Free Malware Removal Forum

by **sakdiesel** » September 19th, 2011, 11:40 am

Hello,

I have a Dell 2400 used in our kitchen/dinette. It stays on most of the time and is connected to the home network wirelessly. It isn't used for a lot of internet surfing except to look up something from time to time. We have had problems with it being slow but I (experienced user) have tried to keep it clean with Advanced Care and other Anti-Malware programs and I recently switched from AVG free to Avast free at the recommendation of my brother (advanced user). We had attributed it being slow to the age of the machine and Windows XP sp3 getting old.

Recently by brother-in-law sat down to look up something and the computer was frozen. With a reboot I found that it would not fully boot up. It seemed to be stuck during the boot up. Windows had started but programs are extremely slow to boot up or open up. It now takes up to 30 minutes to boot and I'm not sure it fully boots up. I can start programs but they have taken up to 15 to 20 minutes to start. I have booted it up in safe mode and it seems to work fine. I have run Superantispyware, Malwarebyte's, Avast, I also installed regalyzer and runalyzer but not being experienced with them I didn't make any changes with them. I would really appreciate help in figuring out the problem and getting it fixed.

Thanks,
Jeff

Below are the DDS.txt and the attach.txt files you requested which I ran in safe mode

dds.txt

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by Patti at 10:34:47 on 2011-09-19
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.766 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.home.bellsouth.net/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/def ... earch.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {5ca3d70e-1895-11cf-8e15-001234567890} - DriveLetterAccess
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SkinClock] c:\program files\atomic alarm clock\AtomicAlarmClock.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Aston2] "c:\program files\aston2\Aston2.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\docume~1\patti\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\windows search.lnk - c:\program files\windows desktop search\WindowsSearch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wireless connection manager.lnk - c:\program files\d-link\dwa-130 reve\wirelesscm.exe
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: cree.com\gateway
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://echat.bellsouth.net/sdccommon/do ... gctlcm.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} - hxxp://asp.mathxl.com/wizmodules/testge ... nstall.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} - hxxp://asp.mathxl.com/applets/PearsonInstallAsst.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{41849D47-515A-4BD8-B298-B02B656E8357} : DhcpNameServer = 192.168.1.254
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\patti\application data\mozilla\firefox\profiles\3nqb1ddk.default\
FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/config/login?.s ... artner=sbc
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - Ext: Aeon Clouds: {FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01} - %profile%\extensions\{FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01}
FF - Ext: Aeon Colors: {1DEAE5AA-E19E-458b-9C8C-73CB651B9A58} - %profile%\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: Halloween: {BB359C50-BFC9-4f40-8302-3FE5A499A859} - %profile%\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859}
FF - Ext: Scribblies Plain: {558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB} - %profile%\extensions\{558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB}
FF - Ext: Clear Cache Button: {563e4790-7e70-11da-a72b-0800200c9a66} - %profile%\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
FF - Ext: ReminderFox: {ada4b710-8346-4b82-8199-5de2b400a6ae} - %profile%\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FEBE: {4BBDD651-70CF-4821-84F8-2B918CF89CA3} - %profile%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\avast software\avast\webrep\FF
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-7-20 588032]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-1 442200]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-5-1 320856]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-4 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 55024]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-5-1 20568]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-1 44768]
S2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite xii.sp2a\RpcAgentSrv.exe [2008-4-16 98488]
S2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [2010-7-20 20480]
S2 WLSVC;WLSVC;c:\program files\d-link\dwa-130 reve\WLSVC.exe [2010-7-20 167936]
S3 ATHFMWDL;NETGEAR WG111T Bootloader driver;c:\windows\system32\drivers\Athfmwdl.sys [2010-7-11 43392]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2007-7-14 17149]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [2007-9-2 49489]
S3 SaiH0461;SaiH0461;c:\windows\system32\drivers\SaiH0461.sys [2006-12-24 182528]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]
S3 VTLQFXGLW;VTLQFXGLW;c:\docume~1\patti\locals~1\temp\VTLQFXGLW.exe [2011-9-14 547712]
.
=============== Created Last 30 ================
.
2011-09-15 05:48:52 41184 ----a-w- c:\windows\avastSS.scr
2011-09-14 20:21:10 -------- d-----w- c:\program files\Safer Networking
2011-09-13 14:39:41 25048 ----a-w- c:\program files\mozilla firefox\components\browserdirprovider.dll
2011-09-03 10:17:37 599040 ------w- c:\windows\system32\dllcache\crypt32.dll
.
==================== Find3M ====================
.
2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-03 10:17:37 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2006-08-21 02:49:37 407592 ----a-w- c:\program files\msgr8us.exe
2006-08-12 16:33:50 1126968 ----a-w- c:\program files\Y Photo.exe
2002-08-29 10:00:00 94784 -csha-w- c:\windows\TWAIN.DLL
2008-04-14 00:12:07 50688 --sha-w- c:\windows\twain_32.dll
2011-02-08 13:33:55 978944 --sha-w- c:\windows\system32\mfc42.dll
2008-04-14 00:12:01 57344 --sha-w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll
2008-04-14 00:12:32 11776 --sha-w- c:\windows\system32\regsvr32.exe
.
============= FINISH: 10:36:24.01 ===============

attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 7/26/2004 8:55:09 PM
System Uptime: 9/19/2011 10:25:39 AM (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0G1548
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | Microprocessor | 2657/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 34 GiB total, 7.615 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 149 GiB total, 123.818 GiB free.
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller
Device ID: PCI\VEN_8086&DEV_2562&SUBSYS_01601028&REV_01\3&172E68DD&0&10
Manufacturer: Intel Corporation
Name: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller
PNP Device ID: PCI\VEN_8086&DEV_2562&SUBSYS_01601028&REV_01\3&172E68DD&0&10
Service: ialm
.
Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: HID Non-User Input Data Filter (KB 911895)
Device ID: HID\VID_045E&PID_00F9&MI_01&COL01\7&A5413D8&0&0000
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter (KB 911895)
PNP Device ID: HID\VID_045E&PID_00F9&MI_01&COL01\7&A5413D8&0&0000
Service: NuidFltr
.
Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: HID Non-User Input Data Filter (KB 911895)
Device ID: HID\VID_045E&PID_00F9&MI_01&COL03\7&A5413D8&0&0002
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter (KB 911895)
PNP Device ID: HID\VID_045E&PID_00F9&MI_01&COL03\7&A5413D8&0&0002
Service: NuidFltr
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 440x 10/100 Integrated Controller
Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3B1CAF2B&0&48F0
Manufacturer: Broadcom
Name: Broadcom 440x 10/100 Integrated Controller
PNP Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3B1CAF2B&0&48F0
Service: bcm4sbxp
.
Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: Officejet J6400 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: HP Officejet J6400
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Officejet J6400 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description: Officejet J6400 series
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\PRINTER\0000
Service:
.
==== System Restore Points ===================
.
RP2471: 8/4/2011 3:07:17 PM - System Checkpoint
RP2472: 8/5/2011 4:07:19 PM - System Checkpoint
RP2473: 8/6/2011 4:08:23 PM - System Checkpoint
RP2474: 8/7/2011 5:07:20 PM - System Checkpoint
RP2475: 8/8/2011 6:07:17 PM - System Checkpoint
RP2476: 8/9/2011 7:07:17 PM - System Checkpoint
RP2477: 8/10/2011 7:08:22 PM - System Checkpoint
RP2478: 8/11/2011 8:07:17 PM - System Checkpoint
RP2479: 8/12/2011 10:44:13 PM - System Checkpoint
RP2480: 8/13/2011 11:07:17 PM - System Checkpoint
RP2481: 8/14/2011 3:00:19 AM - Software Distribution Service 3.0
RP2482: 8/15/2011 4:49:11 PM - System Checkpoint
RP2483: 8/16/2011 5:31:05 PM - System Checkpoint
RP2484: 8/17/2011 5:49:43 PM - System Checkpoint
RP2485: 8/18/2011 6:31:05 PM - System Checkpoint
RP2486: 8/19/2011 6:32:10 PM - System Checkpoint
RP2487: 8/20/2011 7:31:05 PM - System Checkpoint
RP2488: 8/21/2011 7:54:20 PM - System Checkpoint
RP2489: 8/22/2011 8:31:05 PM - System Checkpoint
RP2490: 8/23/2011 9:31:05 PM - System Checkpoint
RP2491: 8/24/2011 10:31:05 PM - System Checkpoint
RP2492: 8/25/2011 11:31:05 PM - System Checkpoint
RP2493: 8/26/2011 10:42:33 AM - Software Distribution Service 3.0
RP2494: 8/27/2011 11:31:05 AM - System Checkpoint
RP2495: 8/28/2011 12:31:05 PM - System Checkpoint
RP2496: 8/29/2011 1:31:04 PM - System Checkpoint
RP2497: 8/30/2011 2:22:04 PM - System Checkpoint
RP2498: 8/31/2011 3:22:03 PM - System Checkpoint
RP2499: 9/1/2011 4:22:03 PM - System Checkpoint
RP2500: 9/2/2011 5:22:03 PM - System Checkpoint
RP2501: 9/3/2011 6:16:28 PM - System Checkpoint
RP2502: 9/4/2011 7:31:39 PM - System Checkpoint
RP2503: 9/12/2011 8:17:22 PM - Restore Operation
RP2504: 9/13/2011 10:25:19 AM - Software Distribution Service 3.0
RP2505: 9/14/2011 8:35:26 PM - System Checkpoint
RP2506: 9/15/2011 9:31:11 PM - System Checkpoint
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
3D Haunted Halloween Screensaver 1.0
3Planesoft Screensaver Manager 1.1
6400_Help
7 Wonders
7Lands version 1.0.5.812
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.5
Adobe Shockwave Player 11.5
Advanced SystemCare 3
Age Of Japan II
Alchemy Mahjong 1.0.0.0
Ancient Castle 3D Screensaver 1.1
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
ArKaos Visualizer 1.6.2
Aston Menu 2.0.3
Astro Gemini Screensaver Manager 2.0
Atomic Alarm Clock 3.7
AutoUpdate
avast! Free Antivirus
Banctec Service Agreement
Bejeweled 2 Deluxe 1.0
Big City Night 3D 1.0
Big Kahuna Reef
bpd_scan
BPDSoftware
BPDSoftware_Ini
Bricks of Egypt
Brickshooter Egypt
Broadcom Management Programs
Bubble Splash 1.1
BufferChm
BusinessCardsMX 3.43
Calm Before the Storm Screen Saver
Christmas 3D Screensaver 1.0
Christmas Eve 3D Screensaver 1.0
Citrix online plug-in (Web)
Clock Tower 3D Screensaver 1.1
Compatibility Pack for the 2007 Office system
Coral Clock 3D Screensaver 1.0
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
Crystalize 2
D-Link DWA-130 Wireless N USB Adapter
Dark Castle 3D Screensaver v1.0
Dell Digital Jukebox Driver
Dell Media Experience
Dell Networking Guide
Dell Solution Center
Dell Support
Dell Support 5.0.0 (766)
Destination Component
DeviceDiscovery
DeviceManagementQFolder
Discovery 3D Screensaver 1.1
DivX
DivX Player
DocMgr
DocProc
DocProcQFolder
Dream Day Honeymoon
East Side Story 1.0
Easter 3D Screensaver 1.0
EasyCalendarMaker
Egypt 3D Screensaver 1.0
Egyptian Ball
Egyptoid2
eSupportQFolder
Fantastic Ocean 3D Screensaver v1.1
Fantasy Moon 3D Screensaver 1.3
Fax
Fireplace 3D Screensaver 1.0
Flag 3D Screensaver 1.0
Foxy Jumper 2 Winter Adventures
Galleon 3D Screensaver 1.3
Garden Flowers 3D Screensaver 1.0
Golden Autumn 3D Screensaver 1.0
GPBaseService
GPBaseService2
Halloween 3D Screensaver 1.1
Halloween in the Attic 3D Screensaver 1.0
Help and Support Customization
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Document Manager 1.0
HP Imaging Device Functions 10.0
HP Officejet J6400 Series
HP Photo Printing Software
HP Photosmart Essential 2.5
hp psc 700 series
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HP_Network_UserGuide
HPDiagnosticAlert
HPProductAssistant
Ice Clock 3D Screensaver 1.1
Inca Ball
Indeo® software
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
J6400
Jasc Paint Shop Photo Album
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) SE Runtime Environment 6 Update 1
Jewel Quest (remove only)
Kit And Ellis
Koi Fish 3D Screensaver 1.0
Lantern 3D Screensaver 1.0
Learn2 Player (Uninstall Only)
Little Dwarf 3D Screensaver 1.0
Living Cookbook 2011
Lost Treasures of Alexandria
Luxor (remove only)
Luxor Mahjong (remove only)
Magic Forest 3D Screensaver 1.0
Magic Match
Mahjong Epic
Malwarebytes' Anti-Malware
Mechanical Clock 3D Screensaver 1.0
Medieval Conquest
Memorex exPressit Label Design Studio
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Bootvis
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft IntelliPoint 7.0
Microsoft IntelliType Pro 7.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional
Microsoft Publisher 2002
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (3.6.20)
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Samples
Nature 3D Screensaver 1.1
Nautilus 3D Screensaver 1.2
Network
Next Generation Visualisations
NVIDIA Drivers
NVIDIA nView Desktop Manager
OCR Software by I.R.I.S. 10.0
Ozzy Bubbles
PacShooter 1.0
Phlinx To Go
Pirate Poppers
Post-it® Daisy Screen Saver
ProductContext
PSSWCORE
QuickTime
RealPlayer
RegAlyzer
Ricochet
RunAlyzer
Santa's Home 3D Screensaver 1.0
Scan
SeaStorm 3D Screensaver 1.5
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
SiSoftware Sandra Lite XII.SP2a
Smart Defrag
SmartWebPrintingOC
SolutionCenter
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spirit of Fire 3D Screensaver 2.4
Spirit Of Wandering
SSA Benefit Calculator
Status
SUPERAntiSpyware Free Edition
Taipei Deluxe 1.0
The Lost Watch 3D Screensaver 1.0
The One Ring 3D Screensaver 1.0
The Rise of Atlantis
Theseus and the Minotaur
Toolbox
Total Privacy 5
TrayApp
Tropical Fish 3D Screensaver 1.1
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wnciper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnciper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnciper
TurboTax 2010 wrapper
TurboTax Basic 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Twistingo
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
Voyage of Columbus 3D Screensaver 1.0
Watermill 3D Screensaver 2.0
WebFldrs XP
WebReg
Webshots Desktop
WexTech AnswerWorks
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Winter 3D Screensaver 1.0
WordPerfect Office 12
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool 1v7
Yahoo! Toolbar
Zuma Deluxe 1.0
.
==== Event Viewer Messages From Past Week ========
.
9/19/2011 10:28:03 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/16/2011 6:51:38 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
9/16/2011 5:44:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/16/2011 5:43:07 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/16/2011 5:42:24 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSnx aswSP aswTdi Fips intelppm SASDIFSV SASKUTIL
9/16/2011 5:40:59 PM, error: Tcpip [4191] - IP could not open the registry key for adapter TCPIP\Parameters\Adapters\NDISWANIP. Interfaces on this adapter will not be initialized.
.
==== End Of File ===========================

by **askey127** » September 24th, 2011, 7:44 am

Hi sakdiesel,
If you still need help and are not receiving it elsewhere, please proceed as follows:
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Advanced SystemCare 3
Coupon Printer for Windows
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) SE Runtime Environment 6 Update 1
Malwarebytes' Anti-Malware
Smart Defrag
SUPERAntiSpyware Free Edition

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL

Double click on the icon to run it.
Check the boxes labeled :
- Scan All Users
- LOP check
- Purity check
- Extra Registry > Use SafeList
Make sure all other windows are closed to let it run uninterrupted.
Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127

by **sakdiesel** » September 24th, 2011, 4:41 pm

Thank you in advance for helping me. It took almost 5 hours :shock:

nonstop to remove the programs you requested. Java programs and Superantispyware could not be removed in safe mode so I had to reboot into regular windows mode to remove them. Response is horrible when I run in standard mode. I could not find Java auto updater listed in the control panel so if it is there somewhere I could not see or remove it. I tried to open the Java panel in the control panel and the computer was unresponsive.

I ran OTL.exe in regular windows mode since it was up but the screensaver kicked in and I ended up with script errors. I had to reboot into safe mode to rerun OTL. below are the results.

OTL.txt

OTL logfile created on: 9/24/2011 4:15:49 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.00 Mb Total Physical Memory | 775.98 Mb Available Physical Memory | 76.45% Memory free
1.28 Gb Paging File | 1.19 Gb Available in Paging File | 93.42% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 8.09 Gb Free Space | 23.66% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 123.82 Gb Free Space | 83.07% Space Free | Partition Type: NTFS
Drive F: | 3.77 Gb Total Space | 3.15 Gb Free Space | 83.37% Space Free | Partition Type: FAT32

Computer Name: ALFRED | User Name: Patti | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/24 07:46:44 | 000,582,656 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/14 17:26:17 | 000,547,712 | ---- | M] (Sysinternals - http://www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Patti\Local Settings\Temp\VTLQFXGLW.exe -- (VTLQFXGLW)
SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/02/11 19:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-130 revE\WLSVC.exe -- (WLSVC)
SRV - [2008/04/10 11:53:50 | 000,098,488 | ---- | M] (SiSoftware) [Auto | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\RpcAgentSrv.exe -- (SandraAgentSrv)

========== Driver Services (SafeList) ==========

DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys -- (Tcpip6)
DRV - [2009/08/05 22:23:22 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - [2009/07/11 23:33:35 | 000,139,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PnkBstrK.sys -- (PnkBstrK)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/03/10 19:30:36 | 000,021,408 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2008/02/27 10:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\WLNdis50.sys -- (WLNdis50)
DRV - [2007/02/15 15:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\StMp3Rec.sys -- (StMp3Rec)
DRV - [2007/01/30 12:12:06 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/01/15 23:44:46 | 000,011,986 | R--- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MaVc2K.sys -- (MaVctrl)
DRV - [2006/12/25 15:32:52 | 000,049,489 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mamotou.sys -- (mamotou)
DRV - [2006/08/14 06:52:49 | 000,035,328 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiBus.sys -- (SaiNtBus)
DRV - [2006/08/14 06:52:44 | 000,013,824 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiMini.sys -- (SaiMini)
DRV - [2006/08/08 13:25:06 | 000,182,528 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiH0461.sys -- (SaiH0461)
DRV - [2005/08/17 23:44:50 | 000,049,867 | R--- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mardp2k.sys -- (MaRdPnp)
DRV - [2005/01/07 12:11:00 | 000,286,720 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wg11tnd5.sys -- (AR5523)
DRV - [2004/10/14 18:24:00 | 000,043,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Athfmwdl.sys -- (ATHFMWDL)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tiehdusb.sys -- (TIEHDUSB)
DRV - [2003/07/24 12:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/29 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS -- (NwlnkNb)
DRV - [2002/08/29 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS -- (NwlnkSpx)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/def ... earch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.home.bellsouth.net/
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://login.yahoo.com/config/login?.src=my&.done=http://att.my.yahoo.com&.intl=us&.partner=sbc"
FF - prefs.js..extensions.enabledItems: {563e4790-7e70-11da-a72b-0800200c9a66}:0.9d
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.9.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01}:3.6
FF - prefs.js..extensions.enabledItems: {1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}:3.6
FF - prefs.js..extensions.enabledItems: {BB359C50-BFC9-4f40-8302-3FE5A499A859}:3.6.1
FF - prefs.js..extensions.enabledItems: {558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB}:3.6

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/15 01:51:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/13 11:13:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/13 11:13:00 | 000,000,000 | ---D | M]

[2008/08/28 19:37:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Extensions
[2011/09/24 15:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions
[2010/10/04 10:53:48 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/05/29 09:02:01 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/20 14:58:04 | 000,000,000 | ---D | M] (Aeon Colors) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}
[2010/10/04 10:53:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/28 15:48:04 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/07/20 14:58:25 | 000,000,000 | ---D | M] (Scribblies Plain) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB}
[2011/04/03 12:59:40 | 000,000,000 | ---D | M] (VyprÃ¡zdnit vyrovnÃ¡vacÃ pamÄ›Å¥) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
[2011/03/23 11:34:52 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/07/20 14:58:11 | 000,000,000 | ---D | M] (Halloween) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859}
[2011/03/14 19:17:10 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/07/20 14:58:18 | 000,000,000 | ---D | M] (Aeon Clouds) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01}
[2011/03/14 19:17:10 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\personas@christopher.beard
[2011/09/24 15:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/28 15:49:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/18 15:22:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/17 09:45:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/09/24 15:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/09/15 01:51:35 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010/05/28 15:49:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/09/12 23:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 23:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 23:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/09/12 23:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/09/12 23:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2005/12/05 23:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2009/09/12 23:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2002/08/29 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007..\Run: [Aston2] C:\Program Files\Aston2\Aston2.exe (Gladiators Software)
O4 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O4 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-130 revE\wirelesscm.exe (D-Link Corp.)
O4 - Startup: C:\Documents and Settings\Patti\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoControlPanel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..Trusted Domains: cree.com ([gateway] https in Trusted sites)
O15 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://echat.bellsouth.net/sdccommon/do ... gctlcm.cab (Support.com Configuration Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} http://asp.mathxl.com/wizmodules/testge ... nstall.cab (TTestGenXInstallObject)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} http://asp.mathxl.com/applets/PearsonInstallAsst.cab (PearsonAsstX Control)
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} http://asp.mathxl.com/books/_Players/MathPlayer.cab (Pearson MathXL Player)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41849D47-515A-4BD8-B298-B02B656E8357}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 () - http://pages.prodigy.net/rogerlori1/emo ... oking8.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patti\Application Data\Webshots\The Webshots Desktop\Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patti\Application Data\Webshots\The Webshots Desktop\Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/02/28 20:17:18 | 000,000,122 | ---- | M] () - F:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{6dce2447-0d17-11e0-9e7e-0018e7c38708}\Shell - "" = AutoRun
O33 - MountPoints2\{6dce2447-0d17-11e0-9e7e-0018e7c38708}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6dce2447-0d17-11e0-9e7e-0018e7c38708}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/15 01:48:52 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/14 17:36:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Patti\Recent
[2011/09/14 17:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patti\My Documents\backup from repair 9-14-11
[2011/09/14 16:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\Safer Networking
[2011/09/03 06:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/24 16:14:15 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/09/24 16:13:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/24 10:54:04 | 000,000,510 | ---- | M] () -- C:\Documents and Settings\Patti\Application Data\alarms.ini
[2011/09/24 10:47:02 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\Patti\Application Data\AtomicAlarmClock.ini
[2011/09/15 01:57:37 | 000,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/14 17:44:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/14 17:08:27 | 000,000,245 | -HS- | M] () -- C:\BOOT.INI
[2011/09/06 16:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/06 16:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/06 16:36:20 | 000,104,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/05 11:35:56 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/09/03 06:17:37 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/14 17:44:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/05 11:35:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/10/17 03:28:30 | 001,265,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/20 13:38:39 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/07/20 13:38:09 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys
[2010/07/20 13:38:09 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2010/07/11 13:19:16 | 000,143,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin
[2010/04/03 22:55:32 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/11/14 17:39:40 | 000,077,349 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/08/01 08:58:45 | 000,116,841 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2009/07/11 23:33:36 | 000,139,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/07/11 23:31:10 | 000,189,672 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/07/11 23:31:00 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/04/08 01:22:39 | 000,012,717 | R--- | C] () -- C:\WINDOWS\hpwscr14.dat
[2009/04/08 01:19:33 | 000,179,716 | ---- | C] () -- C:\WINDOWS\hpwins14.dat
[2009/04/08 01:19:33 | 000,001,108 | R--- | C] () -- C:\WINDOWS\hpwmdl14.dat
[2008/07/01 22:59:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/16 00:31:36 | 007,028,736 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mdb
[2008/04/16 00:31:36 | 007,028,736 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2008/01/30 17:10:46 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008/01/10 00:06:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
[2007/12/28 23:32:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MessageExe.INI
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/05 07:31:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2007/09/05 07:31:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2007/09/02 18:32:34 | 000,000,189 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2007/09/02 18:32:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI
[2007/09/02 13:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VideoExe.INI
[2007/08/11 11:35:07 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/07/14 19:01:36 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2007/07/01 23:00:15 | 000,027,648 | ---- | C] () -- C:\WINDOWS\instcastle.exe
[2007/06/30 08:39:46 | 000,010,105 | ---- | C] () -- C:\WINDOWS\msvrc20.dll
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/03/25 09:30:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\instocean.exe
[2006/12/24 23:05:51 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\nY.exe
[2006/12/24 23:03:45 | 001,126,400 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461.Dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_10.dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0C.dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0A.dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_07.dll
[2006/12/24 23:03:45 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_09.dll
[2006/12/24 23:03:45 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0402.dll
[2006/12/06 21:35:04 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\Statdisk.prefs
[2006/09/22 18:50:35 | 000,000,036 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/09/04 18:12:58 | 000,003,744 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/08/20 22:49:35 | 000,407,592 | ---- | C] () -- C:\Program Files\msgr8us.exe
[2006/08/12 12:33:50 | 001,126,968 | ---- | C] () -- C:\Program Files\Y Photo.exe
[2006/05/30 14:51:26 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Patti\Local Settings\Application Data\fusioncache.dat
[2006/05/21 10:18:47 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\AtomicAlarmClock.ini
[2006/05/21 10:18:47 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\alarms.ini
[2006/02/13 23:05:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/02/13 23:05:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/05 18:54:37 | 000,000,042 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/11/24 11:45:56 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2005/11/24 11:45:49 | 000,852,042 | ---- | C] () -- C:\WINDOWS\System32\Lemmings Revolution.exe
[2005/06/09 11:36:40 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\B2786CCDD3.sys
[2005/02/04 19:59:05 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\PFP120JPR.{PB
[2005/02/04 19:59:05 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\PFP120JCM.{PB
[2005/01/14 07:45:30 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2004/10/30 18:02:18 | 000,001,798 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/10/26 18:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/09/25 18:59:16 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/09/10 06:04:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/09/07 19:40:10 | 000,000,885 | ---- | C] () -- C:\WINDOWS\Rtcwplat.INI
[2004/07/29 10:06:01 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2004/07/28 19:40:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/07/26 21:35:46 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Patti\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/07/22 10:39:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/07/22 10:34:50 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/07/22 10:25:08 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/07/22 10:25:06 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/07/22 10:14:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/07/22 10:12:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/07/22 10:12:36 | 000,463,938 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/07/22 10:12:36 | 000,079,214 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/07/22 10:12:26 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/07/22 09:58:10 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/26 16:09:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2004/05/11 11:03:20 | 000,450,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/05/11 11:02:24 | 000,000,788 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 17:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 09:56:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/08/06 00:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL

========== LOP Check ==========

[2011/05/01 14:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/07/20 13:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\D-Link
[2009/10/10 11:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2008/07/01 22:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/06/14 09:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2009/02/05 23:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Meridian93
[2010/01/23 11:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2010/05/07 20:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/01/16 14:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radium Technologies
[2011/03/21 15:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/12 22:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2005/01/14 07:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/01/02 17:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
[2011/01/16 14:21:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF840D17-5414-45B2-873C-7A9138B22A92}
[2009/10/24 16:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\7Wonders
[2008/08/30 09:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Age of Japan II
[2009/03/01 23:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Archibald's Adventures
[2010/09/19 11:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Artogon
[2010/11/14 19:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Aston2
[2007/12/24 01:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Astro Gemini Software
[2011/01/16 01:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Awem
[2008/05/13 11:12:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Patti\Application Data\CrystalSpace
[2009/10/24 16:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\EA
[2008/02/10 03:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\EleFun Games
[2009/10/10 11:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Gold Casual Games
[2008/07/07 21:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\ICAClient
[2009/06/26 10:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\IObit
[2005/01/09 10:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Jasc
[2009/04/04 10:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Jetbricks
[2004/08/09 17:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Leadertech
[2010/02/27 18:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\LTOA
[2009/10/24 16:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Magic Match
[2009/02/05 23:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Meridian93
[2007/12/28 23:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\MobileAction
[2007/10/27 22:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\mojosoft
[2011/09/19 10:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\MP3Rocket
[2010/07/17 20:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\PlayFirst
[2007/07/19 21:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\RetroRecords
[2007/10/20 23:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\TERMINAL Studio
[2007/07/15 13:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Uniblue
[2007/08/09 10:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Walgreens
[2004/11/16 19:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Webshots
[2010/07/11 14:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Windows Desktop Search
[2010/07/11 14:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Windows Search
[2007/10/14 21:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Zak&Jack

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CFBE2D1
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A18D1F5
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:900F47D3
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B212553
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C2E33402
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:017D5143
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11201333
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F686C4A
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6

< End of report >

Extras.txt

OTL Extras logfile created on: 9/24/2011 4:15:49 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.00 Mb Total Physical Memory | 775.98 Mb Available Physical Memory | 76.45% Memory free
1.28 Gb Paging File | 1.19 Gb Available in Paging File | 93.42% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 8.09 Gb Free Space | 23.66% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 123.82 Gb Free Space | 83.07% Space Free | Partition Type: NTFS
Drive F: | 3.77 Gb Total Space | 3.15 Gb Free Space | 83.37% Space Free | Partition Type: FAT32

Computer Name: ALFRED | User Name: Patti | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2538181957-2056682286-62146010-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- C:\PROGRA~1\MOZILLA FIREFOX\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~1\MOZILLA FIREFOX\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\SYSTEM32\fxsclnt.exe" = C:\WINDOWS\SYSTEM32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\RpcAgentSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Program Files\TurboTax\Basic 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Basic 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Basic 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Basic 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\WNt500x86\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"D:\setup\HPZNUI01.EXE" = D:\setup\HPZNUI01.EXE:*:Enabled:hpznui01.exe
"D:\setup\HPONICIFS01.EXE" = D:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{052A55B1-0182-4551-93CD-2D078A120CAB}" = TurboTax 2008 wnciper
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{103C7150-F953-4015-B55A-650835134A3E}" = Medieval Conquest
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15262012-213A-4f65-9019-C8A409EC0156}" = HP Officejet J6400 Series
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E8EB086-AE5F-45F6-887C-E5178868290F}" = Living Cookbook 2011
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{279D3818-7287-4ab4-A927-542EBEA9E365}" = ProductContext
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1" = RegAlyzer
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{340D61BB-350A-40F4-8CFD-4F860E12066E}" = SSA Benefit Calculator
"{3451A290-7D25-89d6-C409-644DC32069750}_is1" = Egyptian Ball
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{380CC749-8C28-4C74-BE01-45921D062302}" = BPDSoftware_Ini
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3A90BE50-EAA2-012B-AE2D-000000000000}" = TurboTax 2009 wnciper
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{41853D20-40CC-4266-978D-F128BB97CA96}" = 6400_Help
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{45F8CDEE-7F2D-4601-B300-EB83DEE8F156}" = TurboTax 2010 wnciper
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5D934326-165A-413b-B056-26BE1EC082AF}" = J6400
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6DCB9F1F-3BCC-4078-B90C-439017F1806C}" = Crystalize 2
"{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}" = D-Link DWA-130 Wireless N USB Adapter
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117192170}" = Dream Day Honeymoon
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85C8D391-0EAE-4492-8A0A-2EE8B0B6DA03}" = BPDSoftware
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A918DE8A-98C8-0920-0001-000000000000}" = Multimedia Samples
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite XII.SP2a
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"3D Haunted Halloween Screensaver_is1" = 3D Haunted Halloween Screensaver 1.0
"3Planesoft Screensaver Manager_is1" = 3Planesoft Screensaver Manager 1.1
"7 Wonders" = 7 Wonders
"7Lands_is1" = 7Lands version 1.0.5.812
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age Of Japan II_is1" = Age Of Japan II
"Alchemy Mahjong_is1" = Alchemy Mahjong 1.0.0.0
"Ancient Castle 3D Screensaver_is1" = Ancient Castle 3D Screensaver 1.1
"ArKaos Visualizer 1.6.2" = ArKaos Visualizer 1.6.2
"Aston2" = Aston Menu 2.0.3
"Astro Gemini Screensaver Manager_is1" = Astro Gemini Screensaver Manager 2.0
"Atomic Alarm Clock_is1" = Atomic Alarm Clock 3.7
"avast" = avast! Free Antivirus
"Bejeweled 2 Deluxe 1.0" = Bejeweled 2 Deluxe 1.0
"Big City Night 3D_is1" = Big City Night 3D 1.0
"Big Kahuna Reef Retail_is1" = Big Kahuna Reef
"Bricks of Egypt" = Bricks of Egypt
"Brickshooter Egypt_is1" = Brickshooter Egypt
"Bubble Splash_is1" = Bubble Splash 1.1
"BusinessCardsMX3_is1" = BusinessCardsMX 3.43
"Calm Before the Storm Screen Saver" = Calm Before the Storm Screen Saver
"Christmas 3D Screensaver_is1" = Christmas 3D Screensaver 1.0
"Christmas Eve 3D Screensaver_is1" = Christmas Eve 3D Screensaver 1.0
"Clock Tower 3D Screensaver_is1" = Clock Tower 3D Screensaver 1.1
"Coral Clock 3D Screensaver_is1" = Coral Clock 3D Screensaver 1.0
"Dark Castle 3D Screensaver_is1" = Dark Castle 3D Screensaver v1.0
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DellSupport" = Dell Support 5.0.0 (766)
"Discovery 3D Screensaver_is1" = Discovery 3D Screensaver 1.1
"East Side Story" = East Side Story 1.0
"Easter 3D Screensaver_is1" = Easter 3D Screensaver 1.0
"EasyCalendarMaker_is1" = EasyCalendarMaker
"Egypt 3D Screensaver_is1" = Egypt 3D Screensaver 1.0
"Egyptoid2_is1" = Egyptoid2
"Fantastic Ocean 3D Screensaver_is1" = Fantastic Ocean 3D Screensaver v1.1
"Fantasy Moon 3D Screensaver_is1" = Fantasy Moon 3D Screensaver 1.3
"Fireplace 3D Screensaver_is1" = Fireplace 3D Screensaver 1.0
"Flag 3D Screensaver_is1" = Flag 3D Screensaver 1.0
"Foxy Jumper 2 Winter Adventures" = Foxy Jumper 2 Winter Adventures
"Galleon 3D Screensaver_is1" = Galleon 3D Screensaver 1.3
"Garden Flowers 3D Screensaver_is1" = Garden Flowers 3D Screensaver 1.0
"Golden Autumn 3D Screensaver_is1" = Golden Autumn 3D Screensaver 1.0
"Halloween 3D Screensaver_is1" = Halloween 3D Screensaver 1.1
"Halloween in the Attic 3D Screensaver_is1" = Halloween in the Attic 3D Screensaver 1.0
"HijackThis" = HijackThis 2.0.2
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photo Printing Software" = HP Photo Printing Software
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"hp psc 700 series 1091110266" = hp psc 700 series
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Ice Clock 3D Screensaver_is1" = Ice Clock 3D Screensaver 1.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inca Ball_is1" = Inca Ball
"Indeo® software" = Indeo® software
"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"Jewel Quest" = Jewel Quest (remove only)
"Kit And Ellis_is1" = Kit And Ellis
"Koi Fish 3D Screensaver_is1" = Koi Fish 3D Screensaver 1.0
"Lantern 3D Screensaver_is1" = Lantern 3D Screensaver 1.0
"Little Dwarf 3D Screensaver_is1" = Little Dwarf 3D Screensaver 1.0
"Living Cookbook 2011" = Living Cookbook 2011
"Lost Treasures of Alexandria_is1" = Lost Treasures of Alexandria
"Luxor" = Luxor (remove only)
"Luxor Mahjong" = Luxor Mahjong (remove only)
"Magic Forest 3D Screensaver_is1" = Magic Forest 3D Screensaver 1.0
"Magic Match" = Magic Match
"Mahjong Epic" = Mahjong Epic
"Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.20)" = Mozilla Firefox (3.6.20)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"Nature 3D Screensaver_is1" = Nature 3D Screensaver 1.1
"Nautilus 3D Screensaver_is1" = Nautilus 3D Screensaver 1.2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Ozzy Bubbles_is1" = Ozzy Bubbles
"PacShooter_is1" = PacShooter 1.0
"Phlinx To Go" = Phlinx To Go
"Pirate Poppers" = Pirate Poppers
"Post-it® Daisy" = Post-it® Daisy Screen Saver
"RealPlayer 6.0" = RealPlayer
"Ricochet" = Ricochet
"Santa's Home 3D Screensaver_is1" = Santa's Home 3D Screensaver 1.0
"SeaStorm 3D Screensaver_is1" = SeaStorm 3D Screensaver 1.5
"Shockwave" = Shockwave
"Spirit of Fire 3D Screensaver_is1" = Spirit of Fire 3D Screensaver 2.4
"Spirit Of Wandering_is1" = Spirit Of Wandering
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Taipei Deluxe_is1" = Taipei Deluxe 1.0
"The Lost Watch 3D Screensaver_is1" = The Lost Watch 3D Screensaver 1.0
"The One Ring 3D Screensaver_is1" = The One Ring 3D Screensaver 1.0
"The Rise of Atlantis_is1" = The Rise of Atlantis
"Theseus and the Minotaur" = Theseus and the Minotaur
"Total Privacy 5" = Total Privacy 5
"Tropical Fish 3D Screensaver_is1" = Tropical Fish 3D Screensaver 1.1
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax Basic 2007" = TurboTax Basic 2007
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"Twistingo" = Twistingo
"Voyage of Columbus 3D Screensaver_is1" = Voyage of Columbus 3D Screensaver 1.0
"Watermill 3D Screensaver_is1" = Watermill 3D Screensaver 2.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Webshots Desktop" = Webshots Desktop
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winter 3D Screensaver_is1" = Winter 3D Screensaver 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Photos Drag-Drop Uploader 1v7" = Yahoo! Photos Easy Upload Tool 1v7
"Yahoo! Toolbar" = Yahoo! Toolbar
"Zuma Deluxe 1.0" = Zuma Deluxe 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/3/2011 8:29:31 AM | Computer Name = ALFRED | Source = Windows Search Service | ID = 3029
Description = The plug-in in <Search.TripoliIndexer> cannot be initialized. Context:
Windows Application, SystemIndex Catalog Details: Data error (cyclic redundancy check).
(0x80070017)

Error - 9/3/2011 8:29:31 AM | Computer Name = ALFRED | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: Data error (cyclic redundancy check). (0x80070017)

Error - 9/3/2011 8:29:31 AM | Computer Name = ALFRED | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
Data
error (cyclic redundancy check). (0x80070017)

Error - 9/5/2011 9:16:56 AM | Computer Name = ALFRED | Source = Windows Search Service | ID = 3100
Description = Unable to initialize the filter host process. Terminating. Details:
This
operation returned because the timeout period expired. (0x800705b4)

Error - 9/12/2011 12:47:07 PM | Computer Name = ALFRED | Source = Windows Search Service | ID = 3100
Description = Unable to initialize the filter host process. Terminating. Details:
This
operation returned because the timeout period expired. (0x800705b4)

Error - 9/14/2011 6:06:58 PM | Computer Name = ALFRED | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184),
hr = 8007043c: InitEventCollector fail

[ System Events ]
Error - 9/24/2011 4:10:09 PM | Computer Name = ALFRED | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/24/2011 4:10:11 PM | Computer Name = ALFRED | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/24/2011 4:10:13 PM | Computer Name = ALFRED | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/24/2011 4:10:15 PM | Computer Name = ALFRED | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/24/2011 4:10:17 PM | Computer Name = ALFRED | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/24/2011 4:10:19 PM | Computer Name = ALFRED | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/24/2011 4:14:02 PM | Computer Name = ALFRED | Source = Tcpip | ID = 4191
Description = IP could not open the registry key for adapter TCPIP\Parameters\Adapters\NDISWANIP.
Interfaces
on this adapter will not be initialized.

Error - 9/24/2011 4:14:31 PM | Computer Name = ALFRED | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9/24/2011 4:14:49 PM | Computer Name = ALFRED | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 9/24/2011 4:15:27 PM | Computer Name = ALFRED | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

< End of report >

by **askey127** » September 25th, 2011, 6:42 am

sakdeisel,
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL

In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):

Code: Select all

:OTL
[2009/06/26 10:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\IObit
[2007/07/15 13:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Uniblue
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-2538181957-2056682286-62146010-1007\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

:Files
C:\Program Files\Ask.com

:Commands
[EMPTYTEMP]
[CREATERESTOREPOINT]

Then click the Run Fix button at the top.
Let the program run unhindered and reboot the PC when it is done.
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

-----------------------------------------------------------
Check Hard Disk For Errors
Press Start->Run, then type or copy/paste the following command into the box and press OK:

Code: Select all

cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"

A blank command window will open on your desktop, then close in a few minutes. This is normal.
A file and icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.

askey127

by **sakdiesel** » September 26th, 2011, 8:15 am

Results of the scans you requested are below.

OTL.txt

OTL logfile created on: 9/25/2011 5:10:54 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.00 Mb Total Physical Memory | 792.27 Mb Available Physical Memory | 78.06% Memory free
1.28 Gb Paging File | 1.21 Gb Available in Paging File | 94.56% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 8.29 Gb Free Space | 24.24% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 123.82 Gb Free Space | 83.07% Space Free | Partition Type: NTFS
Drive F: | 3.77 Gb Total Space | 3.14 Gb Free Space | 83.30% Space Free | Partition Type: FAT32

Computer Name: ALFRED | User Name: Patti | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/24 07:46:44 | 000,582,656 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (VTLQFXGLW)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/02/11 19:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-130 revE\WLSVC.exe -- (WLSVC)
SRV - [2008/04/10 11:53:50 | 000,098,488 | ---- | M] (SiSoftware) [Auto | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\RpcAgentSrv.exe -- (SandraAgentSrv)

========== Driver Services (SafeList) ==========

DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys -- (Tcpip6)
DRV - [2009/08/05 22:23:22 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - [2009/07/11 23:33:35 | 000,139,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PnkBstrK.sys -- (PnkBstrK)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/03/10 19:30:36 | 000,021,408 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2a\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2008/02/27 10:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\WLNdis50.sys -- (WLNdis50)
DRV - [2007/02/15 15:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\StMp3Rec.sys -- (StMp3Rec)
DRV - [2007/01/30 12:12:06 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/01/15 23:44:46 | 000,011,986 | R--- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MaVc2K.sys -- (MaVctrl)
DRV - [2006/12/25 15:32:52 | 000,049,489 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mamotou.sys -- (mamotou)
DRV - [2006/08/14 06:52:49 | 000,035,328 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiBus.sys -- (SaiNtBus)
DRV - [2006/08/14 06:52:44 | 000,013,824 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiMini.sys -- (SaiMini)
DRV - [2006/08/08 13:25:06 | 000,182,528 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiH0461.sys -- (SaiH0461)
DRV - [2005/08/17 23:44:50 | 000,049,867 | R--- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mardp2k.sys -- (MaRdPnp)
DRV - [2005/01/07 12:11:00 | 000,286,720 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wg11tnd5.sys -- (AR5523)
DRV - [2004/10/14 18:24:00 | 000,043,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Athfmwdl.sys -- (ATHFMWDL)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tiehdusb.sys -- (TIEHDUSB)
DRV - [2003/07/24 12:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/29 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS -- (NwlnkNb)
DRV - [2002/08/29 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS -- (NwlnkSpx)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/def ... earch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.home.bellsouth.net/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://login.yahoo.com/config/login?.src=my&.done=http://att.my.yahoo.com&.intl=us&.partner=sbc"
FF - prefs.js..extensions.enabledItems: {563e4790-7e70-11da-a72b-0800200c9a66}:0.9d
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.9.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01}:3.6
FF - prefs.js..extensions.enabledItems: {1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}:3.6
FF - prefs.js..extensions.enabledItems: {BB359C50-BFC9-4f40-8302-3FE5A499A859}:3.6.1
FF - prefs.js..extensions.enabledItems: {558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB}:3.6

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/15 01:51:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/13 11:13:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/13 11:13:00 | 000,000,000 | ---D | M]

[2008/08/28 19:37:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Extensions
[2011/09/24 15:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions
[2010/10/04 10:53:48 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/05/29 09:02:01 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/20 14:58:04 | 000,000,000 | ---D | M] (Aeon Colors) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}
[2010/10/04 10:53:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/28 15:48:04 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/07/20 14:58:25 | 000,000,000 | ---D | M] (Scribblies Plain) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB}
[2011/04/03 12:59:40 | 000,000,000 | ---D | M] (VyprÃ¡zdnit vyrovnÃ¡vacÃ pamÄ›Å¥) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
[2011/03/23 11:34:52 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/07/20 14:58:11 | 000,000,000 | ---D | M] (Halloween) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859}
[2011/03/14 19:17:10 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/07/20 14:58:18 | 000,000,000 | ---D | M] (Aeon Clouds) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\{FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01}
[2011/03/14 19:17:10 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Patti\Application Data\Mozilla\Firefox\Profiles\3nqb1ddk.default\extensions\personas@christopher.beard
[2011/09/24 15:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/28 15:49:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/18 15:22:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/17 09:45:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/09/24 15:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/09/15 01:51:35 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010/05/28 15:49:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/09/12 23:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 23:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 23:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/09/12 23:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/09/12 23:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2005/12/05 23:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2009/09/12 23:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2002/08/29 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [Aston2] C:\Program Files\Aston2\Aston2.exe (Gladiators Software)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-130 revE\wirelesscm.exe (D-Link Corp.)
O4 - Startup: C:\Documents and Settings\Patti\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: cree.com ([gateway] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://echat.bellsouth.net/sdccommon/do ... gctlcm.cab (Support.com Configuration Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} http://asp.mathxl.com/wizmodules/testge ... nstall.cab (TTestGenXInstallObject)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} http://asp.mathxl.com/applets/PearsonInstallAsst.cab (PearsonAsstX Control)
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} http://asp.mathxl.com/books/_Players/MathPlayer.cab (Pearson MathXL Player)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 () - http://pages.prodigy.net/rogerlori1/emo ... oking8.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patti\Application Data\Webshots\The Webshots Desktop\Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patti\Application Data\Webshots\The Webshots Desktop\Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/02/28 20:17:18 | 000,000,122 | ---- | M] () - F:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{6dce2447-0d17-11e0-9e7e-0018e7c38708}\Shell - "" = AutoRun
O33 - MountPoints2\{6dce2447-0d17-11e0-9e7e-0018e7c38708}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6dce2447-0d17-11e0-9e7e-0018e7c38708}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/15 01:48:52 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/14 17:36:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Patti\Recent
[2011/09/14 17:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patti\My Documents\backup from repair 9-14-11
[2011/09/14 16:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\Safer Networking
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/25 17:09:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/25 17:02:11 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\Patti\Application Data\AtomicAlarmClock.ini
[2011/09/25 17:01:04 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/09/24 10:54:04 | 000,000,510 | ---- | M] () -- C:\Documents and Settings\Patti\Application Data\alarms.ini
[2011/09/15 01:57:37 | 000,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/14 17:44:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/14 17:08:27 | 000,000,245 | -HS- | M] () -- C:\BOOT.INI
[2011/09/06 16:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/06 16:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/06 16:36:20 | 000,104,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/05 11:35:56 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/14 17:44:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/05 11:35:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/10/17 03:28:30 | 001,265,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/20 13:38:39 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/07/20 13:38:09 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys
[2010/07/20 13:38:09 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2010/07/11 13:19:16 | 000,143,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin
[2010/04/03 22:55:32 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/11/14 17:39:40 | 000,077,349 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/08/01 08:58:45 | 000,116,841 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2009/07/11 23:33:36 | 000,139,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/07/11 23:31:10 | 000,189,672 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/07/11 23:31:00 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/04/08 01:22:39 | 000,012,717 | R--- | C] () -- C:\WINDOWS\hpwscr14.dat
[2009/04/08 01:19:33 | 000,179,716 | ---- | C] () -- C:\WINDOWS\hpwins14.dat
[2009/04/08 01:19:33 | 000,001,108 | R--- | C] () -- C:\WINDOWS\hpwmdl14.dat
[2008/07/01 22:59:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/16 00:31:36 | 007,028,736 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mdb
[2008/04/16 00:31:36 | 007,028,736 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2008/01/30 17:10:46 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008/01/10 00:06:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
[2007/12/28 23:32:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MessageExe.INI
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/05 07:31:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2007/09/05 07:31:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2007/09/02 18:32:34 | 000,000,189 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2007/09/02 18:32:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI
[2007/09/02 13:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VideoExe.INI
[2007/08/11 11:35:07 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/07/14 19:01:36 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2007/07/01 23:00:15 | 000,027,648 | ---- | C] () -- C:\WINDOWS\instcastle.exe
[2007/06/30 08:39:46 | 000,010,105 | ---- | C] () -- C:\WINDOWS\msvrc20.dll
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/03/25 09:30:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\instocean.exe
[2006/12/24 23:05:51 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\nY.exe
[2006/12/24 23:03:45 | 001,126,400 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461.Dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_10.dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0C.dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0A.dll
[2006/12/24 23:03:45 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_07.dll
[2006/12/24 23:03:45 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_09.dll
[2006/12/24 23:03:45 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0402.dll
[2006/12/06 21:35:04 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\Statdisk.prefs
[2006/09/22 18:50:35 | 000,000,036 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/09/04 18:12:58 | 000,003,744 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/08/20 22:49:35 | 000,407,592 | ---- | C] () -- C:\Program Files\msgr8us.exe
[2006/08/12 12:33:50 | 001,126,968 | ---- | C] () -- C:\Program Files\Y Photo.exe
[2006/05/30 14:51:26 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Patti\Local Settings\Application Data\fusioncache.dat
[2006/05/21 10:18:47 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\AtomicAlarmClock.ini
[2006/05/21 10:18:47 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\alarms.ini
[2006/02/13 23:05:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/02/13 23:05:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/05 18:54:37 | 000,000,042 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/11/24 11:45:56 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2005/11/24 11:45:49 | 000,852,042 | ---- | C] () -- C:\WINDOWS\System32\Lemmings Revolution.exe
[2005/06/09 11:36:40 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\B2786CCDD3.sys
[2005/02/04 19:59:05 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\PFP120JPR.{PB
[2005/02/04 19:59:05 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Patti\Application Data\PFP120JCM.{PB
[2005/01/14 07:45:30 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2004/10/30 18:02:18 | 000,001,798 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/10/26 18:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/09/25 18:59:16 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/09/10 06:04:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/09/07 19:40:10 | 000,000,885 | ---- | C] () -- C:\WINDOWS\Rtcwplat.INI
[2004/07/29 10:06:01 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2004/07/28 19:40:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/07/26 21:35:46 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Patti\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/07/22 10:39:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/07/22 10:34:50 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/07/22 10:25:08 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/07/22 10:25:06 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/07/22 10:14:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/07/22 10:12:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/07/22 10:12:36 | 000,463,938 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/07/22 10:12:36 | 000,079,214 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/07/22 10:12:26 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/07/22 09:58:10 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/26 16:09:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2004/05/11 11:03:20 | 000,450,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/05/11 11:02:24 | 000,000,788 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 17:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 09:56:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/08/06 00:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL

========== LOP Check ==========

[2011/05/01 14:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/07/20 13:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\D-Link
[2009/10/10 11:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2008/07/01 22:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/06/14 09:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2009/02/05 23:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Meridian93
[2010/01/23 11:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2010/05/07 20:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/01/16 14:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radium Technologies
[2011/03/21 15:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/12 22:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2005/01/14 07:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/01/02 17:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
[2011/01/16 14:21:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF840D17-5414-45B2-873C-7A9138B22A92}
[2009/10/24 16:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\7Wonders
[2008/08/30 09:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Age of Japan II
[2009/03/01 23:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Archibald's Adventures
[2010/09/19 11:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Artogon
[2010/11/14 19:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Aston2
[2007/12/24 01:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Astro Gemini Software
[2011/01/16 01:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Awem
[2008/05/13 11:12:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Patti\Application Data\CrystalSpace
[2009/10/24 16:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\EA
[2008/02/10 03:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\EleFun Games
[2009/10/10 11:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Gold Casual Games
[2008/07/07 21:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\ICAClient
[2005/01/09 10:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Jasc
[2009/04/04 10:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Jetbricks
[2004/08/09 17:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Leadertech
[2010/02/27 18:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\LTOA
[2009/10/24 16:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Magic Match
[2009/02/05 23:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Meridian93
[2007/12/28 23:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\MobileAction
[2007/10/27 22:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\mojosoft
[2011/09/19 10:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\MP3Rocket
[2010/07/17 20:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\PlayFirst
[2007/07/19 21:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\RetroRecords
[2007/10/20 23:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\TERMINAL Studio
[2007/08/09 10:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Walgreens
[2004/11/16 19:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Webshots
[2010/07/11 14:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Windows Desktop Search
[2010/07/11 14:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Windows Search
[2007/10/14 21:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patti\Application Data\Zak&Jack

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CFBE2D1
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A18D1F5
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:900F47D3
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B212553
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C2E33402
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:017D5143
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11201333
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F686C4A
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6

< End of report >

checkhd.txt

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File record segment 108229 is unreadable.
File record segment 108230 is unreadable.
File record segment 108231 is unreadable.

Errors found. CHKDSK cannot continue in read-only mode.

by **askey127** » September 26th, 2011, 10:00 am

sakdeisel,
-----------------------------------------------------------
Hard Disk Repair
IF Chkdsk has found any errors having to do with bad sectors in your file system, or if it reports that it cannot continue in Read-Only Mode, it needs to run a different sequence on reboot to do repairs. It can't repair the file system while Windows is running.
DO NOT START THIS SEQUENCE UNLESS YOU CAN DO WITHOUT THE MACHINE FOR AN HOUR OR TWO. It may not take very long , but could, depending on the number of files and folders.
It will not relinquish control until it is done. You cannot stop it, and it would be a BIG mistake to pull the plug.

If it's present on your Desktop, please delete your original file Checkhd.txt

Go To Start, Run and type cmd
hit <Enter>
Type this black text into the command window at the prompt:
chkdsk c: /F <==notice the /F, with one space between c: and /F
hit <Enter>
You will get a message that the volume is locked, with a request to do the repair on Reboot.
Answer Y
Then type exit to close the Command window.
Go to Start, Turn Off Computer and choose Reboot
It will scan again when it boots up and make the repairs as the first part of the reboot process.
-----------------------------------------------------------
Check Hard Disk For Errors
Press Start->Run, then type or copy/paste the following command into the box and press OK:

Code: Select all

cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"

A blank command window will open on your desktop, then close in a few minutes. This is normal.
A file and icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.
If it's very long just post the last 30-50 lines.

askey127

by **sakdiesel** » September 26th, 2011, 11:57 am

I followed your instructions and ended up with similar results as far as the output from chkdsk. However, when I rebooted after the repair, it came up in Normal windows mode and things are running like they used to. Here is the output from running [cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"]

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...

Errors found. CHKDSK cannot continue in read-only mode.

by **askey127** » September 26th, 2011, 12:12 pm

sakdeisel,
I'm sorry to say, but it's almost certain that you are losing your hard drive.

It will need to be replaced.
You need to copy and save everything you can from it before it quits altogether.
It may even be too late, but you might want to try and get a complete image saved to an external USB Drive, like a WD passport.
This would require a program like Norton Ghost or Acronis True Image.

The major problem here is not malware, but your machinery.
Good luck,
askey127

by **sakdiesel** » September 26th, 2011, 8:33 pm

askey127,

I understand. I will probably replace the drive with a 2G drive and turn it into a server to back up the files on the two newer computers. It is not really a needed computer. It was my wife's computer and I built her a new one for Christmas last year. This bad one became the kitchen computer. Most of the pertinent files have already been transferred to the new one. Few remain to worry about and all programs can be reloaded.

Thank you for all of your time and patience.

I really appreciate What you have done for me.

Thank You,
Sakdiesel

by **askey127** » September 27th, 2011, 7:42 am

You are Welcome.
Since this will be resolved by a hardware replacement, this topic will be closed.

Free Malware Removal Forum

Impossibly Slow

Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Re: Impossibly Slow

Who is online