message: Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Record Number: 66148 Source Name: SideBySide Time Written: 20120809204231.000000-300 Event Type: error User: Computer Name: CURTIS Event Code: 32 Message: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Record Number: 66147 Source Name: SideBySide Time Written: 20120809204231.000000-300 Event Type: error User: =====Application event log===== Computer Name: CURTIS Event Code: 11706 Message: Product: Norton SystemWorks 2006 Basic Edition -- Error 1706. No valid source could be found for product Norton SystemWorks 2006 Basic Edition. The Windows installer cannot continue. Record Number: 12321 Source Name: MsiInstaller Time Written: 20100827095810.000000-300 Event Type: error User: CURTIS\Curtis Lumpkin Computer Name: CURTIS Event Code: 1001 Message: Detection of product '{707D28BF-E145-4A9B-B97E-94FA586D05F3}', feature 'Norton_SystemWorks' failed during request for component '{FB495BDF-96B0-411C-95C9-90C4D3578B56}' Record Number: 12320 Source Name: MsiInstaller Time Written: 20100827095407.000000-300 Event Type: warning User: CURTIS\Curtis Lumpkin Computer Name: CURTIS Event Code: 1004 Message: Detection of product '{707D28BF-E145-4A9B-B97E-94FA586D05F3}', feature 'Norton_SystemWorks', component '{AA915748-0E0C-4FFC-B454-96815CB0D4C0}' failed. The resource 'C:\Program Files\Common Files\Symantec Shared\SPManifests\CfgWzTLB.grd' does not exist. Record Number: 12319 Source Name: MsiInstaller Time Written: 20100827095407.000000-300 Event Type: warning User: CURTIS\Curtis Lumpkin Computer Name: CURTIS Event Code: 1015 Message: Failed to connect to server. Error: 0x8007043C Record Number: 12248 Source Name: MsiInstaller Time Written: 20100826223215.000000-300 Event Type: warning User: CURTIS\Curtis Lumpkin Computer Name: CURTIS Event Code: 1001 Message: Detection of product '{707D28BF-E145-4A9B-B97E-94FA586D05F3}', feature 'Norton_SystemWorks' failed during request for component '{FB495BDF-96B0-411C-95C9-90C4D3578B56}' Record Number: 12247 Source Name: MsiInstaller Time Written: 20100826223215.000000-300 Event Type: warning User: CURTIS\Curtis Lumpkin ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0e08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\ "PCTYPE"=PRESARIO "PLATFORM"=MCD "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.09 (written by random/random) Run by Curtis Lumpkin at 2012-12-13 20:21:12 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 3 GB (10%) free of 30 GB Total RAM: 502 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:21:44 PM, on 12/13/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\msfeedssync.exe C:\Documents and Settings\Curtis Lumpkin\My Documents\Downloads\RSIT.exe C:\Program Files\trend micro\Curtis Lumpkin.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebReg.servlets.ProdReg1Servlet?appID=java_wreg_wreg_genpg&PURCH_DT_MONTH=05&PURCH_DT_DAY=09&PURCH_DT_YEAR=2006&product_name=&PROD_SERIAL_ID=&gwCountry=US&language=EN&prodOS= R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user') O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=presario&pf=laptop O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 9199 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Critical Battery Alarm Program.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2924791899-322899344-3724509738-1006Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2924791899-322899344-3724509738-1006UA.job C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\User_Feed_Synchronization-{D57521A4-1C33-4EC0-AF90-43E62C6753F8}.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Firefox\Profiles\poh7zzax.default prefs.js - "extensions.enabledItems" - "en-US@dictionaries.addons.mozilla.org:5.0.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8153, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.14" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] "Description"=Java™ Deployment Toolkit "Path"=C:\WINDOWS\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll C:\Program Files\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class C:\Program Files\Mozilla Firefox\searchplugins\ amazondotcom.xml bing.xml eBay.xml google.xml SafeSearch.xml twitter.xml wikipedia.xml yahoo.xml C:\Documents and Settings\Curtis Lumpkin\Application Data\Mozilla\Firefox\Profiles\poh7zzax.default\extensions\ en-US@dictionaries.addons.mozilla.org {9c562686-dfb1-4de4-9711-0fc7b065a54e} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}] Lexmark Toolbar - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-06-07 184320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-13 449512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-13 155384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] SearchSettings Class - C:\Program Files\Search Settings\SearchSettings.dll [2010-01-08 1109504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Toolbar - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-06-07 184320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761948] "Sprint SmartView"=C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe [2008-10-15 17664] "SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2010-01-08 974848] "Reminder"=C:\Windows\CREATOR\Remind_XP.exe [2006-02-09 643072] "RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-04-11 102400] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-11-08 180224] "Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-11-07 19968] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920] "ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824] "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-02-14 454656] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208] "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-04-18 61952] "Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2006-02-22 40960] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-06-15 47408] ""= [] "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "Google Update"=C:\Documents and Settings\Curtis Lumpkin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-08 136176] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-08-18 17360520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Vongo Service"=2 "Symantec Core LC"=2 "N360"=2 "CLTNetCnService"=2 "ccSetMgr"=2 "ccEvtMgr"=2 "Bonjour Service"=2 "Automatic LiveUpdate Scheduler"=2 "LiveUpdate Notice Service"=2 "LiveUpdate Notice Ex"=2 "Apple Mobile Device"=2 "LiveUpdate"=3 "GBPoll"=2 "SprintRcAppSvc"=3 "IDriverT"=3 "Application Updater"=2 "LightScribeService"=2 "JavaQuickStarterService"=2 C:\Documents and Settings\All Users\Start Menu\Programs\Startup HP Photosmart Premier Fast Start.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink" "C:\Program Files\HP Rhapsody\rhapsody.exe"="C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\lxctcoms.exe"="C:\WINDOWS\system32\lxctcoms.exe:*:Enabled:Lexmark Communications System" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\WINDOWS\LMI6D4.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI6D4.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue" "C:\Program Files\Sprint\Sprint SmartView\SwiApiMux.exe"="C:\Program Files\Sprint\Sprint SmartView\SwiApiMux.exe:*:Enabled:SwiApiMux" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Documents and Settings\Curtis Lumpkin\Local Settings\Temp\7zS1.tmp\SymNRT.exe"="C:\Documents and Settings\Curtis Lumpkin\Local Settings\Temp\7zS1.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Documents and Settings\Curtis Lumpkin\Local Settings\Temp\7zS52.tmp\SymNRT.exe"="C:\Documents and Settings\Curtis Lumpkin\Local Settings\Temp\7zS52.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "VIDC.I420"=lvcodec2.dll "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "VIDC.YVYU"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "vidc.LEAD"=LCODCCMP.DLL "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll ======List of files/folders created in the last 1 month====== 2012-12-13 17:26:29 ----D---- C:\Program Files\trend micro 2012-12-13 17:26:22 ----D---- C:\rsit 2012-12-13 17:19:40 ----D---- C:\WINDOWS\ERDNT 2012-12-13 17:17:15 ----D---- C:\Program Files\ERUNT 2012-12-13 15:11:22 ----A---- C:\WINDOWS\system32\npDeployJava1.dll 2012-12-13 15:11:19 ----A---- C:\WINDOWS\system32\javaws.exe 2012-12-13 15:11:10 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2012-12-13 15:11:10 ----A---- C:\WINDOWS\system32\javaw.exe 2012-12-13 15:11:09 ----A---- C:\WINDOWS\system32\java.exe 2012-12-12 21:49:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2012-12-12 20:43:08 ----D---- C:\Program Files\NT Registry Optimizer 2012-12-12 18:14:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$ 2012-12-12 18:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$ 2012-12-12 18:14:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$ 2012-12-12 18:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$ 2012-12-12 18:14:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$ 2012-12-12 18:13:56 ----A---- C:\WINDOWS\imsins.BAK 2012-12-04 12:31:41 ----D---- C:\Program Files\QuickTime 2012-12-04 12:24:11 ----D---- C:\Program Files\Apple Software Update 2012-11-15 05:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$ 2012-11-15 05:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$ ======List of files/folders modified in the last 1 month====== 2012-12-13 20:21:48 ----D---- C:\WINDOWS\temp 2012-12-13 20:21:28 ----D---- C:\WINDOWS\Prefetch 2012-12-13 20:20:58 ----D---- C:\Documents and Settings\Curtis Lumpkin\Application Data\Skype 2012-12-13 20:19:58 ----D---- C:\WINDOWS 2012-12-13 20:19:38 ----A---- C:\hpqp.ini 2012-12-13 20:19:36 ----A---- C:\XP_TV.ini 2012-12-13 20:18:50 ----A---- C:\WINDOWS\SchedLgU.Txt 2012-12-13 17:26:29 ----D---- C:\Program Files 2012-12-13 15:21:49 ----D---- C:\WINDOWS\system32 2012-12-13 15:21:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2012-12-13 15:20:27 ----SD---- C:\WINDOWS\Tasks 2012-12-13 15:13:35 ----SHD---- C:\WINDOWS\Installer 2012-12-13 15:13:35 ----D---- C:\Config.Msi 2012-12-13 15:13:34 ----D---- C:\Program Files\Common Files\Java 2012-12-13 15:11:13 ----D---- C:\WINDOWS\system32\CatRoot2 2012-12-13 15:10:49 ----A---- C:\WINDOWS\system32\deployJava1.dll 2012-12-13 15:10:41 ----D---- C:\Program Files\Java 2012-12-12 21:49:54 ----D---- C:\WINDOWS\system32\drivers 2012-12-12 20:44:50 ----D---- C:\WINDOWS\system32\config 2012-12-12 19:19:16 ----D---- C:\WINDOWS\Registration 2012-12-12 18:35:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2012-12-12 18:14:57 ----RSHD---- C:\WINDOWS\system32\dllcache 2012-12-12 18:14:57 ----HD---- C:\WINDOWS\inf 2012-12-12 18:13:47 ----D---- C:\Program Files\Internet Explorer 2012-12-12 18:12:51 ----HD---- C:\WINDOWS\$hf_mig$ 2012-12-12 18:08:31 ----D---- C:\WINDOWS\Debug 2012-12-12 18:08:18 ----A---- C:\WINDOWS\system32\MRT.exe 2012-12-04 12:26:58 ----D---- C:\WINDOWS\WinSxS 2012-12-04 12:26:32 ----D---- C:\Program Files\Common Files\Apple 2012-11-24 07:30:51 ----D---- C:\WINDOWS\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-11-08 59388] R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-01-19 424320] R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-11-03 157696] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-09-09 26600] R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-04-18 569856] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-22 1035008] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-08-22 201600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972] R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-11-07 25502] R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-11-07 70798] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 Nmea;Sprint Connection Manager - emulates the NMEA ports; C:\WINDOWS\system32\DRIVERS\pctnullport.sys [2008-10-15 38680] R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2008-10-15 222720] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192736] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-22 718464] S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-03-02 57096] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808] S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2008-07-26 41752] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2008-10-15 27072] S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS [] S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520] S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2008-10-15 24840] S3 swmx00;Sierra Wireless USB MUX Driver (#00); C:\WINDOWS\system32\DRIVERS\swmx00.sys [2008-10-15 149512] S3 SWNC5E00;Sierra Wireless MUX NDIS Driver (#00); C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys [2008-10-15 171144] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368] S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-12-13 161768] R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-20 129976] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S4 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928] S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728] S4 SprintRcAppSvc;Sprint RcAppSvc; C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe [2008-10-15 111872] -----------------EOF-----------------

I am trying to run the random system information tool, but it seems to be locked up, or is it normal to take over a half an hour to run? It says: running highjack this and is stopped at 3 green bars. I stopped it and started it again and it is doing the same thing. Doug

Admin. feel free to close this thread. I am receiving help in the highjack forum. Thank You