Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Registry Problems?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Registry Problems?

Unread postby hutspr01 » July 18th, 2011, 3:25 pm

I was unable to run DDS.exe or any of the derivatives that was given. My problem is with start up and shut down. Start up takes a long time and will sometimes freeze and have to be started over. At shutdown I have programs that I will have to end now in order to shut down completely. I downloaded Advanced system care to fix my registry but I don't think it helped much. Here are the Hijack This lists: -Thanks
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:15:56 PM, on 7/18/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Utility\UPHClean\uphclean.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\WallpaperSS\WallpaperSS.exe
C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Utility\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://home.peoplepc.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [PCMagHDHeartBeat] "C:\Program Files\Utility\HD HeartBeat\HDHeartBeat.exe" /m
O4 - HKCU\..\Run: [WallpaperSS] C:\Program Files\WallpaperSS\WallpaperSS.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/search/?adv=1 (file missing)
O9 - Extra 'Tools' menuitem: Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/search/?adv=1 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 5942424869
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4031514453
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://samsclubus.pnimedia.com/upload/a ... ontrol.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Utility\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe

--
End of file - 11219 bytes



Adobe Acrobat 5.0
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 7.0.9
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.0
Adobe® Photoshop® Album Starter Edition 3.0.1
Advanced SystemCare 4
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
Broadcom Advanced Control Suite
CCleaner
Clear Cache feature for Internet Explorer
Conexant SmartHSFi V92 56K DF PCI Modem
Debt Eliminator
DeductionPro 2007
DeductionPro 2008
DeductionPro 2009
Dell Digital Jukebox Driver
Dell DJ Explorer
Dell Picture Studio - Dell Image Expert
Dell ResourceCD
Dell Solution Center
Dell Support
Desktop Doctor
Device drivers for HP Simple Backup
Digital Line Detect
Diskeeper Professional Edition
DVDSentry
Earthlink Installer - uninstall 'Earthlink 5.0' entry first if present
Easy CD Creator 5 Basic
FinePixViewer Ver.4.0
FrostWire 4.21.3
FUJIFILM USB Driver
GearDrvs
GearDrvs
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
H&R Block Deluxe + Efile 2009
H&R Block Deluxe + Efile 2010
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
hp instant support
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Assistant
HP Solution Center 7.0
HP Update
Intel(R) Extreme Graphics Driver
InterActual Player
ItsDeductible7
Java(TM) 6 Update 21
Logitech Desktop Messenger
Logitech iTouch Software
Logitech MouseWare 9.71
Logitech Resource Center
Math Advantage 2001
McAfee Security Scan Plus
McAfee SiteAdvisor
MediaFACE 4.0
MediaFACE 4.0 Image Library
MemTurbo 4
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Age of Empires Gold
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft English TTS Engine
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Sounds
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft OpenType Font File Properties Extension
Microsoft Picture It! Photo 7.0
Microsoft Silverlight
Microsoft Tool Web Package:WntIpcfg.exe
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Web Publishing Wizard 1.52
Microsoft Windows Journal Viewer
Microsoft Works 2003 Setup Launcher
Modem Helper
Mozilla Firefox (3.6.18)
MSConfig CleanUp 1.2
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
MSXML4 Parser
NETGEAR WG311v3 PCI Adapter
NetWaiting
Norton Security Suite
OCR Software by I.R.I.S 7.0
Paint Shop Pro 7
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
PowerDVD
Quicken 2007
QuickTime
RAW FILE CONVERTER LE
RCA Detective 1.0.0.96
Revo Uninstaller 1.87
Rhapsody
SAPI Wrapper
Savings Bond Wizard
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
StarCraft
Startup Cop 1.1
SyncToy
TaxCut Indiana 2007
TaxCut Indiana 2008
TaxCut Premium + State + Efile 2008
TaxCut Premium + State 2007
The Print Shop 20
The Print Shop Premium Fonts
TTS Wrapper
Tweak UI
UnClean 2.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2553975)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB971029)
User Profile Hive Cleanup Service
Viewpoint Media Player (Remove Only)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
W Photo Studio
Wallpaper SlideShow LT 1.4.5
WexTech AnswerWorks
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm
Advertisement
Register to Remove

Re: Registry Problems?

Unread postby askey127 » July 20th, 2011, 6:43 am

Hi hutspr01,
Do this sequence in Safe Mode, if necessary.
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs
It is posted here: http://malwareremoval.com/forum/viewtopic.php?p=491394#p491394
As a condition of receiving our help, I have included the P2P program Frostwire in the removal instructions below, so we are not wasting our time.
If you have used this, and your computer is infected, you can be fairly confident this is a principal reason.

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
(Limewire has been shut down by the courts).
Criminals have "planted" thousands upon thousands of infections in the "free" shared files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".
-----------------------------------------------------------
Remove Registry items with HijackThis. Start HijackThis.
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://home.peoplepc.com/search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Utility\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine. Sorry, but it's necessary.
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Adobe Reader 7.0.9
Advanced SystemCare 4
Desktop Doctor
FrostWire 4.21.3
Google Update Helper
Java(TM) 6 Update 21
Logitech Desktop Messenger
McAfee Security Scan Plus

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
Boot into Normal Mode if you can.
-----------------------------------------------------------
Post a New HiJackThis Log
Start HijackThis
Click Do System Scan and Save a Log File.
When the Scan is complete, select the whole log (Ctrl +A), copy (Ctrl+C) and paste (Ctrl+V) the log contents into a reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Registry Problems?

Unread postby hutspr01 » July 20th, 2011, 1:16 pm

Wow! Shutdown is now how its suppose to be and start up is quicker too. Thanks!

Question about removing programs from Add/Remove Programs. I couldn't find the Google Updater Helper like you listed, would it be somewhere else that I could check and uninstall or is it not important?

Thanks again! (Below is new report from HijackThis)


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Utility\UPHClean\uphclean.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WallpaperSS\WallpaperSS.exe
C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
C:\Program Files\Utility\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PCMagHDHeartBeat] "C:\Program Files\Utility\HD HeartBeat\HDHeartBeat.exe" /m
O4 - HKCU\..\Run: [WallpaperSS] C:\Program Files\WallpaperSS\WallpaperSS.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/search/?adv=1 (file missing)
O9 - Extra 'Tools' menuitem: Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/search/?adv=1 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 5942424869
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4031514453
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://samsclubus.pnimedia.com/upload/a ... ontrol.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Utility\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby askey127 » July 21st, 2011, 7:15 am

hutspr01,
Don't worry about the Google Updater not found. No big deal.

Major slowdowns can be caused by the updater in the old Adobe Acrobat 5.
If you use that to compose or edit PDF files, you can keep it, but be aware that the updater can actually hang up a computer.
In addition, it is so old that it is susceptible to infecting your computer, if you open a corrupted/infected PDF file with it from the internet.
If you don't really edit or generate PDF files with it, I would Uninstall it.

Now a few things to do... Just take them one at a time.
------------------------------------------------------------
Download and Install the latest version of Java Runtime Environment from here : http://java.sun.com/javase/downloads/index.jsp, and install it to your computer.
In the first section on the page, labeled JDK 6 Update 26 (JDK or JRE), click on the button labeled Download JRE. Do NOT choose the button labeled "Download JDK".
If it won't allow you to get past the "Agree to the license" dialog, you will need to set your browser to temporarily allow scripts.
Check the button to agree to the license
Select the link for your Platform Windows x86 offline (or Windows 64-bit if your machine is 64-bit), and click it.
Download it, choose Save, and save it to your desktop.
Then doubleclick it on your desktop, (or right click and choose "Run as administrator" in Vista/Win7) and it will install the newest version of Java for you to use.
During the Installation, be sure to UNCHECK any offer for McAfee Security Scan Plus(It's just adware) or any extra toolbars.
When it finishes, you can remove the Installer from your desktop.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 10.0 are vulnerable.
Go HERE and click on AdbeRdr1001_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.

After the new Reader is installed, Open Adobe Reader X.
OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button
When it finishes, you can remove the Installer from your desktop.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Double click on the icon to run it.
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Registry Problems?

Unread postby hutspr01 » July 21st, 2011, 9:47 am

Ok, here is the Extras.txt:

OTL Extras logfile created on: 7/21/2011 9:34:29 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Hutson Family\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.48 Mb Total Physical Memory | 382.33 Mb Available Physical Memory | 37.39% Memory free
2.40 Gb Paging File | 1.95 Gb Available in Paging File | 81.20% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.02 Gb Total Space | 109.45 Gb Free Space | 73.45% Space Free | Partition Type: NTFS
Drive D: | 480.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D366HZ21 | User Name: Hutson Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [CmdShortcut] -- C:\WINDOWS\system32\cmd.exe /k cd "%1" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [FinePixPrint] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" /p "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [opennew] -- explorer.exe /e, %1 (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"FirstRunDisabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Symantec\Symantec Endpoint Protection\SymCorpUI.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\SymCorpUI.exe:*:Enabled:Symantec Endpoint Protection
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F64D075-84F1-4EBC-A842-F2EF9C58009A}" = The Print Shop Premium Fonts
"{20292BBB-C7D7-4526-9E38-42C4A5C2A3A6}" = H&R Block Deluxe + Efile 2009
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2462F296-EEF5-4690-8C12-CD9ED3DB1B16}" = TaxCut Indiana 2008
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.0
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Photo 7.0
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45EA11B5-874D-480E-89B9-2545505BBE3E}" = Microsoft OpenType Font File Properties Extension
"{468190DA-FB4C-45BA-8E40-4B165FF1A939}" = BACS
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{494C271C-1528-4886-A78C-BFB3C823A37B}" = MediaFACE 4.0 Image Library
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4E901875-0F15-44BA-89DE-94AA41A7F507}" = Clear Cache feature for Internet Explorer
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{53F2F98F-5C5B-455D-AD6F-4E8A29BF932B}" = Debt Eliminator
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}" =
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.71
"{58A49B80-2595-4C9D-B3EB-261E68A2C4D1}_is1" = Wallpaper SlideShow LT 1.4.5
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{61100673-2546-42E1-BF92-467B5CB2AC6D}" = DeductionPro 2008
"{663E217E-FC26-4249-9E8E-F190CD63E737}" = TaxCut Premium + State 2007
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F581D1D-C9A7-4C77-B88A-27537173CEDF}" = MediaFACE 4.0
"{81FB87B4-AEA6-49A8-9110-BED4AEFC20E8}" = H&R Block Deluxe + Efile 2010
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{863DCE5B-D6CA-4DC5-9F95-7DCFED15DE8F}" = The Print Shop 20
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A5EBB62-ADE7-41E2-8884-1517DE3505D1}" = DeductionPro 2007
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94824ADD-8F26-43D2-84DB-22E11F377E5E}" = Microsoft English TTS Engine
"{96172E04-BB14-45F6-A77B-8EE7A421B903}" = SAPI Wrapper
"{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}" = TTS Wrapper
"{97F4D62E-5AEB-4649-BABF-4712C6EF6845}" = DeductionPro 2009
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9D98F245-3010-43C6-B3B0-67A464DA298E}" = ELNKInst
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AF551C00-1D66-45DB-A3A5-F097F635200E}" = TaxCut Indiana 2007
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B5688129-7595-4E5B-9990-CEF981A31264}" = SyncToy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}" = TaxCut Premium + State + Efile 2008
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{C9618743-1A5C-461E-91C4-E013A3D70F3C}" = Adobe® Photoshop® Album Starter Edition 3.0.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CBF3C503-946E-45EA-B347-EACC41781989}" = W Photo Studio
"{CD4D567E-44D7-4CDA-977D-C918D88FA3D9}_is1" = MemTurbo 4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6111BDE-3D23-403E-96BD-3CE416101B16}" = Diskeeper Professional Edition
"{D64DCF1C-7A95-49A4-BAFA-C42B5CF6B8B6}" = Works Suite OS Pack
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}" =
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EA82FF50-E258-4DFE-839B-8F26A01A34A7}" = Microsoft Tool Web Package:WntIpcfg.exe
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V92 56K DF PCI Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell File Manager" = Dell DJ Explorer
"ENTERPRISER" = Microsoft Office Enterprise 2007
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"hp instant support" = hp instant support
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie7" = Windows Internet Explorer 7
"InstallShield_{468190DA-FB4C-45BA-8E40-4B165FF1A939}" = Broadcom Advanced Control Suite
"InstallShield_{494C271C-1528-4886-A78C-BFB3C823A37B}" = MediaFACE 4.0 Image Library
"InstallShield_{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"InstallShield_{7F581D1D-C9A7-4C77-B88A-27537173CEDF}" = MediaFACE 4.0
"InstallShield_{9D98F245-3010-43C6-B3B0-67A464DA298E}" = Earthlink Installer - uninstall 'Earthlink 5.0' entry first if present
"InterActual Player" = InterActual Player
"ItsDeductible7" = ItsDeductible7
"Logitech Resource Center" = Logitech Resource Center
"Math Advantage 2001" = Math Advantage 2001
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MSConfig CleanUp_is1" = MSConfig CleanUp 1.2
"N360" = Norton Security Suite
"Papi" = Device drivers for HP Simple Backup
"PC Magazine's Startup Cop_is1" = Startup Cop 1.1
"PC Magazine's UnClean_is1" = UnClean 2.0
"Pdf995" = Pdf995 (installed by TaxCut)
"PdfEdit995" = PdfEdit995 (installed by TaxCut)
"QuickTime" = QuickTime
"RCA Detective_is1" = RCA Detective 1.0.0.96
"Revo Uninstaller" = Revo Uninstaller 1.87
"Rhapsody" = Rhapsody
"Savings Bond Wizard" = Savings Bond Wizard
"Shockwave" = Shockwave
"StarCraft" = StarCraft
"Tweak UI 2.10" = Tweak UI
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Works2003Setup" = Microsoft Works 2003 Setup Launcher

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/16/2011 1:21:43 PM | Computer Name = D366HZ21 | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 7/16/2011 2:12:01 PM | Computer Name = D366HZ21 | Source = SupportSoft Agent | ID = 0
Description =

Error - 7/16/2011 3:17:03 PM | Computer Name = D366HZ21 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module msvcrt.dll, version 7.0.2600.5512, fault address 0x00037fd4.

Error - 7/16/2011 3:18:58 PM | Computer Name = D366HZ21 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 7/18/2011 12:08:01 AM | Computer Name = D366HZ21 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module msvcrt.dll, version 7.0.2600.5512, fault address 0x00037fd4.

Error - 7/18/2011 12:09:29 AM | Computer Name = D366HZ21 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 7/18/2011 1:18:49 AM | Computer Name = D366HZ21 | Source = MsiInstaller | ID = 11316
Description = Product: ELNKInst -- Error 1316.A network error occurred while attempting
to read from the file C:\WINDOWS\Installer\ELNKINST.MSI

Error - 7/18/2011 1:20:15 AM | Computer Name = D366HZ21 | Source = MsiInstaller | ID = 11316
Description = Product: ELNKInst -- Error 1316.A network error occurred while attempting
to read from the file C:\WINDOWS\Installer\ELNKINST.MSI

Error - 7/18/2011 2:50:14 PM | Computer Name = D366HZ21 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module msvcrt.dll, version 7.0.2600.5512, fault address 0x00037fd4.

Error - 7/18/2011 2:51:43 PM | Computer Name = D366HZ21 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

[ System Events ]
Error - 7/20/2011 1:03:15 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:03:15 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:03:15 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:03:15 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:03:15 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:03:15 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:03:16 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/20/2011 1:08:45 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.

Error - 7/20/2011 1:09:17 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.

Error - 7/20/2011 1:09:47 PM | Computer Name = D366HZ21 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.


< End of report >
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby hutspr01 » July 21st, 2011, 9:50 am

And OTL.Txt:
OTL logfile created on: 7/21/2011 9:34:29 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Hutson Family\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.48 Mb Total Physical Memory | 382.33 Mb Available Physical Memory | 37.39% Memory free
2.40 Gb Paging File | 1.95 Gb Available in Paging File | 81.20% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.02 Gb Total Space | 109.45 Gb Free Space | 73.45% Space Free | Partition Type: NTFS
Drive D: | 480.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D366HZ21 | User Name: Hutson Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/21 09:33:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hutson Family\My Documents\Downloads\OTL.exe
PRC - [2011/04/05 14:19:16 | 002,692,024 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
PRC - [2010/11/16 14:53:02 | 000,454,344 | ---- | M] (Gianpaolo Bottin) -- C:\Program Files\WallpaperSS\WallpaperSS.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/21 18:51:20 | 001,507,328 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2006/06/07 13:46:24 | 000,942,080 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Utility\UPHClean\uphclean.exe
PRC - [2002/07/22 02:10:00 | 000,577,602 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\iTouch\iTouch.exe


========== Modules (SafeList) ==========

MOD - [2011/07/21 09:33:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hutson Family\My Documents\Downloads\OTL.exe
MOD - [2010/09/20 15:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 04:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 04:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (aawservice)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/06/07 13:46:24 | 000,942,080 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Utility\UPHClean\uphclean.exe -- (UPHClean)


========== Driver Services (SafeList) ==========

DRV - [2011/07/14 09:59:52 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110720.036\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/07/14 09:59:52 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/14 09:59:52 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110720.036\NAVENG.SYS -- (NAVENG)
DRV - [2011/07/13 16:52:34 | 000,355,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110720.031\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/06/05 19:31:58 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/19 15:37:06 | 000,810,616 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110701.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/07/22 18:06:09 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/12 04:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/05/04 15:57:18 | 000,148,096 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\swumxa3.sys -- (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3)
DRV - [2009/03/31 14:45:42 | 000,190,080 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV - [2008/10/15 11:58:34 | 000,171,144 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2008/10/15 11:58:34 | 000,149,512 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\swmx00.sys -- (swmx00) Sierra Wireless USB MUX Driver (#00)
DRV - [2008/10/15 11:58:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PCASp50.sys -- (PCASp50)
DRV - [2008/10/15 11:58:26 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWADIenum.sys -- (NWADI)
DRV - [2008/09/16 18:18:31 | 000,026,888 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/06/18 11:49:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 23:04:34 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2008/04/13 23:04:32 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2008/04/13 23:04:30 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2008/04/13 23:04:30 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2008/04/13 23:04:30 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2008/04/13 23:04:30 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2008/04/13 23:04:28 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 23:04:28 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2008/04/13 23:04:28 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2008/04/13 23:04:28 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2006/05/03 12:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2005/12/29 19:07:50 | 000,282,624 | R--- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/10/09 12:52:57 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2005/08/19 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/08/19 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/06/20 17:33:26 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2003/01/15 15:45:06 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/11 17:52:58 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2002/10/29 17:38:10 | 000,170,499 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/10/29 17:37:36 | 001,175,536 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/29 17:31:28 | 000,604,240 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2002/07/19 11:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/07/09 22:10:00 | 000,011,008 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\itchfltr.sys -- (itchfltr)
DRV - [2002/07/09 05:50:00 | 000,070,382 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.sys -- (LMouFlt2)
DRV - [2002/07/09 05:50:00 | 000,050,862 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Pr2.sys -- (l8042pr2)
DRV - [2002/07/09 05:50:00 | 000,006,030 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LKbdFlt2.sys -- (LKbdFlt2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.foxnews.com"
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2010.9.0.6
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=en&q="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/20 12:43:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011/07/21 09:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/07/16 14:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/17 20:13:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/21 09:29:34 | 000,000,000 | ---D | M]

[2010/08/02 21:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Extensions
[2010/08/02 14:47:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/07/20 13:21:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\extensions
[2011/07/15 17:37:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/15 17:58:41 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/07/21 09:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/21 09:15:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/07/21 09:00:54 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
[2011/07/21 09:14:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/02/22 06:13:35 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2002/08/29 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found.
O3 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\..\Toolbar\ShellBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc. )
O4 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006..\Run: [PCMagHDHeartBeat] File not found
O4 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006..\Run: [WallpaperSS] C:\Program Files\WallpaperSS\WallpaperSS.exe (Gianpaolo Bottin)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/20 17:31:46 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe ()
O4 - Startup: C:\Documents and Settings\Hutson Family\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/20 17:33:41 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 01 00 00 00 [binary data]
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108851
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = [binary data]
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Intellimenus = 1
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 15
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - File not found
O9 - Extra 'Tools' menuitem : Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - File not found
O15 - HKU\S-1-5-21-2667013071-820177805-1926677942-1006\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v ... 5942424869 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4031514453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://samsclubus.pnimedia.com/upload/a ... ontrol.cab (Photo Upload Plugin Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/sho ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134 192.168.33.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Value error. File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell(R))
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Hutson Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hutson Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/05/18 14:54:20 | 000,061,440 | R--- | M] () - D:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2003/02/12 03:01:48 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2268ae60-554e-11df-9047-000bdb2d2371}\Shell - "" = AutoRun
O33 - MountPoints2\{2268ae60-554e-11df-9047-000bdb2d2371}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2268ae60-554e-11df-9047-000bdb2d2371}\Shell\AutoRun\command - "" = G:\WIN\setup.exe
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe /pdf_Spanish
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/21 09:15:05 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/07/21 09:15:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/07/21 09:15:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/07/21 09:15:05 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/07/21 09:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/07/18 15:08:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Start Menu\Programs\HiJackThis
[2011/07/18 01:41:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/07/18 00:45:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Application Data\WallpaperSS
[2011/07/18 00:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Wallpaper Slideshow
[2011/07/18 00:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\WallpaperSS
[2011/07/18 00:41:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2011/07/18 00:41:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\Microsoft Corporation
[2011/07/16 14:40:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Application Data\IObit
[2011/07/16 14:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/07/16 13:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft
[2011/07/16 13:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\StarCraft
[2011/07/16 09:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\My Documents\StarCraft 1.15.2 enUS Installer
[2011/07/15 18:55:11 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011/07/15 18:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Start Menu\Programs\Warcraft III
[2011/07/15 00:57:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/07/14 23:58:14 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2011/07/14 13:53:08 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2008/04/05 11:04:18 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.sys
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/21 09:14:44 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/07/21 09:14:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/07/21 09:14:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/07/21 09:14:44 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/07/21 09:14:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/07/21 09:09:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/07/21 09:06:47 | 000,001,940 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/07/21 09:00:58 | 000,000,051 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2011/07/21 09:00:49 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/07/21 09:00:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/07/21 09:00:33 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/21 00:30:32 | 000,002,667 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Desktop\HiJackThis.lnk
[2011/07/20 20:12:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/18 01:11:59 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/18 00:07:40 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011/07/17 20:16:19 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/07/16 15:11:40 | 000,656,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/16 14:03:16 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft - Brood War.lnk
[2011/07/16 13:18:42 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Desktop\Microsoft Office Word 2007.lnk
[2011/07/15 19:04:01 | 000,054,824 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2011/07/15 19:04:01 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Desktop\Frozen Throne.lnk
[2011/07/15 19:02:29 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011/07/15 19:02:29 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2011/07/15 17:01:30 | 000,000,026 | ---- | M] () -- C:\WINDOWS\DfrgUIEx.INI
[2011/07/15 16:39:49 | 000,447,624 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/07/15 16:39:49 | 000,074,110 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/07/14 10:09:39 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Application Data\ezpinst.exe
[2011/07/14 10:09:38 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.sys
[2011/07/14 10:09:38 | 000,007,824 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.cat
[2011/07/14 10:09:38 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.inf
[2011/07/14 08:19:22 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/14 08:19:22 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/21 09:29:34 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/20 12:54:35 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/18 15:08:33 | 000,002,667 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Desktop\HiJackThis.lnk
[2011/07/16 14:41:47 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/07/16 13:59:06 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft - Brood War.lnk
[2011/07/16 13:47:30 | 000,001,816 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk
[2011/07/15 19:04:01 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Desktop\Frozen Throne.lnk
[2011/07/15 18:55:12 | 000,054,824 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011/07/15 18:55:11 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2011/07/15 17:29:53 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/15 16:45:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\DfrgUIEx.INI
[2011/07/14 10:01:22 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/06/20 15:04:35 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/20 15:04:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/06/05 19:12:14 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/02/04 17:41:02 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\housecall.guid.cache
[2011/01/29 13:30:09 | 000,000,048 | ---- | C] () -- C:\WINDOWS\TaxACT10.ini
[2010/05/01 21:57:41 | 000,026,888 | R--- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2010/02/01 20:34:00 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009/02/12 06:53:38 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\bqufrlsj.ini
[2009/02/10 06:59:49 | 001,551,683 | -HS- | C] () -- C:\WINDOWS\System32\thofdvox.ini
[2009/02/08 12:25:55 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\mvtakxey.ini
[2009/02/06 20:43:57 | 001,563,504 | -HS- | C] () -- C:\WINDOWS\System32\psaoctoc.ini
[2009/02/06 20:29:16 | 001,563,504 | -HS- | C] () -- C:\WINDOWS\System32\isgbpiro.ini
[2009/02/05 20:28:36 | 001,558,949 | -HS- | C] () -- C:\WINDOWS\System32\kpaijvaa.ini
[2009/02/05 19:28:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\dmokqsxo.ini
[2009/02/05 18:28:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\wbvpujob.ini
[2009/02/05 18:19:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\xhlcchaq.ini
[2009/02/05 17:19:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\ihfqafot.ini
[2009/02/05 16:19:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\xmrrlfyn.ini
[2009/02/05 16:10:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\whmshqsv.ini
[2009/02/05 15:10:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\hqplmeix.ini
[2009/02/05 15:07:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fkoimmgu.ini
[2009/02/05 14:07:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\yldushvj.ini
[2009/02/05 13:04:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\etmyoano.ini
[2009/02/05 12:01:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\wxjbnyhr.ini
[2009/02/05 11:55:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\dqdhmoag.ini
[2009/02/05 10:55:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\mbpboyrv.ini
[2009/02/05 09:52:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\yvupevgn.ini
[2009/02/05 09:49:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fsojhfmh.ini
[2009/02/05 08:46:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\lxvwtkmf.ini
[2009/02/05 07:43:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\cnkeisfn.ini
[2009/02/05 07:40:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\vbsqnvhg.ini
[2009/02/05 07:37:25 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\vkrvwygb.ini
[2009/02/05 06:39:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\rogcubyp.ini
[2009/02/05 05:36:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\awtreqbn.ini
[2009/02/05 05:30:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\hxbplfim.ini
[2009/02/05 04:30:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\vubocsmd.ini
[2009/02/05 04:27:17 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fpbigipd.ini
[2009/02/05 03:27:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\jbvftghy.ini
[2009/02/05 02:21:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\uypbeafa.ini
[2009/02/05 02:18:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\qfoiachm.ini
[2009/02/05 01:18:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\gfgcowqj.ini
[2009/02/05 00:12:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\aycywsue.ini
[2009/02/04 23:12:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\aommbyug.ini
[2009/02/04 23:06:17 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\ugtmjhcy.ini
[2009/02/04 23:00:21 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\cabfgtyf.ini
[2009/02/04 22:00:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fyiosjio.ini
[2009/02/04 21:57:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fchrjdnp.ini
[2009/02/04 07:08:27 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\wsiwtutw.ini
[2009/01/22 20:32:25 | 000,117,180 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/01/15 19:19:35 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\hkbmcepa.ini
[2009/01/06 06:11:38 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\knauojmv.ini
[2008/11/22 09:14:51 | 000,494,452 | -HS- | C] () -- C:\WINDOWS\System32\MooUxyxx.ini2
[2008/11/22 09:14:50 | 000,493,372 | -HS- | C] () -- C:\WINDOWS\System32\MooUxyxx.ini
[2008/04/05 11:04:19 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\ezpinst.exe
[2008/04/05 11:04:18 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.cat
[2008/04/05 11:04:18 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.inf
[2007/08/08 12:31:08 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2007/08/08 11:32:04 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\babccee7_d.dll
[2007/03/15 00:08:14 | 000,000,004 | ---- | C] () -- C:\WINDOWS\MGXSSDat.Dat
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/21 19:17:15 | 000,000,141 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/21 19:16:52 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/12/31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/11/24 10:50:24 | 000,117,146 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2006/11/24 10:50:23 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2006/11/24 10:05:40 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\fusioncache.dat
[2006/11/24 09:48:31 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/05/05 19:19:28 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/06 20:01:03 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2006/04/06 18:58:29 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
[2006/04/06 18:56:02 | 000,096,768 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2006/02/21 19:21:31 | 000,034,492 | ---- | C] () -- C:\WINDOWS\System32\ppaluninst.exe
[2005/12/25 11:06:50 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2005/12/25 11:06:45 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/10 10:01:42 | 000,000,422 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/26 10:56:18 | 000,000,235 | ---- | C] () -- C:\WINDOWS\mslands.ini
[2005/11/09 19:02:52 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2005/11/09 19:00:50 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/07/09 14:24:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/06/28 20:25:11 | 000,000,081 | ---- | C] () -- C:\WINDOWS\PARSONS.INI
[2005/05/07 20:52:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2005/05/01 21:13:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/01/15 12:59:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/08/05 11:10:14 | 000,000,165 | ---- | C] () -- C:\WINDOWS\ConnMgr.ini
[2004/07/02 16:02:23 | 000,034,136 | ---- | C] () -- C:\WINDOWS\System32\RegHero.exe
[2004/06/29 18:46:04 | 000,028,504 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2004/05/23 18:37:11 | 000,000,092 | ---- | C] () -- C:\WINDOWS\mathadv4.ini
[2004/03/25 18:29:30 | 000,000,159 | ---- | C] () -- C:\WINDOWS\QHI.INI
[2004/03/17 20:56:30 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2004/01/29 18:52:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\SnapShot.INI
[2004/01/13 18:55:54 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/01/02 13:59:56 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2003/11/06 08:03:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2003/09/25 18:20:49 | 000,003,462 | ---- | C] () -- C:\WINDOWS\LKSCENES.INI
[2003/09/25 18:17:46 | 000,097,280 | ---- | C] () -- C:\WINDOWS\LIBWJPEG.DLL
[2003/09/22 20:15:43 | 000,000,081 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2003/09/22 19:51:38 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2003/09/22 19:51:37 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\Ptabimp3.exe
[2003/08/24 08:50:49 | 000,000,605 | ---- | C] () -- C:\WINDOWS\HOME.INI
[2003/08/24 08:50:49 | 000,000,291 | ---- | C] () -- C:\WINDOWS\HOMESYM.INI
[2003/08/20 21:18:16 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2003/08/20 21:16:56 | 000,000,022 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/08/16 18:43:19 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2003/08/16 18:43:14 | 000,000,250 | ---- | C] () -- C:\WINDOWS\3dr.ini
[2003/08/13 21:53:23 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/08/10 08:58:41 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/07/24 19:23:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\hpqwrap.INI
[2003/07/12 11:33:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\hpothb07.tif
[2003/07/12 11:33:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\hpothb07.dat
[2003/07/12 11:33:06 | 000,015,212 | -H-- | C] () -- C:\WINDOWS\hpothb07.dat
[2003/07/05 13:59:12 | 000,000,315 | ---- | C] () -- C:\WINDOWS\EReg515.dat
[2003/07/05 13:56:40 | 000,000,946 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/07/04 15:28:27 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2003/07/04 12:55:01 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2003/07/04 12:55:01 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2003/07/04 12:55:01 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2003/07/04 12:55:01 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2003/07/02 10:24:08 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/07/02 10:24:08 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/07/02 10:24:08 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/07/01 20:00:50 | 000,000,466 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/07/01 19:53:24 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2003/06/30 19:29:35 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DVDSentry.ini
[2003/06/30 17:32:11 | 000,000,233 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2003/06/30 17:30:43 | 000,000,219 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/06/25 01:45:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/06/25 01:38:41 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/06/25 01:30:37 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/06/25 01:20:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/06/25 01:19:24 | 000,447,624 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2003/06/25 01:19:24 | 000,074,110 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2003/06/25 01:19:04 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/06/25 01:03:48 | 000,000,479 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/04/09 15:40:38 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\zip.exe
[2003/04/09 15:40:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2003/04/09 15:40:14 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2003/04/09 15:40:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/04/09 15:40:00 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/11/22 12:50:06 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2002/11/22 12:49:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/09/30 06:15:30 | 000,656,248 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/30 06:10:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/03 13:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 13:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 12:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 12:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 12:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 12:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 12:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 12:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 09:56:30 | 000,023,692 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/23 15:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2001/08/17 18:36:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/11/10 16:57:04 | 000,005,025 | ---- | C] () -- C:\WINDOWS\System32\patterns.dat
[2000/04/25 14:58:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wrkgadm.exe
[1999/01/22 22:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/06/13 22:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/07/13 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2010/05/20 22:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2005/10/28 18:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2004/11/26 15:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2004/01/14 20:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2011/07/18 01:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2007/08/08 07:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\logs
[2010/02/01 20:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010/01/17 12:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PeoplePC
[2004/11/26 16:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2010/05/07 16:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprint
[2011/07/20 13:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/01/29 13:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2005/05/11 10:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/09/29 21:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2008/10/08 06:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/05/07 15:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\AT&T
[2006/01/31 21:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\DeductionPro 2005-06
[2011/07/15 20:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\FrostWire
[2004/03/05 13:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\FUJIFILM
[2011/07/18 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\IObit
[2003/06/30 19:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Leadertech
[2007/08/08 12:09:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\OfficeUpdate12
[2011/07/16 14:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\PCMagazine
[2010/02/01 20:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\pdf995
[2010/09/26 18:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\PeoplePal
[2008/12/29 17:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\PeoplePC
[2010/05/01 14:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Sierra Wireless
[2006/01/24 20:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Simple Star
[2011/01/29 13:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\TaxCut
[2005/05/11 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\TuneUp Software
[2011/07/14 10:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Vso
[2010/12/06 06:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\W Photo Studio
[2009/09/29 21:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\W Photo Studio Viewer
[2009/09/29 21:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Walgreens
[2011/07/18 00:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\WallpaperSS
[2007/01/25 20:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\WILLPower
[2010/05/07 15:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Bytemobile
[2011/07/20 20:12:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/07/21 09:00:49 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job

========== Purity Check ==========



< End of report >
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby askey127 » July 21st, 2011, 11:30 am

hutspr01,
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    [2009/02/10 06:59:49 | 001,551,683 | -HS- | C] () -- C:\WINDOWS\System32\thofdvox.ini
    [2009/02/08 12:25:55 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\mvtakxey.ini
    [2009/02/06 20:43:57 | 001,563,504 | -HS- | C] () -- C:\WINDOWS\System32\psaoctoc.ini
    [2009/02/06 20:29:16 | 001,563,504 | -HS- | C] () -- C:\WINDOWS\System32\isgbpiro.ini
    [2009/02/05 20:28:36 | 001,558,949 | -HS- | C] () -- C:\WINDOWS\System32\kpaijvaa.ini
    [2009/02/05 19:28:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\dmokqsxo.ini
    [2009/02/05 18:28:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\wbvpujob.ini
    [2009/02/05 18:19:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\xhlcchaq.ini
    [2009/02/05 17:19:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\ihfqafot.ini
    [2009/02/05 16:19:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\xmrrlfyn.ini
    [2009/02/05 16:10:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\whmshqsv.ini
    [2009/02/05 15:10:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\hqplmeix.ini
    [2009/02/05 15:07:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fkoimmgu.ini
    [2009/02/05 14:07:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\yldushvj.ini
    [2009/02/05 13:04:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\etmyoano.ini
    [2009/02/05 12:01:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\wxjbnyhr.ini
    [2009/02/05 11:55:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\dqdhmoag.ini
    [2009/02/05 10:55:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\mbpboyrv.ini
    [2009/02/05 09:52:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\yvupevgn.ini
    [2009/02/05 09:49:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fsojhfmh.ini
    [2009/02/05 08:46:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\lxvwtkmf.ini
    [2009/02/05 07:43:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\cnkeisfn.ini
    [2009/02/05 07:40:20 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\vbsqnvhg.ini
    [2009/02/05 07:37:25 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\vkrvwygb.ini
    [2009/02/05 06:39:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\rogcubyp.ini
    [2009/02/05 05:36:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\awtreqbn.ini
    [2009/02/05 05:30:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\hxbplfim.ini
    [2009/02/05 04:30:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\vubocsmd.ini
    [2009/02/05 04:27:17 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fpbigipd.ini
    [2009/02/05 03:27:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\jbvftghy.ini
    [2009/02/05 02:21:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\uypbeafa.ini
    [2009/02/05 02:18:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\qfoiachm.ini
    [2009/02/05 01:18:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\gfgcowqj.ini
    [2009/02/05 00:12:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\aycywsue.ini
    [2009/02/04 23:12:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\aommbyug.ini
    [2009/02/04 23:06:17 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\ugtmjhcy.ini
    [2009/02/04 23:00:21 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\cabfgtyf.ini
    [2009/02/04 22:00:15 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fyiosjio.ini
    [2009/02/04 21:57:14 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\fchrjdnp.ini
    [2009/02/04 07:08:27 | 001,523,288 | -HS- | C] () -- C:\WINDOWS\System32\wsiwtutw.ini
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" =0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" =0
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" =0
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\FrostWire\FrostWire.exe" =-
    
    :Files
    C:\Documents and Settings\Hutson Family\Application Data\FrostWire
    
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Registry Problems?

Unread postby hutspr01 » July 22nd, 2011, 12:06 am

OTL logfile created on: 7/21/2011 11:59:49 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Hutson Family\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.48 Mb Total Physical Memory | 317.80 Mb Available Physical Memory | 31.08% Memory free
2.40 Gb Paging File | 1.92 Gb Available in Paging File | 79.84% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.02 Gb Total Space | 109.59 Gb Free Space | 73.54% Space Free | Partition Type: NTFS
Drive D: | 480.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D366HZ21 | User Name: Hutson Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/21 09:33:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hutson Family\My Documents\Downloads\OTL.exe
PRC - [2011/07/17 20:13:05 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/05 14:19:16 | 002,692,024 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
PRC - [2010/11/16 14:53:02 | 000,454,344 | ---- | M] (Gianpaolo Bottin) -- C:\Program Files\WallpaperSS\WallpaperSS.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/21 18:51:20 | 001,507,328 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2006/06/07 13:46:24 | 000,942,080 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Utility\UPHClean\uphclean.exe
PRC - [2002/07/22 02:10:00 | 000,577,602 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\iTouch\iTouch.exe


========== Modules (SafeList) ==========

MOD - [2011/07/21 09:33:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hutson Family\My Documents\Downloads\OTL.exe
MOD - [2010/09/20 15:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 04:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 04:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (aawservice)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/06/07 13:46:24 | 000,942,080 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Utility\UPHClean\uphclean.exe -- (UPHClean)


========== Driver Services (SafeList) ==========

DRV - [2011/07/14 09:59:52 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110721.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/07/14 09:59:52 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/14 09:59:52 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110721.020\NAVENG.SYS -- (NAVENG)
DRV - [2011/07/13 16:52:34 | 000,355,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110721.031\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/06/05 19:31:58 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/19 15:37:06 | 000,810,616 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110701.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/07/22 18:06:09 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/12 04:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/05/04 15:57:18 | 000,148,096 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\swumxa3.sys -- (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3)
DRV - [2009/03/31 14:45:42 | 000,190,080 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV - [2008/10/15 11:58:34 | 000,171,144 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2008/10/15 11:58:34 | 000,149,512 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\swmx00.sys -- (swmx00) Sierra Wireless USB MUX Driver (#00)
DRV - [2008/10/15 11:58:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PCASp50.sys -- (PCASp50)
DRV - [2008/10/15 11:58:26 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWADIenum.sys -- (NWADI)
DRV - [2008/09/16 18:18:31 | 000,026,888 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/06/18 11:49:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 23:04:34 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2008/04/13 23:04:32 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2008/04/13 23:04:30 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2008/04/13 23:04:30 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2008/04/13 23:04:30 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2008/04/13 23:04:30 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2008/04/13 23:04:28 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 23:04:28 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2008/04/13 23:04:28 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2008/04/13 23:04:28 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2006/05/03 12:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2005/12/29 19:07:50 | 000,282,624 | R--- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/10/09 12:52:57 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2005/08/19 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/08/19 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/06/20 17:33:26 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2003/01/15 15:45:06 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/11 17:52:58 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2002/10/29 17:38:10 | 000,170,499 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/10/29 17:37:36 | 001,175,536 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/29 17:31:28 | 000,604,240 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2002/07/19 11:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/07/09 22:10:00 | 000,011,008 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\itchfltr.sys -- (itchfltr)
DRV - [2002/07/09 05:50:00 | 000,070,382 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.sys -- (LMouFlt2)
DRV - [2002/07/09 05:50:00 | 000,050,862 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Pr2.sys -- (l8042pr2)
DRV - [2002/07/09 05:50:00 | 000,006,030 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LKbdFlt2.sys -- (LKbdFlt2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.foxnews.com"
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2010.9.0.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=en&q="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/20 12:43:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011/07/21 23:52:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/17 20:13:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/21 09:29:34 | 000,000,000 | ---D | M]

[2010/08/02 21:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Extensions
[2010/08/02 14:47:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/07/21 23:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\extensions
[2011/07/15 17:37:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/15 17:58:41 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/07/21 23:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/21 09:15:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/07/21 23:52:33 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
[2011/07/21 09:14:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/07/21 09:14:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/02/22 06:13:35 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2002/08/29 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc. )
O4 - HKCU..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe (Symantec Corporation)
O4 - HKCU..\Run: [PCMagHDHeartBeat] File not found
O4 - HKCU..\Run: [WallpaperSS] C:\Program Files\WallpaperSS\WallpaperSS.exe (Gianpaolo Bottin)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/20 17:31:46 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe ()
O4 - Startup: C:\Documents and Settings\Hutson Family\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/20 17:33:41 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108851
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Intellimenus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 15
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - File not found
O9 - Extra 'Tools' menuitem : Microsoft Knowledge Base - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - File not found
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v ... 5942424869 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4031514453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://samsclubus.pnimedia.com/upload/a ... ontrol.cab (Photo Upload Plugin Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/sho ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134 192.168.33.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell(R))
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Hutson Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hutson Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/05/18 14:54:20 | 000,061,440 | R--- | M] () - D:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2003/02/12 03:01:48 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2268ae60-554e-11df-9047-000bdb2d2371}\Shell - "" = AutoRun
O33 - MountPoints2\{2268ae60-554e-11df-9047-000bdb2d2371}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2268ae60-554e-11df-9047-000bdb2d2371}\Shell\AutoRun\command - "" = G:\WIN\setup.exe
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{29680fac-6e44-11dd-b5a4-000bdb2d2371}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{7e10ee51-73d5-11dd-b5a5-000bdb2d2371}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe /pdf_Spanish
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/21 23:50:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/21 09:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/07/18 15:08:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Start Menu\Programs\HiJackThis
[2011/07/18 01:41:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/07/18 00:45:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Application Data\WallpaperSS
[2011/07/18 00:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Wallpaper Slideshow
[2011/07/18 00:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\WallpaperSS
[2011/07/18 00:41:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2011/07/18 00:41:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\Microsoft Corporation
[2011/07/16 14:40:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Application Data\IObit
[2011/07/16 14:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/07/16 13:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft
[2011/07/16 13:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\StarCraft
[2011/07/16 09:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\My Documents\StarCraft 1.15.2 enUS Installer
[2011/07/15 18:55:11 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011/07/15 18:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hutson Family\Start Menu\Programs\Warcraft III
[2011/07/15 00:57:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2008/04/05 11:04:18 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/07/21 23:58:29 | 000,001,940 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/07/21 23:52:48 | 000,000,051 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2011/07/21 23:52:24 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/07/21 23:52:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/07/21 23:52:10 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/21 23:33:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/07/21 10:04:23 | 000,002,667 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Desktop\HiJackThis.lnk
[2011/07/20 20:12:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/18 01:11:59 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/18 00:07:40 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011/07/17 20:16:19 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/07/16 15:11:40 | 000,656,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/16 14:03:16 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft - Brood War.lnk
[2011/07/16 13:18:42 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Desktop\Microsoft Office Word 2007.lnk
[2011/07/15 19:04:01 | 000,054,824 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2011/07/15 19:04:01 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Desktop\Frozen Throne.lnk
[2011/07/15 19:02:29 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011/07/15 19:02:29 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2011/07/15 17:01:30 | 000,000,026 | ---- | M] () -- C:\WINDOWS\DfrgUIEx.INI
[2011/07/15 16:39:49 | 000,447,624 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/07/15 16:39:49 | 000,074,110 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/07/14 10:09:39 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Application Data\ezpinst.exe
[2011/07/14 10:09:38 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.sys
[2011/07/14 10:09:38 | 000,007,824 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.cat
[2011/07/14 10:09:38 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.inf
[2011/07/14 08:19:22 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/14 08:19:22 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat

========== Files Created - No Company Name ==========

[2011/07/21 09:29:34 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/20 12:54:35 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/18 15:08:33 | 000,002,667 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Desktop\HiJackThis.lnk
[2011/07/16 14:41:47 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/07/16 13:59:06 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft - Brood War.lnk
[2011/07/16 13:47:30 | 000,001,816 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk
[2011/07/15 19:04:01 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Desktop\Frozen Throne.lnk
[2011/07/15 18:55:12 | 000,054,824 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011/07/15 18:55:11 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2011/07/15 17:29:53 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/15 16:45:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\DfrgUIEx.INI
[2011/07/14 10:01:22 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/06/20 15:04:35 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/20 15:04:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/06/05 19:12:14 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/02/04 17:41:02 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\housecall.guid.cache
[2011/01/29 13:30:09 | 000,000,048 | ---- | C] () -- C:\WINDOWS\TaxACT10.ini
[2010/05/01 21:57:41 | 000,026,888 | R--- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2010/02/01 20:34:00 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009/02/12 06:53:38 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\bqufrlsj.ini
[2009/01/22 20:32:25 | 000,117,180 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/01/15 19:19:35 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\hkbmcepa.ini
[2009/01/06 06:11:38 | 000,000,121 | -HS- | C] () -- C:\WINDOWS\System32\knauojmv.ini
[2008/11/22 09:14:51 | 000,494,452 | -HS- | C] () -- C:\WINDOWS\System32\MooUxyxx.ini2
[2008/11/22 09:14:50 | 000,493,372 | -HS- | C] () -- C:\WINDOWS\System32\MooUxyxx.ini
[2008/04/05 11:04:19 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\ezpinst.exe
[2008/04/05 11:04:18 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.cat
[2008/04/05 11:04:18 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\pcouffin.inf
[2007/08/08 12:31:08 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2007/08/08 11:32:04 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\babccee7_d.dll
[2007/03/15 00:08:14 | 000,000,004 | ---- | C] () -- C:\WINDOWS\MGXSSDat.Dat
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/21 19:17:15 | 000,000,141 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/21 19:16:52 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/12/31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/11/24 10:50:24 | 000,117,146 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2006/11/24 10:50:23 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2006/11/24 10:05:40 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\fusioncache.dat
[2006/11/24 09:48:31 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/05/05 19:19:28 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/06 20:01:03 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2006/04/06 18:58:29 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
[2006/04/06 18:56:02 | 000,096,768 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2006/02/21 19:21:31 | 000,034,492 | ---- | C] () -- C:\WINDOWS\System32\ppaluninst.exe
[2005/12/25 11:06:50 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2005/12/25 11:06:45 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/10 10:01:42 | 000,000,422 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/26 10:56:18 | 000,000,235 | ---- | C] () -- C:\WINDOWS\mslands.ini
[2005/11/09 19:02:52 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2005/11/09 19:00:50 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/07/09 14:24:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/06/28 20:25:11 | 000,000,081 | ---- | C] () -- C:\WINDOWS\PARSONS.INI
[2005/05/07 20:52:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2005/05/01 21:13:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/01/15 12:59:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/08/05 11:10:14 | 000,000,165 | ---- | C] () -- C:\WINDOWS\ConnMgr.ini
[2004/07/02 16:02:23 | 000,034,136 | ---- | C] () -- C:\WINDOWS\System32\RegHero.exe
[2004/06/29 18:46:04 | 000,028,504 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2004/05/23 18:37:11 | 000,000,092 | ---- | C] () -- C:\WINDOWS\mathadv4.ini
[2004/03/25 18:29:30 | 000,000,159 | ---- | C] () -- C:\WINDOWS\QHI.INI
[2004/03/17 20:56:30 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2004/01/29 18:52:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\SnapShot.INI
[2004/01/13 18:55:54 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/01/02 13:59:56 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2003/11/06 08:03:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2003/09/25 18:20:49 | 000,003,462 | ---- | C] () -- C:\WINDOWS\LKSCENES.INI
[2003/09/25 18:17:46 | 000,097,280 | ---- | C] () -- C:\WINDOWS\LIBWJPEG.DLL
[2003/09/22 20:15:43 | 000,000,081 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2003/09/22 19:51:38 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2003/09/22 19:51:37 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\Ptabimp3.exe
[2003/08/24 08:50:49 | 000,000,605 | ---- | C] () -- C:\WINDOWS\HOME.INI
[2003/08/24 08:50:49 | 000,000,291 | ---- | C] () -- C:\WINDOWS\HOMESYM.INI
[2003/08/20 21:18:16 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2003/08/20 21:16:56 | 000,000,022 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/08/16 18:43:19 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2003/08/16 18:43:14 | 000,000,250 | ---- | C] () -- C:\WINDOWS\3dr.ini
[2003/08/13 21:53:23 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/08/10 08:58:41 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Hutson Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/07/24 19:23:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\hpqwrap.INI
[2003/07/12 11:33:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\hpothb07.tif
[2003/07/12 11:33:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Hutson Family\Application Data\hpothb07.dat
[2003/07/12 11:33:06 | 000,015,212 | -H-- | C] () -- C:\WINDOWS\hpothb07.dat
[2003/07/05 13:59:12 | 000,000,315 | ---- | C] () -- C:\WINDOWS\EReg515.dat
[2003/07/05 13:56:40 | 000,000,946 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/07/04 15:28:27 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2003/07/04 12:55:01 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2003/07/04 12:55:01 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2003/07/04 12:55:01 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2003/07/04 12:55:01 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2003/07/02 10:24:08 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/07/02 10:24:08 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/07/02 10:24:08 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/07/01 20:00:50 | 000,000,466 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/07/01 19:53:24 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2003/06/30 19:29:35 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DVDSentry.ini
[2003/06/30 17:32:11 | 000,000,233 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2003/06/30 17:30:43 | 000,000,219 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/06/25 01:45:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/06/25 01:38:41 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/06/25 01:30:37 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/06/25 01:20:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/06/25 01:19:24 | 000,447,624 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2003/06/25 01:19:24 | 000,074,110 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2003/06/25 01:19:04 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/06/25 01:03:48 | 000,000,479 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/04/09 15:40:38 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\zip.exe
[2003/04/09 15:40:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2003/04/09 15:40:14 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2003/04/09 15:40:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/04/09 15:40:00 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/11/22 12:50:06 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2002/11/22 12:49:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/09/30 06:15:30 | 000,656,248 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/30 06:10:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/03 13:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 13:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 12:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 12:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 12:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 12:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 12:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 12:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 09:56:30 | 000,023,692 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/23 15:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2001/08/17 18:36:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/11/10 16:57:04 | 000,005,025 | ---- | C] () -- C:\WINDOWS\System32\patterns.dat
[2000/04/25 14:58:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wrkgadm.exe
[1999/01/22 22:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/06/13 22:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/07/13 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2010/05/20 22:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2005/10/28 18:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2004/11/26 15:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2004/01/14 20:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2011/07/18 01:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2007/08/08 07:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\logs
[2010/02/01 20:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010/01/17 12:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PeoplePC
[2004/11/26 16:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2010/05/07 16:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprint
[2011/07/20 13:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/01/29 13:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2005/05/11 10:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/09/29 21:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2008/10/08 06:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/05/07 15:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\AT&T
[2006/01/31 21:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\DeductionPro 2005-06
[2004/03/05 13:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\FUJIFILM
[2011/07/18 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\IObit
[2003/06/30 19:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Leadertech
[2007/08/08 12:09:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\OfficeUpdate12
[2011/07/16 14:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\PCMagazine
[2010/02/01 20:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\pdf995
[2010/09/26 18:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\PeoplePal
[2008/12/29 17:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\PeoplePC
[2010/05/01 14:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Sierra Wireless
[2006/01/24 20:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Simple Star
[2011/01/29 13:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\TaxCut
[2005/05/11 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\TuneUp Software
[2011/07/14 10:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Vso
[2010/12/06 06:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\W Photo Studio
[2009/09/29 21:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\W Photo Studio Viewer
[2009/09/29 21:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\Walgreens
[2011/07/18 00:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\WallpaperSS
[2007/01/25 20:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hutson Family\Application Data\WILLPower
[2011/07/20 20:12:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/07/21 23:52:24 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job

========== Purity Check ==========



< End of report >
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby askey127 » July 22nd, 2011, 7:07 am

hutspr01,
You may want to copy this into a Notepad text file or use Print preview to print it out before you begin.
-----------------------------------------------------------
Download and Run ComboFix
IMPORTANT NOTE: ComboFix is a VERY POWERFUL tool. DO NOT use it without guidance.
ComboFix uses very forceful tactics to remove malware from your system. Your antivirus software may warn you about the file.
You will need to disable all your antivirus software after downloading, but BEFORE running ComboFix. Instructions are below
.
  • Download ComboFix from here
  • Rename it while saving the download to zzz.exe and save it to your Desktop. Do not try to rename it after it has been saved to your desktop, or the infection may prevent you from using it.
    **Note: It is important that it is saved directly to your desktop and run from the desktop, not from any other folder on your computer**
  • Stop and Disable Norton 360 Service
    Go to Start, Run OR Start, Programs, Accessories, Command Prompt and type Services.msc and click OK.
    Scroll down and find the service.

    Norton 360

    Click once on the service to highlight it.
    Right-Click on the service. Click on Properties
    Select the General tab.
    Next to Service Status, click Stop.
    Click the Arrow-down tab on the right-hand side of the Start-up Type box.
    From the drop-down menu, click on Disabled
    Click Apply , then OK

  • Now start ComboFix (zzz.exe)
  • The tool will check whether the Recovery Console is present on your system. If it is not, ComboFix will prompt you whether you would like to install it. (You would).
  • If it is not, make sure you are connected to the internet as ComboFix needs to download a file. When you are connected to the internet, click Yes and follow the prompts.
    When asked whether to continue scanning or to exit, click Yes to continue scanning (no need to disconnect from the internet as ComboFix breaks your internet connection for you).
  • It will run through about 50 procedures, then take a while to assemble its output log.
  • Do not touch the computer AT ALL while ComboFix is running.
  • When finished, the report will open. Post the log in your next reply, and then Reenable your Antivirus protection software
A copy of the log will be located here if you need it-> C:\ComboFix.txt
If you cannot connect to the internet after running ComboFix, unplug the cable you use to connect to the internet and plug it back in.

The Recovery Console produces a brief (2 second) black screen at bootup which allows an additional technical resource for repair in case of a major failure. In regular operation, you can ignore it.
-----------------------------------------------------------
Start Up the Norton 360 Service Again
Go to Start, Run OR Start, Programs, Accessories, Command Prompt and type Services.msc and click OK.
Scroll down and find the service.

Norton 360

Click once on the service to highlight it.
Right-Click on the service. Click on Properties
Select the General tab.
Click the Arrow-down tab on the right-hand side of the Start-up Type box.
From the drop-down menu, click on Automatic
Next to Service Status, click Start.
Click Apply , then OK

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Registry Problems?

Unread postby hutspr01 » July 22nd, 2011, 10:02 am

I'm having trouble disabling Norton 360. It wont allow me to stop from Services.msc. Exact error message is: Unable to open service N360 for writing on Local Computer. Error 5: Access is denied. But that is just trying to change the startup type. I can't stop it because the buttons by the Service Status are turned off. Any Suggestions?...
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby askey127 » July 22nd, 2011, 12:37 pm

Try this approach:

Right-click the Norton 360 Premier Edition icon in the system tray and select Disable Antivirus Automatic-Protect.
You will get a new dialog box with five options: 15 minutes, 1 hour, 5 hours, Until system restart, Permanently.
Choose 5 hours.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Registry Problems?

Unread postby hutspr01 » July 22nd, 2011, 1:27 pm

ComboFix 11-07-22.02 - Hutson Family 07/22/2011 13:05:43.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.459 [GMT -4:00]
Running from: c:\documents and settings\Hutson Family\Desktop\zzz.exe
AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Hutson Family\Application Data\pcouffin.sys
c:\documents and settings\Hutson Family\WINDOWS
c:\program files\Utility
c:\program files\Utility\Ad-Aware\AutoLaunch.exe
c:\program files\Utility\AutoRuns\autoruns.chm
c:\program files\Utility\AutoRuns\autoruns.exe
c:\program files\Utility\AutoRuns\autorunsc.exe
c:\program files\Utility\AutoRuns\Eula.txt
c:\program files\Utility\AutoRuns\README.TXT
c:\program files\Utility\CCleaner\CCleaner.exe
c:\program files\Utility\CCleaner\Lang\lang-1025.dll
c:\program files\Utility\CCleaner\Lang\lang-1026.dll
c:\program files\Utility\CCleaner\Lang\lang-1027.dll
c:\program files\Utility\CCleaner\Lang\lang-1028.dll
c:\program files\Utility\CCleaner\Lang\lang-1029.dll
c:\program files\Utility\CCleaner\Lang\lang-1030.dll
c:\program files\Utility\CCleaner\Lang\lang-1031.dll
c:\program files\Utility\CCleaner\Lang\lang-1032.dll
c:\program files\Utility\CCleaner\Lang\lang-1034.dll
c:\program files\Utility\CCleaner\Lang\lang-1035.dll
c:\program files\Utility\CCleaner\Lang\lang-1036.dll
c:\program files\Utility\CCleaner\Lang\lang-1037.dll
c:\program files\Utility\CCleaner\Lang\lang-1038.dll
c:\program files\Utility\CCleaner\Lang\lang-1040.dll
c:\program files\Utility\CCleaner\Lang\lang-1041.dll
c:\program files\Utility\CCleaner\Lang\lang-1042.dll
c:\program files\Utility\CCleaner\Lang\lang-1043.dll
c:\program files\Utility\CCleaner\Lang\lang-1044.dll
c:\program files\Utility\CCleaner\Lang\lang-1045.dll
c:\program files\Utility\CCleaner\Lang\lang-1046.dll
c:\program files\Utility\CCleaner\Lang\lang-1048.dll
c:\program files\Utility\CCleaner\Lang\lang-1049.dll
c:\program files\Utility\CCleaner\Lang\lang-1050.dll
c:\program files\Utility\CCleaner\Lang\lang-1051.dll
c:\program files\Utility\CCleaner\Lang\lang-1052.dll
c:\program files\Utility\CCleaner\Lang\lang-1053.dll
c:\program files\Utility\CCleaner\Lang\lang-1055.dll
c:\program files\Utility\CCleaner\Lang\lang-1058.dll
c:\program files\Utility\CCleaner\Lang\lang-1061.dll
c:\program files\Utility\CCleaner\Lang\lang-1063.dll
c:\program files\Utility\CCleaner\Lang\lang-1065.dll
c:\program files\Utility\CCleaner\Lang\lang-1066.dll
c:\program files\Utility\CCleaner\Lang\lang-1067.dll
c:\program files\Utility\CCleaner\Lang\lang-1071.dll
c:\program files\Utility\CCleaner\Lang\lang-1079.dll
c:\program files\Utility\CCleaner\Lang\lang-1110.dll
c:\program files\Utility\CCleaner\Lang\lang-2052.dll
c:\program files\Utility\CCleaner\Lang\lang-2070.dll
c:\program files\Utility\CCleaner\Lang\lang-2074.dll
c:\program files\Utility\CCleaner\Lang\lang-3098.dll
c:\program files\Utility\CCleaner\Lang\lang-5146.dll
c:\program files\Utility\CCleaner\uninst.exe
c:\program files\Utility\cpu-z-140\cpuz-readme.txt
c:\program files\Utility\cpu-z-140\cpuz.exe
c:\program files\Utility\cpu-z-140\cpuz.ini
c:\program files\Utility\cpu-z-140\latency.exe
c:\program files\Utility\Dial-a-fix\Dial-a-fix.exe
c:\program files\Utility\Dial-a-fix\secedit.exe
c:\program files\Utility\DriveMan.exe
c:\program files\Utility\ERUNT\AUTOBACK.EXE
c:\program files\Utility\ERUNT\ERDNT.E_E
c:\program files\Utility\ERUNT\ERDNTDOS.LOC
c:\program files\Utility\ERUNT\ERDNTWIN.LOC
c:\program files\Utility\ERUNT\ERUNT.EXE
c:\program files\Utility\ERUNT\ERUNT.LOC
c:\program files\Utility\ERUNT\ERUNT.URL
c:\program files\Utility\ERUNT\LIESMICH.TXT
c:\program files\Utility\ERUNT\LOC_GER.ZIP
c:\program files\Utility\ERUNT\NTREGOPT.EXE
c:\program files\Utility\ERUNT\NTREGOPT.LOC
c:\program files\Utility\ERUNT\README.TXT
c:\program files\Utility\everesthome151\everest.bin
c:\program files\Utility\everesthome151\everest.dat
c:\program files\Utility\everesthome151\everest.exe
c:\program files\Utility\everesthome151\everest.mem
c:\program files\Utility\everesthome151\everest.web
c:\program files\Utility\everesthome151\everest_directx.dll
c:\program files\Utility\everesthome151\everest_icons.dll
c:\program files\Utility\everesthome151\everest_memlat.dll
c:\program files\Utility\everesthome151\everest_xpicons.dll
c:\program files\Utility\everesthome151\everest_zipdll.dll
c:\program files\Utility\everesthome151\kerneld.amd64
c:\program files\Utility\everesthome151\kerneld.ia64
c:\program files\Utility\everesthome151\kerneld.w9x
c:\program files\Utility\everesthome151\kerneld.wnt
c:\program files\Utility\everesthome151\Language\lang_al.txt
c:\program files\Utility\everesthome151\Language\lang_bg.txt
c:\program files\Utility\everesthome151\Language\lang_ca.txt
c:\program files\Utility\everesthome151\Language\lang_cz.txt
c:\program files\Utility\everesthome151\Language\lang_de.txt
c:\program files\Utility\everesthome151\Language\lang_dk.txt
c:\program files\Utility\everesthome151\Language\lang_es.txt
c:\program files\Utility\everesthome151\Language\lang_fi.txt
c:\program files\Utility\everesthome151\Language\lang_fr.txt
c:\program files\Utility\everesthome151\Language\lang_hr.txt
c:\program files\Utility\everesthome151\Language\lang_hu.txt
c:\program files\Utility\everesthome151\Language\lang_it.txt
c:\program files\Utility\everesthome151\Language\lang_jp.txt
c:\program files\Utility\everesthome151\Language\lang_kr.txt
c:\program files\Utility\everesthome151\Language\lang_lt.txt
c:\program files\Utility\everesthome151\Language\lang_lv.txt
c:\program files\Utility\everesthome151\Language\lang_mk.txt
c:\program files\Utility\everesthome151\Language\lang_nl.txt
c:\program files\Utility\everesthome151\Language\lang_no.txt
c:\program files\Utility\everesthome151\Language\lang_pl.txt
c:\program files\Utility\everesthome151\Language\lang_pt.txt
c:\program files\Utility\everesthome151\Language\lang_ro.txt
c:\program files\Utility\everesthome151\Language\lang_ru.txt
c:\program files\Utility\everesthome151\Language\lang_se.txt
c:\program files\Utility\everesthome151\Language\lang_si.txt
c:\program files\Utility\everesthome151\Language\lang_tr.txt
c:\program files\Utility\everesthome151\Language\lang_tw.txt
c:\program files\Utility\everesthome151\Language\lang_ua.txt
c:\program files\Utility\everesthome151\license.txt
c:\program files\Utility\HijackThis\backups\backup-20110718-013756-114
c:\program files\Utility\HijackThis\backups\backup-20110718-013756-281
c:\program files\Utility\HijackThis\backups\backup-20110718-013756-893
c:\program files\Utility\HijackThis\backups\backup-20110718-013756-961
c:\program files\Utility\HijackThis\backups\backup-20110718-013826-864
c:\program files\Utility\HijackThis\hijackthis.log
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110718-151046-589
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110718-151046-705
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110718-151046-809
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-184
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-207
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-296
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-404
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-495
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-550
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-766
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125324-766.dll
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125325-175
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125325-742
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\backups\backup-20110720-125325-929
c:\program files\Utility\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe
c:\program files\Utility\HijackThis\uninstall_list.txt
c:\program files\Utility\IPConfig\ToolDownloadReadme.htm
c:\program files\Utility\IPConfig\WNTIPCFG.EXE
c:\program files\Utility\IPConfig\wntipcfg_d.htm
c:\program files\Utility\IPConfig\wntipcfg_license.txt
c:\program files\Utility\MSConfig CleanUp\InControl.url
c:\program files\Utility\MSConfig CleanUp\MSConfigCleanUp.exe
c:\program files\Utility\MSConfig CleanUp\MSConfigCleanUp.url
c:\program files\Utility\MSConfig CleanUp\unins000.dat
c:\program files\Utility\MSConfig CleanUp\unins000.exe
c:\program files\Utility\MSConfig CleanUp\UninsHs.dat
c:\program files\Utility\MSConfig CleanUp\UninsHs.exe
c:\program files\Utility\ProcExp\procexp.chm
c:\program files\Utility\ProcExp\procexp.exe
c:\program files\Utility\ProcExp\README.TXT
c:\program files\Utility\Revo Uninstaller\lang\albanian.ini
c:\program files\Utility\Revo Uninstaller\lang\Arabic.ini
c:\program files\Utility\Revo Uninstaller\lang\armenian.ini
c:\program files\Utility\Revo Uninstaller\lang\azerbaijani.ini
c:\program files\Utility\Revo Uninstaller\lang\belarusian.ini
c:\program files\Utility\Revo Uninstaller\lang\bulgarian.ini
c:\program files\Utility\Revo Uninstaller\lang\catalan.ini
c:\program files\Utility\Revo Uninstaller\lang\chuvash.ini
c:\program files\Utility\Revo Uninstaller\lang\czech.ini
c:\program files\Utility\Revo Uninstaller\lang\Danish.ini
c:\program files\Utility\Revo Uninstaller\lang\dutch.ini
c:\program files\Utility\Revo Uninstaller\lang\english.ini
c:\program files\Utility\Revo Uninstaller\lang\estonian.ini
c:\program files\Utility\Revo Uninstaller\lang\farsi.ini
c:\program files\Utility\Revo Uninstaller\lang\finnish.ini
c:\program files\Utility\Revo Uninstaller\lang\french.ini
c:\program files\Utility\Revo Uninstaller\lang\german.ini
c:\program files\Utility\Revo Uninstaller\lang\hebrew.ini
c:\program files\Utility\Revo Uninstaller\lang\hellenic.ini
c:\program files\Utility\Revo Uninstaller\lang\hrvatski.ini
c:\program files\Utility\Revo Uninstaller\lang\hungarian.ini
c:\program files\Utility\Revo Uninstaller\lang\Indonesian.ini
c:\program files\Utility\Revo Uninstaller\lang\italian.ini
c:\program files\Utility\Revo Uninstaller\lang\japanese.ini
c:\program files\Utility\Revo Uninstaller\lang\korean.ini
c:\program files\Utility\Revo Uninstaller\lang\lithuanian.ini
c:\program files\Utility\Revo Uninstaller\lang\macedonian.ini
c:\program files\Utility\Revo Uninstaller\lang\norwegian(nn).ini
c:\program files\Utility\Revo Uninstaller\lang\norwegian.ini
c:\program files\Utility\Revo Uninstaller\lang\polish.ini
c:\program files\Utility\Revo Uninstaller\lang\portuguese.ini
c:\program files\Utility\Revo Uninstaller\lang\portuguesebrazil.ini
c:\program files\Utility\Revo Uninstaller\lang\romanian.ini
c:\program files\Utility\Revo Uninstaller\lang\russian.ini
c:\program files\Utility\Revo Uninstaller\lang\serbian.ini
c:\program files\Utility\Revo Uninstaller\lang\simplifiedchinese.ini
c:\program files\Utility\Revo Uninstaller\lang\slovak.ini
c:\program files\Utility\Revo Uninstaller\lang\slovenian.ini
c:\program files\Utility\Revo Uninstaller\lang\spanish.ini
c:\program files\Utility\Revo Uninstaller\lang\swedish.ini
c:\program files\Utility\Revo Uninstaller\lang\thai.ini
c:\program files\Utility\Revo Uninstaller\lang\traditionalchinese.ini
c:\program files\Utility\Revo Uninstaller\lang\turkish.ini
c:\program files\Utility\Revo Uninstaller\lang\ukrainian.ini
c:\program files\Utility\Revo Uninstaller\lang\vietnamese.ini
c:\program files\Utility\Revo Uninstaller\lang\vietnameseo.ini
c:\program files\Utility\Revo Uninstaller\License.txt
c:\program files\Utility\Revo Uninstaller\Revo Uninstaller Help.pdf
c:\program files\Utility\Revo Uninstaller\Revo Uninstaller.url
c:\program files\Utility\Revo Uninstaller\revouninstaller.exe
c:\program files\Utility\Revo Uninstaller\uninst.exe
c:\program files\Utility\Spybot\Includes\Browserpages.sbs
c:\program files\Utility\Spybot\Includes\Cookies.sbi
c:\program files\Utility\Spybot\Includes\Cookies.sbs
c:\program files\Utility\Spybot\Includes\Dialer.sbi
c:\program files\Utility\Spybot\Includes\Dialer.sbs
c:\program files\Utility\Spybot\Includes\DialerC.sbi
c:\program files\Utility\Spybot\Includes\Domains.sbs
c:\program files\Utility\Spybot\Includes\Hijackers.sbi
c:\program files\Utility\Spybot\Includes\HijackersC.sbi
c:\program files\Utility\Spybot\Includes\Keyloggers.sbi
c:\program files\Utility\Spybot\Includes\KeyloggersC.sbi
c:\program files\Utility\Spybot\Includes\Logs.uts
c:\program files\Utility\Spybot\Includes\LSP.sbi
c:\program files\Utility\Spybot\Includes\Malware.sbi
c:\program files\Utility\Spybot\Includes\MalwareC.sbi
c:\program files\Utility\Spybot\Includes\ProcWatch.sbs
c:\program files\Utility\Spybot\Includes\PUPS.sbi
c:\program files\Utility\Spybot\Includes\PUPSC.sbi
c:\program files\Utility\Spybot\Includes\RegWatch.sbs
c:\program files\Utility\Spybot\Includes\Revision.sbi
c:\program files\Utility\Spybot\Includes\Revision.sbs
c:\program files\Utility\Spybot\Includes\Searchpages.sbs
c:\program files\Utility\Spybot\Includes\Security.sbi
c:\program files\Utility\Spybot\Includes\SecurityC.sbi
c:\program files\Utility\Spybot\Includes\Services.sbs
c:\program files\Utility\Spybot\Includes\Spybots.sbi
c:\program files\Utility\Spybot\Includes\SpybotsC.sbi
c:\program files\Utility\Spybot\Includes\Tracks.uti
c:\program files\Utility\Spybot\Includes\Trojans.sbi
c:\program files\Utility\Spybot\Includes\TrojansC.sbi
c:\program files\Utility\Spybot\Includes\URL-Blacklist.sbs
c:\program files\Utility\Spybot\Plugins\TCPIPAddress.dll
c:\program files\Utility\Spybot\Updates\advcheck153.zip
c:\program files\Utility\Spybot\Updates\clsid.zip
c:\program files\Utility\Spybot\Updates\desc.english.zip
c:\program files\Utility\Spybot\Updates\help.english.zip
c:\program files\Utility\Spybot\Updates\helpres.english.zip
c:\program files\Utility\Spybot\Updates\includes.dialer.zip
c:\program files\Utility\Spybot\Updates\includes.hijackers.zip
c:\program files\Utility\Spybot\Updates\includes.keyloggers.zip
c:\program files\Utility\Spybot\Updates\includes.malware.zip
c:\program files\Utility\Spybot\Updates\includes.pups.zip
c:\program files\Utility\Spybot\Updates\includes.security.zip
c:\program files\Utility\Spybot\Updates\includes.spybots.zip
c:\program files\Utility\Spybot\Updates\includes.trojans.zip
c:\program files\Utility\Spybot\Updates\includes.zip
c:\program files\Utility\Spybot\Updates\lang.english.zip
c:\program files\Utility\Spybot\Updates\online.ini
c:\program files\Utility\Spybot\Updates\skins.main.zip
c:\program files\Utility\Spybot\Updates\startup.zip
c:\program files\Utility\Spybot\Updates\tools212.zip
c:\program files\Utility\srvinstw.exe
c:\program files\Utility\StartCop\license.txt
c:\program files\Utility\StartCop\StartCop.CNT
c:\program files\Utility\StartCop\StartCop.exe
c:\program files\Utility\StartCop\STARTCOP.GID
c:\program files\Utility\StartCop\StartCop.HLP
c:\program files\Utility\StartCop\StartCop.INI
c:\program files\Utility\StartCop\unins000.dat
c:\program files\Utility\StartCop\unins000.exe
c:\program files\Utility\ToolbarCop\BHO-302021404.reg
c:\program files\Utility\ToolbarCop\BHO-863255.reg
c:\program files\Utility\ToolbarCop\README.TXT
c:\program files\Utility\ToolbarCop\TB-302021342.reg
c:\program files\Utility\ToolbarCop\TB-302021373.reg
c:\program files\Utility\ToolbarCop\TB-8631467.reg
c:\program files\Utility\ToolbarCop\TB-8631532.reg
c:\program files\Utility\ToolbarCop\Toolbarcop.exe
c:\program files\Utility\TZEdit\TZEDIT.EXE
c:\program files\Utility\TZEdit\TZEDIT.HLP
c:\program files\Utility\UnClean\LICENSE.TXT
c:\program files\Utility\UnClean\UnClean.cnt
c:\program files\Utility\UnClean\UnClean.exe
c:\program files\Utility\UnClean\UnClean.hlp
c:\program files\Utility\UnClean\UnClean.INI
c:\program files\Utility\UnClean\unins000.dat
c:\program files\Utility\UnClean\unins000.exe
c:\program files\Utility\UPHClean\readme.txt
c:\program files\Utility\UPHClean\uphclean.exe
c:\program files\Utility\WinsockxpFix.exe
c:\program files\Utility\xp_remove_hotfix_backup.exe
c:\windows\system\oeminfo.ini
c:\windows\system32\bqufrlsj.ini
c:\windows\system32\drivers\fad.sys
c:\windows\system32\hkbmcepa.ini
c:\windows\system32\knauojmv.ini
c:\windows\system32\MooUxyxx.ini
c:\windows\system32\MooUxyxx.ini2
c:\windows\system32\rnaph.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FAD
-------\Legacy_UPHClean
-------\Legacy_UPHClean
-------\Service_UPHClean
-------\Service_UPHClean
.
.
((((((((((((((((((((((((( Files Created from 2011-06-22 to 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 14:29 . 2011-07-22 14:29 -------- d-----w- c:\documents and settings\Hutson Family\Application Data\Tific
2011-07-22 03:50 . 2011-07-22 03:50 -------- d-----w- C:\_OTL
2011-07-21 13:15 . 2011-07-21 13:14 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-21 13:13 . 2011-07-21 13:13 -------- d-----w- c:\program files\Java
2011-07-18 19:08 . 2011-07-18 19:08 388096 ----a-r- c:\documents and settings\Hutson Family\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-18 05:41 . 2011-07-18 05:41 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2011-07-18 04:45 . 2011-07-18 04:45 -------- d-----w- c:\documents and settings\Hutson Family\Application Data\WallpaperSS
2011-07-18 04:45 . 2011-07-18 04:45 -------- d-----w- c:\program files\WallpaperSS
2011-07-18 04:41 . 2011-07-18 04:41 -------- d-----w- c:\windows\Performance
2011-07-18 04:41 . 2011-07-18 04:41 -------- d-----w- c:\documents and settings\Hutson Family\Local Settings\Application Data\Microsoft Corporation
2011-07-16 18:40 . 2011-07-18 05:19 -------- d-----w- c:\documents and settings\Hutson Family\Application Data\IObit
2011-07-16 18:40 . 2011-07-16 18:40 -------- d-----w- c:\program files\IObit
2011-07-16 17:59 . 2011-07-17 04:52 -------- d-----w- c:\program files\StarCraft
2011-07-15 22:55 . 2011-07-15 23:02 2829 ----a-w- c:\windows\War3Unin.pif
2011-07-15 22:55 . 2011-07-15 23:02 139264 ----a-w- c:\windows\War3Unin.exe
2011-07-15 04:57 . 2011-07-15 13:04 -------- d-----w- c:\windows\SxsCaPendDel
2011-07-15 03:58 . 2010-12-20 17:32 551936 -c----w- c:\windows\system32\dllcache\oleaut32.dll
2011-07-14 17:53 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-21 13:14 . 2010-08-04 10:44 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-18 00:16 . 2010-05-03 23:21 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-14 14:09 . 2008-04-05 15:04 87608 ----a-w- c:\documents and settings\Hutson Family\Application Data\ezpinst.exe
2011-06-02 14:02 . 2002-09-03 17:11 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-02 15:31 . 2010-01-19 23:02 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2002-09-03 16:58 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2002-09-03 16:42 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2002-09-03 17:12 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2002-09-03 16:29 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-25 15:51 . 2002-09-03 17:12 832512 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 15:51 . 2004-08-04 05:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-04-25 15:51 . 2002-09-03 16:35 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 15:51 . 2002-09-03 16:29 17408 ----a-w- c:\windows\system32\corpol.dll
2011-04-25 12:01 . 2004-08-04 03:59 389120 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NortonUpdateAgent"="c:\documents and settings\All Users\Application Data\Norton\NUA.exe" [2011-04-05 2692024]
"WallpaperSS"="c:\program files\WallpaperSS\WallpaperSS.exe" [2010-11-16 454344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2002-07-22 577602]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-01-13 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-01-13 114688]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-06-07 319488]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-23 339968]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\Hutson Family\Start Menu\Programs\Startup\AutorunsDisabled
RCA Detective.lnk - c:\documents and settings\Hutson Family\My Documents\RCA Detective\RCADetective.exe [2008-8-26 1070080]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WG311v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG311v3\WG311v3.exe [2007-11-21 1507328]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2003-12-7 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [N/A]
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-4-6 169472]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoNetworkConnections"= 00000000
"ForceStartMenuLogOff"= 1 (0x1)
"MaxRecentDocs"= 15 (0xf)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"="0"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"="0"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"="0"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 Lbd;Lbd;c:\windows\SYSTEM32\DRIVERS\Lbd.sys [8/12/2010 6:59 PM 64288]
R0 SymDS;Symantec Data Store;c:\windows\SYSTEM32\DRIVERS\N360\0403000.005\symds.sys [10/26/2010 5:02 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\SYSTEM32\DRIVERS\N360\0403000.005\symefa.sys [10/26/2010 5:02 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110701.001\BHDrvx86.sys [7/14/2011 10:07 AM 810616]
R1 ccHP;Symantec Hash Provider;c:\windows\SYSTEM32\DRIVERS\N360\0403000.005\cchpx86.sys [10/26/2010 5:02 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\SYSTEM32\DRIVERS\N360\0403000.005\ironx86.sys [10/26/2010 5:02 PM 116784]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/19/2011 1:43 PM 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110721.031\IDSXpx86.sys [7/21/2011 11:46 PM 355256]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe [10/26/2010 5:01 PM 126392]
S3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/9/2010 4:56 PM 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\SYSTEM32\DRIVERS\swnc8ua3.sys [3/31/2009 2:45 PM 190080]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\SYSTEM32\DRIVERS\swumxa3.sys [5/4/2009 3:57 PM 148096]
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {{8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/search/?adv=1
TCP: DhcpNameServer = 68.87.72.134 68.87.77.134 192.168.33.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Hutson Family\Application Data\Mozilla\Firefox\Profiles\1ahd05e2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.foxnews.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=n ... t&hl=en&q=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: yahoo.homepage.dontask - true
.
.
------- File Associations -------
.
regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-PCMagHDHeartBeat - c:\program files\Utility\HD HeartBeat\HDHeartBeat.exe
AddRemove-CCleaner - c:\program files\Utility\CCleaner\uninst.exe
AddRemove-ItsDeductible7 - c:\program files\ItsDeductible7\DeIsL2.isu
AddRemove-Math Advantage 2001 - c:\mathadv4\Uninstma4.isu
AddRemove-MSConfig CleanUp_is1 - c:\program files\Utility\MSConfig CleanUp\UninsHs.exe
AddRemove-PC Magazine's Startup Cop_is1 - c:\program files\Utility\StartCop\unins000.exe
AddRemove-PC Magazine's UnClean_is1 - c:\program files\Utility\UnClean\unins000.exe
AddRemove-Revo Uninstaller - c:\program files\Utility\Revo Uninstaller\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-22 13:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\MrvGINA.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'Explorer.exe'(2064)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-07-22 13:25:10 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-22 17:25
.
Pre-Run: 117,576,249,344 bytes free
Post-Run: 117,392,343,040 bytes free
.
- - End Of File - - CBC88B6674DC2A64A3980A14C790203B
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby askey127 » July 22nd, 2011, 3:10 pm

Now be sure to start up Norton again-right click the icon in the System Tray and Enable Auto-protect.

Tell me how it's running.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Registry Problems?

Unread postby hutspr01 » July 23rd, 2011, 12:01 am

Startup and shutdown are so much faster now, its great. One concern I have is that when I right click on the desktop I get an error that says that windows explorer has to be forced closed then another error saying that Dr. Watson Post Mortem Debugger has to be forced close. It freezes everything up so I have to ctrl alt dlt to restart the computer. Is that a malware problem too?
hutspr01
Active Member
 
Posts: 8
Joined: July 18th, 2011, 3:17 pm

Re: Registry Problems?

Unread postby askey127 » July 23rd, 2011, 6:57 am

hutspr01,
Try resetting your IE settings back to default.
This removes all changes that have been made to Internet Explorer since it was installed, allowing you to start over fresh with IE.
This does not delete your favorites.

  • Close all Internet Explorer and Windows Explorer windows.
  • Click Start, and then click Control Panel.
  • In Control Panel, open Internet Options.
  • Click the Advanced tab, and then click Reset.
  • In the Reset Internet Explorer Settings dialog box, click Reset.
  • When Internet Explorer finishes restoring the default settings, click Close, and then click OK two times.
  • Close Internet Explorer, and then reopen it.
The changes take effect the next time that you open Internet Explorer.

Keep in mind that this will delete any add-ons that you have, so you'll need to reinstall any add-ons if you want them back.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 111 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware