Jump to content

OpinionMart pop-up


Recommended Posts

Hello ,

And :) My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.

-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.

Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Please download OTL from one of the following mirrors:

    [*]Save it to your desktop.

    [*]Double click on the otlDesktopIcon.png icon on your desktop.

    [*]Click the "Scan All Users" checkbox.

    [*]Push the Quick Scan button.

    [*]Two reports will open, copy and paste them in a reply here:

    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please Download Rootkit Unhooker Save it to your desktop.

  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.

Copy the entire contents of the report and paste it in a reply here.

Note - if you get the following warning, just ignore: "Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

Click on Cancel, then Accept.

-------------------------------------------------------------

In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply

  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

Link to post
Share on other sites

Hello ,

And :) My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.

-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.

Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Please download OTL from one of the following mirrors:

    [*]Save it to your desktop.

    [*]Double click on the otlDesktopIcon.png icon on your desktop.

    [*]Click the "Scan All Users" checkbox.

    [*]Push the Quick Scan button.

    [*]Two reports will open, copy and paste them in a reply here:

    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please Download Rootkit Unhooker Save it to your desktop.

  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.

Copy the entire contents of the report and paste it in a reply here.

Note - if you get the following warning, just ignore: "Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

Click on Cancel, then Accept.

-------------------------------------------------------------

In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply

  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

OTL Extras logfile created on: 12/31/2010 11:12:45 AM - Run 1

OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\Dawn\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 289.00 Mb Available Physical Memory | 28.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.46 Gb Total Space | 51.37 Gb Free Space | 71.89% Space Free | Partition Type: NTFS

Computer Name: SERVER | User Name: Dawn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine

"3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)

"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)

"C:\Program Files\Common Files\aol\1191531521\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1191531521\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)

"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- File not found

"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)

"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)

"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)

"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)

"C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2

"{0736311A-BCF5-4F80-AC0F-FE4E55DBF969}" = Peachtree Accounting 2008

"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data

"{0A0873E1-D9BA-4994-B85D-A0A331EF1F0C}" = Intel® PRO Network Connections

"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA

"{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}" = HP Driver Diagnostics

"{19A71C4F-94D9-44EA-AC98-FF8A045273AB}" = iSqFt Full Viewer V4.01

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6

"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant

"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer

"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp

"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool

"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module

"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer

"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore

"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility

"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries

"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_BASICR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_BASICR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_BASICR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_BASICR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_BASICR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_BASICR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002

"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content

"{90350409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content Deluxe

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007

"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio

"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy

"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB090A2C-B2F9-110F-F9D2-08B47D08D36F}" = MozyHome

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1

"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime

"{E23E9487-2B6B-42CA-AE8D-E2369563AB02}" = IDEAL_Conference

"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware

"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials

"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player

"AOL Deskbar" = AOL Deskbar

"AOL Toolbar 5.0" =

"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)

"BASICR" = Microsoft Office Basic 2007

"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows

"DellDirect" = Dell Recommends

"HDMI" = Intel® Graphics Media Accelerator Driver

"hp deskjet 5550 series_Driver" = hp deskjet 5550 series

"hp print screen utility" = hp print screen utility

"ie8" = Windows Internet Explorer 8

"InstallShield_{0736311A-BCF5-4F80-AC0F-FE4E55DBF969}" = Peachtree Complete Accounting 2008

"Integration Services" = Sage Software Integration Services

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Security Essentials" = Microsoft Security Essentials

"Pervasive Software PSQL v9.1 Workgroup_is1" = Pervasive Software PSQL v9.1 Client

"SearchAssist" = SearchAssist

"The Blue Book" = Vu360

"ViewpointMediaPlayer" = Viewpoint Media Player

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows Media Player" = Windows Media Player 10

"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1419606227-1626188227-774669011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"GoToMeeting" = GoToMeeting 4.5.0.457

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 12/22/2010 12:53:18 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/22/2010 12:53:20 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/22/2010 1:03:58 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/22/2010 3:46:52 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/22/2010 3:46:53 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/22/2010 5:52:29 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application peachw.exe, version 2008.0.0.1690, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/23/2010 9:39:22 AM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/28/2010 2:39:32 PM | Computer Name = SERVER | Source = MsiInstaller | ID = 10005

Description = Product: Windows Defender -- Microsoft Client Protection has been

found. Please remove that product and rerun the setup.

Error - 12/28/2010 3:32:37 PM | Computer Name = SERVER | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/28/2010 3:32:41 PM | Computer Name = SERVER | Source = Application Hang | ID = 1001

Description = Fault bucket 1180947459.

[ OSession Events ]

Error - 3/14/2008 3:40:35 PM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1599

seconds with 660 seconds of active time. This session ended with a crash.

Error - 3/14/2008 3:42:32 PM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 54

seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/10/2009 11:11:08 AM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 562

seconds with 60 seconds of active time. This session ended with a crash.

Error - 12/10/2009 11:17:46 AM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 381

seconds with 60 seconds of active time. This session ended with a crash.

Error - 12/10/2009 11:18:31 AM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7

seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/10/2009 11:18:55 AM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13

seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/5/2010 5:32:52 PM | Computer Name = SERVER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4700

seconds with 1860 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 11/16/2010 11:23:21 AM | Computer Name = SERVER | Source = System Error | ID = 1003

Description = Error code 00000077, parameter1 00000001, parameter2 00000000, parameter3

00000000, parameter4 f1a8ac34.

Error - 11/23/2010 1:45:46 PM | Computer Name = SERVER | Source = System Error | ID = 1003

Description = Error code 00000077, parameter1 00000001, parameter2 00000000, parameter3

00000000, parameter4 f794fd24.

Error - 12/1/2010 9:31:49 AM | Computer Name = SERVER | Source = System Error | ID = 1003

Description = Error code 00000077, parameter1 00000001, parameter2 00000000, parameter3

00000000, parameter4 f2ff7c34.

Error - 12/7/2010 12:29:04 PM | Computer Name = SERVER | Source = System Error | ID = 1003

Description = Error code 00000077, parameter1 00000001, parameter2 00000000, parameter3

00000000, parameter4 f7947d24.

Error - 12/8/2010 3:17:05 PM | Computer Name = SERVER | Source = System Error | ID = 1003

Description = Error code 00000077, parameter1 00000001, parameter2 00000000, parameter3

00000000, parameter4 f7159c34.

Error - 12/11/2010 1:57:24 PM | Computer Name = SERVER | Source = System Error | ID = 1003

Description = Error code 00000077, parameter1 00000001, parameter2 00000000, parameter3

00000000, parameter4 f794bd24.

Error - 12/28/2010 12:36:26 PM | Computer Name = SERVER | Source = Print | ID = 54

Description = Document Microsoft Word - reg1012 was corrupted and has been deleted.

The associated driver is: hp deskjet 5550 series.

< End of report >

OTL logfile created on: 12/31/2010 11:12:44 AM - Run 1

OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\Dawn\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 289.00 Mb Available Physical Memory | 28.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.46 Gb Total Space | 51.37 Gb Free Space | 71.89% Space Free | Partition Type: NTFS

Computer Name: SERVER | User Name: Dawn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/31 11:11:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawn\Desktop\OTL.exe

PRC - [2010/11/08 16:06:46 | 003,571,512 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe

PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe

PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1191531521\ee\aolsoftware.exe

PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/10/27 12:45:07 | 000,039,264 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\waol.exe

PRC - [2007/10/27 12:45:05 | 000,054,624 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\shellmon.exe

PRC - [2007/05/16 12:47:26 | 000,013,864 | R--- | M] () -- C:\WINDOWS\system32\srvany.exe

PRC - [2007/04/02 07:33:32 | 000,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe

PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe

PRC - [2006/08/31 15:56:08 | 000,106,546 | ---- | M] () -- C:\pvsw\bin\w3dbsmgr.exe

PRC - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2002/07/11 07:06:23 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe

========== Modules (SafeList) ==========

MOD - [2010/12/31 11:11:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawn\Desktop\OTL.exe

MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2007/10/27 12:45:01 | 000,006,144 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\idleproc.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)

SRV - [2007/05/16 12:47:26 | 000,013,864 | R--- | M] () [Auto | Running] -- C:\WINDOWS\system32\srvany.exe -- (Pervasive.SQL Workgroup Engine)

SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)

SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\spcstb.sys -- (spcstb)

DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)

DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)

DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2007/10/03 11:14:27 | 000,098,176 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NBF.SYS -- (Nbf)

DRV - [2006/07/21 18:12:16 | 001,095,968 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)

DRV - [2006/07/19 14:42:16 | 000,230,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®

DRV - [2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)

DRV - [2006/03/20 16:06:04 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)

DRV - [2005/09/12 02:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)

DRV - [2005/09/08 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)

DRV - [2005/09/08 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)

DRV - [2005/09/08 04:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)

DRV - [2005/09/08 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)

DRV - [2005/09/08 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)

DRV - [2005/09/08 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)

DRV - [2005/09/08 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)

DRV - [2005/08/25 11:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)

DRV - [2005/08/25 11:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)

DRV - [2005/08/12 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)

DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)

DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)

DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)

DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)

DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)

DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)

DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)

DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)

DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)

DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)

DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)

DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)

DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)

DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070625

IE - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2009/10/06 09:16:46 | 000,249,881 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.1001-search.info

O1 - Hosts: 127.0.0.1 1001-search.info

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.123topsearch.com

O1 - Hosts: 127.0.0.1 123topsearch.com

O1 - Hosts: 127.0.0.1 www.132.com

O1 - Hosts: 127.0.0.1 132.com

O1 - Hosts: 127.0.0.1 www.136136.net

O1 - Hosts: 127.0.0.1 136136.net

O1 - Hosts: 8710 more lines...

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)

O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [PeachtreePrefetcher.exe] C:\Program Files\Sage Software\Peachtree\PeachtreePrefetcher.exe (Sage Software SB, Inc.)

O4 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Pervasive.SQL Workgroup Engine.lnk = C:\pvsw\bin\w3dbsmgr.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)

O15 - HKLM\..Trusted Domains: isqft.com ([www] https in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: isqft.com ([www] https in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: isqft.com ([www] https in Trusted sites)

O15 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\..Trusted Domains: internet ([]about in Trusted sites)

O15 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\..Trusted Domains: isqft.com ([www] https in Trusted sites)

O15 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)

O15 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)

O15 - HKU\S-1-5-21-1419606227-1626188227-774669011-1006\..Trusted Domains: paychex.com ([online] https in Trusted sites)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Dawn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dawn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/31 11:11:43 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dawn\Desktop\OTL.exe

[2010/12/28 13:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dawn\Application Data\Malwarebytes

[2010/12/28 13:50:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/12/28 13:50:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/12/28 13:50:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/12/28 13:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/12/03 15:53:33 | 000,398,744 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid

[2010/12/03 15:53:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache

[2010/12/03 15:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons

[2010/12/02 13:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dawn\Desktop\A Trash

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\Documents and Settings\Dawn\Desktop\*.tmp files -> C:\Documents and Settings\Dawn\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/31 11:11:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawn\Desktop\OTL.exe

[2010/12/31 08:35:43 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\E.url

[2010/12/31 08:22:48 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2010/12/31 08:17:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/12/31 08:17:27 | 1063,165,952 | -HS- | M] () -- C:\hiberfil.sys

[2010/12/30 12:45:50 | 000,029,468 | ---- | M] () -- C:\WINDOWS\mozy.blk

[2010/12/30 12:45:50 | 000,006,818 | ---- | M] () -- C:\WINDOWS\mozy.flt

[2010/12/29 15:59:51 | 000,000,171 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\UPS Tracking.url

[2010/12/29 11:02:19 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\Job Sheet Lrg.XLS

[2010/12/28 13:50:07 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/28 13:38:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/12/28 11:36:10 | 000,301,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/12/28 11:25:15 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010/12/28 09:56:31 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\Template.doc

[2010/12/24 00:00:00 | 000,000,784 | ---- | M] () -- C:\WINDOWS\tasks\daily.job

[2010/12/23 08:35:10 | 000,000,085 | ---- | M] () -- C:\Documents and Settings\Dawn\appletfile.props

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/12/13 13:44:38 | 000,231,355 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\OSHA10OpenEnrollFlyerConstruction-January2011.pdf

[2010/12/10 11:45:57 | 000,255,273 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\Sample Template.docx

[2010/12/09 11:29:59 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Dawn\Desktop\Job Sheet Sm.XLS

[2010/12/03 15:53:34 | 000,398,744 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\Documents and Settings\Dawn\Desktop\*.tmp files -> C:\Documents and Settings\Dawn\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/28 13:50:07 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/13 13:44:37 | 000,231,355 | ---- | C] () -- C:\Documents and Settings\Dawn\Desktop\OSHA10OpenEnrollFlyerConstruction-January2011.pdf

[2010/12/10 11:45:56 | 000,255,273 | ---- | C] () -- C:\Documents and Settings\Dawn\Desktop\Sample Template.docx

[2010/12/09 11:29:59 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Dawn\Desktop\Job Sheet Sm.XLS

[2010/12/09 11:29:34 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Dawn\Desktop\Job Sheet Lrg.XLS

[2010/09/16 11:09:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI

[2010/02/12 17:01:14 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2009/07/21 12:43:27 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Dawn\Local Settings\Application Data\fusioncache.dat

[2008/05/29 14:21:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008/04/30 14:17:46 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Dawn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

[2007/12/27 16:45:51 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll

[2007/12/10 15:17:15 | 000,000,059 | ---- | C] () -- C:\WINDOWS\sview.ini

[2007/12/05 13:08:18 | 000,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2007/12/05 13:08:18 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\AEA693DD33.sys

[2007/06/25 09:17:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2007/06/25 09:12:37 | 000,000,171 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2007/06/25 08:44:54 | 000,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2007/06/25 08:44:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll

[2007/06/25 08:43:22 | 000,001,122 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2007/05/16 10:46:38 | 000,001,728 | ---- | C] () -- C:\WINDOWS\PCW150.ini

[2005/11/10 00:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/06/30 14:04:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll

[2004/03/07 12:51:00 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll

[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/09/24 14:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications

[2009/01/30 09:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7

[2009/01/30 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix

[2009/06/19 07:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2008/05/29 14:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT

[2007/10/04 15:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2010/09/16 11:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\EDrawings

[2010/05/10 13:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\ElevatedDiagnostics

[2007/10/04 08:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\Leadertech

[2010/04/03 11:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\MSNInstaller

[2007/10/03 09:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\Peachtree

[2009/09/03 12:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\Snapfish

[2009/10/28 10:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dawn\Application Data\Vu360

[2010/12/24 00:00:00 | 000,000,784 | ---- | M] () -- C:\WINDOWS\Tasks\daily.job

[2010/12/31 08:22:48 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 12/31/2010 11:12:45 AM - Run 1

OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\Dawn\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 289.00 Mb Available Physical Memory | 28.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.46 Gb Total Space | 51.37 Gb Free Space | 71.89% Space Free | Partition Type: NTFS

Computer Name: SERVER | User Name: Dawn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine

"3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)

"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)

"C:\Program Files\Common Files\aol\1191531521\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1191531521\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)

"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- File not found

"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)

"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)

"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)

"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)

"C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2

"{0736311A-BCF5-4F80-AC0F-FE4E55DBF969}" = Peachtree Accounting 2008

"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data

"{0A0873E1-D9BA-4994-B85D-A0A331EF1F0C}" = Intel

Link to post
Share on other sites

I've tried everything including the latest update of Malware and it still keeps on coming. HELP!!

It just popped up

Here is the address -

http://survey.suitesmart.com/survey.sp?PAG...sc%3D2718290501

Here is what I could copy and paste from it.

Tell us what you think!

Please take a few moments to complete our brief survey.

Your answers are very important to us! Just click on the button below to get started!

No thanks Maybe later

I always click the "lock" icon to Automatically Block it then cut and paste the address into the blocked websites on Internet Properties on the Control Panel under the Privacy tab "Sites"

Link to post
Share on other sites

Hi again,

It looks innocent on first sight. Does it pop up without you doing something to trigger it (for example, visit a certain site)?

COMBOFIX

---------------

Please download ComboFix from one of these locations:

Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

  • 1 month later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.