How do I get rid of Hard Drive Diagnostic?

Admin Posts : 87 Reputation : 0 Join date : 2010-12-24

My computer was infected by it a few hours ago so I used Malwarebytes,
scanned my computer and removed it. I turned off my computer because I
was leaving my home and I came back, turned on my computer and Hard
Drive Diagnostic installed itself again. I don't know if it installed
itself again or it wasn't removed in the first place but can anyone tell
me how to get rid of it permanently?

_______

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

Code:%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
disk.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
usbstor.sys
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
Make sure Use Safe List is selected under all categories
Make sure both Purity Check and LOP Check are selected
Make sure File Age is set to 30 days
Click the Run Scan button.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time into your thread

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://www.itxassociates.com/OT-Tools/OTL.scr
http://www.itxassociates.com/OT-Tools/OTL.com

The post won't fit

Attach it.
OTL logfile created on: 12/6/2010 3:59:31 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jerry\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 70.00 Mb Available Physical Memory | 14.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.44 Gb Total Space | 8.72 Gb Free Space | 25.31% Space Free | Partition Type: NTFS

Computer Name: LAMFAMILY | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC
- [2010/12/06 15:54:54 | 000,575,488 | ---- | M] (OldTimer Tools) --
C:\Documents and Settings\Jerry\My Documents\Downloads\OTL.exe
PRC - [2010/12/05 20:13:06 | 000,357,376 | ---- | M] () -- C:\Documents and Settings\Jerry\Local Settings\Temp\207750.exe
PRC - [2010/11/16 15:42:57 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/10/29 14:41:34 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC
- [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) --
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
PRC - [2007/06/13 02:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC
- [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems
Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter
Edition\3.2\Apps\apdproxy.exe
PRC - [2006/12/01 20:28:06 |
000,095,800 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program
Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2006/08/14 09:12:46 | 000,049,152 | ---- | M] () -- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
PRC
- [2005/11/21 14:57:49 | 000,140,880 | ---- | M] (Viewpoint
Corporation) -- C:\Program Files\Viewpoint\Viewpoint Toolbar
V35\FotomatDeviceConnect.exe
PRC - [2005/04/17 11:30:48 | 000,085,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2005/04/17 11:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/04/17 11:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2005/04/17 11:30:32 | 000,018,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DoScan.exe
PRC
- [2005/04/08 14:54:52 | 000,161,392 | ---- | M] (Symantec Corporation)
-- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC -
[2005/04/08 14:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) --
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC -
[2005/04/08 14:52:30 | 000,048,752 | ---- | M] (Symantec Corporation) --
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC -
[2004/11/10 20:15:31 | 000,111,816 | ---- | M] (Viewpoint Corporation)
-- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2004/10/14 13:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2003/10/10 08:06:10 | 000,192,512 | ---- | M] () -- C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
PRC - [2003/08/04 17:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe

========== Modules (SafeList) ==========

MOD
- [2010/12/06 15:54:54 | 000,575,488 | ---- | M] (OldTimer Tools) --
C:\Documents and Settings\Jerry\My Documents\Downloads\OTL.exe
MOD -
[2006/08/25 07:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation)
--
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV
- [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto |
Running] -- C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV -
[2005/04/17 11:30:42 | 000,124,608 | ---- | M] (symantec) [On_Demand |
Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV
- [2005/04/17 11:30:40 | 001,706,176 | ---- | M] (Symantec Corporation)
[Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe --
(Symantec AntiVirus)
SRV - [2005/04/17 11:30:32 | 000,019,648 | ---- |
M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec
AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/04/08 14:54:52 |
000,161,392 | ---- | M] (Symantec Corporation) [Auto | Running] --
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV
- [2005/04/08 14:54:50 | 000,083,568 | ---- | M] (Symantec Corporation)
[On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec
Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/04/08 14:52:32 |
000,185,968 | ---- | M] (Symantec Corporation) [Auto | Running] --
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV
- [2005/04/05 10:17:22 | 000,206,552 | ---- | M] (Symantec Corporation)
[On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec
Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/03/30 20:48:22 |
000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] --
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe --
(SPBBCSvc)
SRV - [2004/01/04 23:30:14 | 000,065,795 | ---- | M] (HP)
[On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver
HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV
- [2010/10/18 00:00:00 | 001,371,184 | ---- | M] (Symantec Corporation)
[Kernel | On_Demand | Running] -- C:\Program Files\Common
Files\Symantec Shared\VirusDefs\20101203.003\NAVEX15.SYS -- (NAVEX15)
DRV
- [2010/10/18 00:00:00 | 000,086,064 | ---- | M] (Symantec Corporation)
[Kernel | On_Demand | Running] -- C:\Program Files\Common
Files\Symantec Shared\VirusDefs\20101203.003\NAVENG.SYS -- (NAVENG)
DRV
- [2010/06/17 00:00:00 | 000,371,248 | ---- | M] (Symantec Corporation)
[Kernel | System | Running] -- C:\Program Files\Common Files\Symantec
Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/10/25 02:10:00 |
000,215,040 | R--- | M] (Realtek Semiconductor Corporation
) [Kernel | On_Demand | Running] --
C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV -
[2005/04/24 21:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte
Ltd) [Kernel | On_Demand | Running] --
C:\WINDOWS\system32\drivers\DB3G.sys -- (Razerlow)
DRV - [2005/04/05
10:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel |
System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV
- [2005/04/05 10:17:00 | 000,017,976 | ---- | M] (Symantec Corporation)
[Kernel | On_Demand | Running] --
C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV -
[2005/04/01 19:36:04 | 000,123,200 | ---- | M] (Symantec Corporation)
[Kernel | Disabled | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS
-- (SymEvent)
DRV - [2005/03/30 20:48:20 | 000,372,832 | ---- | M]
(Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program
Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV
- [2005/03/29 23:03:06 | 001,035,264 | ---- | M] (ATI Technologies
Inc.) [Kernel | On_Demand | Stopped] --
C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV -
[2005/02/04 19:14:32 | 000,053,896 | ---- | M] (Symantec Corporation)
[Kernel | System | Running] -- C:\Program Files\Symantec
AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/02/04 19:14:30 |
000,324,232 | ---- | M] (Symantec Corporation) [Kernel | System |
Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV
- [2005/01/04 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co.,
Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\npptNT2.sys --
(NPPTNT2)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M]
(Creative Technology Ltd.) [Kernel | On_Demand | Running] --
C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV -
[2004/08/12 06:11:50 | 000,467,200 | ---- | M] (Intel Corporation)
[Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys --
(iastor)
DRV - [2004/04/29 17:55:42 | 000,186,112 | ---- | M]
(Broadcom Corporation) [Kernel | On_Demand | Running] --
C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/02/27
15:03:00 | 000,670,203 | R--- | M] (Intel Corporation) [Kernel |
On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys --
(Intels51) Intel(R)
DRV - [2001/08/22 07:42:58 | 000,013,632 | ---- |
M] (Dell Computer Corporation) [Kernel | System | Running] --
C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17
11:48:48 | 000,070,528 | ---- | M] (ATI Technologies Inc.) [Kernel |
On_Demand | Running] -- C:\WINDOWS\system32\drivers\atiragem.sys --
(atirage)
DRV - [2001/05/07 02:56:02 | 000,019,805 | R--- | M]
(Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] --
C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver
(usbio.sys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2776682
IE
- HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} -
C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - user.js..browser.search.defaultenginename: "Yoog Search"
FF - user.js..browser.search.defaulturl: "http://www10.searchonthego.net/search.php?q="
FF - user.js..browser.search.selectedEngine: "Yoog Search"
FF - user.js..keyword.URL: "http://www10.searchonthego.net/search.php?q="
FF - user.js..keyword.enabled: true

FF
- HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Components:
C:\Program Files\Mozilla Firefox\components [2010/10/31 14:46:58 |
000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox
3.5.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2010/10/29 14:42:24 | 000,000,000 | ---D | M]

[2008/12/03 20:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Extensions
[2009/08/01
15:47:06 | 000,000,000 | ---D | M] -- C:\Documents and
Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\f1b8zt9n.default\extensions
[2005/08/31
10:26:35 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents
and Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\f1b8zt9n.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/01
15:47:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and
Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\f1b8zt9n.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2006/08/21
10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and
Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\nx3cpuj5.casey\extensions
[2006/08/21
10:05:22 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents
and Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\nx3cpuj5.casey\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/12/05
22:48:00 | 000,000,000 | ---D | M] -- C:\Documents and
Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\t9e7m46d.jerry\extensions
[2010/05/21
15:01:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant)
-- C:\Documents and Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\t9e7m46d.jerry\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/18
14:50:27 | 000,000,256 | ---- | M] () -- C:\Documents and
Settings\Jerry\Application
Data\Mozilla\Firefox\Profiles\f1b8zt9n.default\searchplugins\Yoog
Search.xml
[2010/12/02 21:54:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/24
14:07:46 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla
Firefox\extensions\{ab7ba5a8-2cd0-433e-95a6-68331de246dd}
[2009/08/01
15:46:45 | 000,072,960 | ---- | M] (Foxit Software Company) --
C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007/04/14 13:22:27 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll
[2007/05/10 09:46:42 | 000,061,440 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkanevapatch.dll
[2005/04/27 12:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2006/01/18 11:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2010/10/21 15:06:08 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/21 15:06:08 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/21 15:06:08 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/21 15:06:08 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2004/08/12 05:57:47 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2
- BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} -
C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 -
BHO: (PnIEBrowserHelperObj Class) -
{4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink
TotalAccess\PnEL.dll (EarthLink, Inc.)
O2 - BHO: (BrotherSoft Extreme
Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program
Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O2 - BHO:
(Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 -
BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -
C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O2 - BHO:
(Little Fighter 2 Toolbar Helper) -
{AB41010D-4804-4793-A6A2-3B5EBE2348DD} - C:\Program Files\Little Fighter
2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll ()
O3 -
HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 -
HKLM\..\Toolbar: (Conduit Engine) -
{30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program
Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 -
HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) -
{51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program
Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 -
HKLM\..\Toolbar: (Little Fighter 2 Toolbar) -
{C11483F7-D7D8-4804-98D8-6055470BB989} - C:\Program Files\Little Fighter
2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll ()
O3 -
HKLM\..\Toolbar: (Pop-Up Blocker) -
{D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink
TotalAccess\PnEL.dll (EarthLink, Inc.)
O3 - HKLM\..\Toolbar: (AOL
Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program
Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar:
(Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 -
HKLM\..\Toolbar: (Viewpoint Toolbar) -
{F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program
Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll (Viewpoint
Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) -
{3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program
Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 -
HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) -
{51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program
Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 -
HKCU\..\Toolbar\WebBrowser: (Little Fighter 2 Toolbar) -
{C11483F7-D7D8-4804-98D8-6055470BB989} - C:\Program Files\Little Fighter
2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll ()
O3 -
HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) -
{DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL
Toolbar 4.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser:
(Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 -
HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop
Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ClientGW] File not found
O4 - HKLM..\Run: [eSnips] C:\Program Files\eSnips\ClientGW.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
O4
- HKLM..\Run: [ViewpointPhotosDeviceConnect] C:\Program
Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
(Viewpoint Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [207750] C:\Documents and Settings\Jerry\Local Settings\Temp\207750.exe ()
O4 - HKCU..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe File not found
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - HKCU..\Run: [SpySweeper] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4
- Startup: C:\Documents and Settings\All Users\Start
Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup:
C:\Documents and Settings\All Users\Start
Menu\Programs\Startup\MyWebSearch Email Plugin.lnk = C:\Program
Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE File not found
O4 - Startup:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SBC
Self Support Tool.lnk = C:\Program Files\SBC Self Support
Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup:
C:\Documents and Settings\All Users\Start
Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music
Jukebox\ymetray.exe ()
O4 - Startup: C:\Documents and
Settings\Jerry\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk =
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8
- Extra context menu item: &AOL Toolbar Search - c:\Program
Files\AOL\AOL Toolbar 4.0\resources\en-us\local\search.html ()
O8 -
Extra context menu item: &Viewpoint Search - C:\Program
Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll (Viewpoint
Corporation)
O9 - Extra Button: Yahoo! Login -
{2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program
Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools'
menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} -
C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra
Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} -
C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O9 - Extra
Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools'
menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} -
C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9
- Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} -
C:\Documents and Settings\Jerry\Start Menu\Programs\IMVU\Run IMVU.lnk
File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18
- Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} -
C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard
Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20
- Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll -
C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Desktop Background.bmp
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/15 16:52:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: extrmsg - (C:\WINDOWS\system32\esenfc.dll) - C:\WINDOWS\System32\esenfc.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

SafeBootMin: AaaAAAA - Driver
SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AaaAAAA - Driver
SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - Reg Error: Value error.
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} - Reg Error: Value error.
ActiveX: {25A4B6D0-CF64-48EF-A4A2-7CD30F44FEEC} - Reg Error: Value error.
ActiveX: {26FCDD66-A1AA-49AF-B65A-069DA3A75221} - Reg Error: Value error.
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX:
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} -
%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall
%SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {362A5D5E-1BF6-4CA7-87B4-B6686F3C1BEF} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {38539595-3E29-410d-ABBD-3D6A75BC9A73} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX:
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook
Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX:
{44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe
advpack.dll,LaunchINFSection
C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
{4b218e3e-bc98-4770-93d3-2731b9329278} -
%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection
MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - Reg Error: Value error.
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
{5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe
advpack.dll,LaunchINFSection
C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {76C19B33-F0C8-11cf-87CC-0020AFEECF20} - Chinese (Traditional) Language Support
ActiveX:
{7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook
Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {944D7BBB-EA1D-43EB-B49F-F517CF2B6C9D} - Reg Error: Value error.
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {CE734E0A-D6D3-4A92-AF9F-499BE87A025C} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F53CE5EC-1CD8-41EB-A220-F8EA247E3A06} - Reg Error: Value error.
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

Admin Posts : 87 Reputation : 0 Join date : 2010-12-24

2nd part

========== Files/Folders - Created Within 30 Days ==========

[2010/11/22 17:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/11/21 15:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\My Documents\download
[2007/04/14 13:22:30 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/06 15:47:14 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/06 15:42:17 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Hard Drive Diagnostic.lnk
[2010/12/06 15:40:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/05
22:27:41 | 000,000,978 | ---- | M] () --
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1972579041-725345543-1004UA.job
[2010/12/05 21:23:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/05
17:26:12 | 000,000,926 | ---- | M] () --
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1972579041-725345543-1004Core.job
[2010/12/03
16:33:53 | 000,002,262 | ---- | M] () -- C:\Documents and
Settings\Jerry\Application Data\Microsoft\Internet Explorer\Quick
Launch\Google Chrome.lnk
[2010/12/03 16:33:52 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Google Chrome.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/07 12:03:12 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/07 12:03:11 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/06 15:42:12 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Hard Drive Diagnostic.lnk
[2010/11/22 20:14:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/06 16:24:15 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Google Chrome.lnk
[2010/11/06
16:24:15 | 000,002,262 | ---- | C] () -- C:\Documents and
Settings\Jerry\Application Data\Microsoft\Internet Explorer\Quick
Launch\Google Chrome.lnk
[2010/11/06 16:22:00 | 000,000,978 | ---- |
C] () --
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1972579041-725345543-1004UA.job
[2010/11/06
16:21:58 | 000,000,926 | ---- | C] () --
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1972579041-725345543-1004Core.job
[2010/10/30 13:35:20 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\completescan
[2010/10/30 13:30:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\install
[2009/06/11 13:32:14 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/10/15 16:17:21 | 000,000,039 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2007/07/03 14:54:52 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/16 20:07:19 | 000,081,920 | R--- | C] () -- C:\WINDOWS\System32\srctrl.dll
[2007/01/26 09:25:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/12/27 12:05:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/28
20:07:49 | 000,000,128 | ---- | C] () -- C:\Documents and
Settings\Jerry\Local Settings\Application Data\fusioncache.dat
[2006/08/23 11:04:02 | 000,000,127 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2006/03/31 15:27:08 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/12/29 15:46:02 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2005/11/11
12:37:44 | 000,016,384 | ---- | C] () -- C:\Documents and
Settings\Jerry\Local Settings\Application
Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/31 10:27:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2005/08/31 09:50:27 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/05/19 19:57:32 | 000,000,324 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/05/19 19:57:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2005/05/19 19:57:09 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2005/05/16 19:06:26 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2005/05/15 17:01:02 | 000,000,377 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/15 09:42:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/04 23:30:18 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[1999/01/22 10:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2007/08/02 09:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2007/09/16 14:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2007/02/15 20:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/08/12 20:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2010/05/19
20:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All
Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2005/09/20 19:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Aim
[2005/05/16 19:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Earthlink
[2009/08/01 15:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Foxit
[2007/08/02 09:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\GameHouse
[2010/10/16 10:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\GetRightToGo
[2010/09/15 21:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2007/10/19 20:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IMVU
[2007/09/16 14:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\PlayFirst
[2006/08/14 20:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Snapfish
[2007/02/15 20:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Viewpoint

========== Purity Check ==========

========== Custom Scans ==========

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005/05/15 16:52:14 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2003/07/29 05:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
[2008/07/06
04:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) --
C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06
02:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) --
C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2008/06/17
08:58:47 | 000,001,554 | -H-- | M] () -- C:\Documents and
Settings\Jerry\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2007/04/14 13:22:26 | 000,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2005/05/15 16:52:31 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005/05/15
16:56:59 | 000,000,119 | -HS- | M] () -- C:\Documents and
Settings\Jerry\Application Data\Microsoft\Internet Explorer\Quick
Launch\desktop.ini
[2005/05/15 16:56:58 | 000,000,079 | ---- | M] ()
-- C:\Documents and Settings\Jerry\Application Data\Microsoft\Internet
Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2005/09/20 19:46:31 | 008,715,352 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Install_AIM.exe
[2009/04/19
14:27:55 | 001,878,888 | ---- | M] (Adobe Systems Incorporated) --
C:\Documents and Settings\Jerry\Desktop\install_flash_player(3).exe
[2006/11/01 21:22:24 | 001,355,912 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\install_flash_player-2.exe
[2007/02/10 10:28:41 | 001,410,680 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\install_flash_player-3.exe
[2006/08/23 14:47:30 | 013,316,052 | ---- | M] (Little Fighter 2) -- C:\Documents and Settings\Jerry\Desktop\lf2_v19c_Setup.exe
[2006/10/28
16:28:16 | 541,633,984 | ---- | M] (Macrovision Corporation
) -- C:\Documents and
Settings\Jerry\Desktop\setup.exe
[2008/04/12 08:56:37 | 000,185,008 |
---- | M] (Adobe Systems Incorporated) -- C:\Documents and
Settings\Jerry\Desktop\uninstall_flash_player.exe
[2006/08/12 20:45:46 | 000,372,784 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\ymjsetup-2.exe
[2006/08/12 20:43:21 | 000,372,784 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\ymjsetup.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2006/03/31
15:58:51 | 000,315,624 | ---- | M] (Microsoft Corporation) --
C:\Documents and Settings\Jerry\My Documents\dxwebsetup.exe
[2005/05/16 18:46:10 | 002,636,408 | ---- | M] () -- C:\Documents and Settings\Jerry\My Documents\Installation - Ad-aware.exe
[2005/02/21
17:19:54 | 020,798,256 | ---- | M] (Netopsystems AG
) -- C:\Documents and Settings\Jerry\My Documents\Installation -
Adobe.exe
[2005/05/03 19:35:20 | 003,626,136 | ---- | M] (Microsoft
Corporation) -- C:\Documents and Settings\Jerry\My
Documents\Installation - Chinese.exe
[2005/08/31 10:26:13 |
004,876,472 | ---- | M] (Mozilla) -- C:\Documents and Settings\Jerry\My
Documents\Installation - Firefox.exe
[2005/02/28 16:11:24 | 000,700,120 | ---- | M] () -- C:\Documents and Settings\Jerry\My Documents\Installation - Flashplayer.exe
[2005/02/27 16:22:52 | 012,009,680 | ---- | M] () -- C:\Documents and Settings\Jerry\My Documents\Installation - Mozilla.exe
[2005/05/02
19:06:36 | 010,843,680 | ---- | M] (RealNetworks, Inc.) -- C:\Documents
and Settings\Jerry\My Documents\Installation - Realplayer.exe
[2005/02/21
17:53:32 | 012,754,672 | ---- | M] (Microsoft Corporation) --
C:\Documents and Settings\Jerry\My Documents\Installation - WMP.exe
[2005/05/19
20:52:14 | 015,814,200 | ---- | M] (Sun Microsystems, Inc.
) -- C:\Documents and Settings\Jerry\My
Documents\jre-1_5_0_01-windows-i586-p.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/10/29 14:41:31 | 000,122,328 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/10/29 14:41:34 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/10/29 14:41:50 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2005/05/15 16:56:58 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Jerry\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[2010/02/16 05:17:38 | 002,137,088 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntoskrnl.exe
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2005/05/15 09:40:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/05/15 09:40:53 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/05/15 09:40:53 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/12 05:55:47 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/12 05:56:34 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/08/12 05:57:44 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/12 05:58:39 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/12 05:58:39 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2005/01/04 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\system32\npptNT2.sys
[2004/08/12 06:02:34 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/12 06:02:34 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/12 06:02:34 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/12 06:02:34 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/12 06:02:35 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/12 06:02:36 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/12 06:02:37 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/12 06:02:37 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/12 06:02:37 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/12 06:02:37 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2005/05/10
03:36:29 | 000,016,848 | ---- | M] (Printing Communications Assoc.,
Inc. (PCAUSA)) -- C:\WINDOWS\system32\Pcandis4.sys
[2005/05/10
03:36:29 | 000,017,162 | ---- | M] (Printing Communications Assoc., Inc.
(PCAUSA)) -- C:\WINDOWS\system32\Pcandis5.sys
[2004/08/12 06:08:45 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/05/01 21:56:34 | 001,850,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2005/03/29 22:30:52 | 000,036,864 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2003/07/29 05:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
[2008/07/06
04:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) --
C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %SYSTEMDRIVE%\*.* >
[2008/04/09 19:43:59 | 000,006,129 | ---- | M] () -- C:\0x0409.ini
[2005/05/15 16:52:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/05/15 16:49:00 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2005/05/15 16:52:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2001/09/05 22:00:58 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\gdiplus.dll
[2010/10/16 10:47:20 | 000,000,169 | ---- | M] () -- C:\INSTALL.LOG
[2005/05/15 16:52:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/06/11 15:30:43 | 000,004,443 | -H-- | M] () -- C:\IPH.PH
[2005/05/15 16:52:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/12 06:02:33 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/12 06:02:38 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/12/06 15:40:48 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2008/04/09 19:43:59 | 000,002,059 | ---- | M] () -- C:\Setup.INI
[2008/04/09 19:44:00 | 000,128,625 | ---- | M] () -- C:\setup.isn
[2005/10/31 07:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2008/04/09 19:44:09 | 012,461,568 | ---- | M] () -- C:\veoh.msi
[2005/08/31 10:22:20 | 000,008,254 | -H-- | M] () -- C:\_NavCClt.Log

< %PROGRAMFILES%\*. >
[2005/12/07 21:14:36 | 000,000,000 | ---D | M] -- C:\Program Files\Activision Value
[2008/04/09 19:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2007/06/11 19:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2005/06/30 21:40:22 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2006/09/14 19:47:33 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2007/06/11 15:01:31 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2010/05/19 19:43:46 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/08/01 15:47:06 | 000,000,000 | ---D | M] -- C:\Program Files\AskBarDis
[2006/03/07 22:47:47 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2007/02/10 10:56:40 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2010/05/19 19:38:47 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2005/08/31 09:35:59 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2005/08/31 09:44:23 | 000,000,000 | ---D | M] -- C:\Program Files\BroadJump
[2010/10/16 10:43:25 | 000,000,000 | ---D | M] -- C:\Program Files\BrotherSoft_Extreme
[2006/04/03 16:40:03 | 000,000,000 | ---D | M] -- C:\Program Files\Castle
[2010/01/02 14:06:07 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/10/16 10:42:51 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2005/08/17 10:41:20 | 000,000,000 | ---D | M] -- C:\Program Files\Crosscountry2
[2009/03/26 14:37:54 | 000,000,000 | ---D | M] -- C:\Program Files\Datel
[2005/05/19 19:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dell 720
[2005/05/19 19:58:03 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Computer
[2009/09/27 12:21:31 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2007/04/16 19:29:59 | 000,000,000 | ---D | M] -- C:\Program Files\Disc2Phone
[2010/01/02 14:06:59 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2005/08/31 10:11:25 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink TotalAccess
[2007/10/15 15:39:51 | 000,000,000 | ---D | M] -- C:\Program Files\EndlessOnline
[2009/08/01 15:46:53 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Software
[2007/08/02 09:54:08 | 000,000,000 | ---D | M] -- C:\Program Files\GameHouse
[2007/10/13 09:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2006/12/05 21:33:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2006/03/31 15:37:14 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2006/08/12 20:53:54 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2007/10/19 20:35:31 | 000,000,000 | ---D | M] -- C:\Program Files\IMVU
[2009/09/27 12:20:55 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/06/27 23:27:18 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/05/19 19:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/05/19 20:01:06 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2005/05/19 19:58:42 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2009/04/01 19:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2007/08/21 13:46:08 | 000,000,000 | ---D | M] -- C:\Program Files\Kaneva
[2005/06/12 09:58:19 | 000,000,000 | ---D | M] -- C:\Program Files\KONAMI
[2005/05/16 18:55:24 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2007/05/12 10:55:59 | 000,000,000 | ---D | M] -- C:\Program Files\Lemonade Tycoon 2
[2007/04/16 20:07:25 | 000,000,000 | ---D | M] -- C:\Program Files\LGGSM
[2008/01/07 22:16:50 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2007/06/15 15:13:52 | 000,000,000 | ---D | M] -- C:\Program Files\Little Fighter 2 Toolbar
[2006/08/23 15:20:41 | 000,000,000 | ---D | M] -- C:\Program Files\LittleFighter2
[2007/10/15 15:29:57 | 000,000,000 | ---D | M] -- C:\Program Files\MAIET
[2010/12/05 21:44:33 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2007/05/12 11:08:59 | 000,000,000 | ---D | M] -- C:\Program Files\Maxis
[2008/08/13 17:12:02 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2005/05/16 19:01:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Agent
[2005/05/15 16:52:34 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2005/09/20 19:40:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2005/09/20 19:43:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2010/03/09 18:01:54 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/06 15:44:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/08/15 16:51:23 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/11/22 17:29:54 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2005/05/15 16:49:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/06/07 19:26:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/08/15 16:46:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/06/03 20:39:16 | 000,000,000 | ---D | M] -- C:\Program Files\MySpace
[2005/05/15 16:50:54 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2007/06/07 19:27:59 | 000,000,000 | ---D | M] -- C:\Program Files\OLYMPUS
[2010/05/11 17:01:06 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2008/03/19 20:13:54 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2007/06/03 20:43:18 | 000,000,000 | ---D | M] -- C:\Program Files\PizzaFrenzy_at
[2006/02/15 17:39:55 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2010/05/19 19:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/04/14 13:22:24 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/08/15 16:51:14 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/04/14 10:08:40 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2006/11/28 20:14:02 | 000,000,000 | ---D | M] -- C:\Program Files\SBC Self Support Tool
[2005/08/31 09:53:02 | 000,000,000 | ---D | M] -- C:\Program Files\SBC Yahoo!
[2007/05/12 11:08:17 | 000,000,000 | ---D | M] -- C:\Program Files\SimTheme Park
[2006/10/29 09:00:15 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/06 15:44:20 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2005/08/31 10:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2010/12/06 16:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec AntiVirus
[2005/12/07 20:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\Team6 game studios
[2005/12/29 17:30:37 | 000,000,000 | ---D | M] -- C:\Program Files\Three Rings Design
[2006/02/15 17:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\TryMedia
[2006/02/13 20:36:32 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/10/23 19:51:53 | 000,000,000 | ---D | M] -- C:\Program Files\Wedding Dash
[2007/08/15 09:32:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2005/05/15 16:49:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/07/13 21:28:02 | 000,000,000 | ---D | M] -- C:\Program Files\Wizet
[2006/11/28 20:13:41 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2006/10/29 09:01:47 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2010/10/30 13:35:20 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\completescan
[2005/05/15 09:42:13 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Jerry\Application Data\desktop.ini
[2010/10/30 13:30:39 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\install

< MD5 for: AGP440.SYS >
[2004/08/12 06:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13
10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation)
MD5=08FD04AA961BDC77FB983F328334E3D7 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/12 06:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13
10:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation)
MD5=9F3A2F5AA6875C72BF062C712CFA2674 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/12
05:55:51 | 000,095,360 | ---- | M] (Microsoft Corporation)
MD5=CDFE4411A69C224BD1D11B2DA92DAC51 --
C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/12 06:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2004/08/12
05:56:54 | 000,036,352 | ---- | M] (Microsoft Corporation)
MD5=00CA44E4534865F8A3B64F7C0984BFF0 --
C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 10:40:47 |
000,036,352 | ---- | M] (Microsoft Corporation)
MD5=044452051F3E02E7963599FC8F4F3E25 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\disk.sys

< MD5 for: EVENTLOG.DLL >
[2003/12/08
15:26:04 | 000,131,072 | ---- | M] (EarthLink, Inc.)
MD5=571E2D69C1D0932E89C8479B87079906 -- C:\Program Files\EarthLink
TotalAccess\EventLog.dll
[2008/04/13 16:11:53 | 000,056,320 | ---- |
M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/12
05:57:17 | 000,055,808 | ---- | M] (Microsoft Corporation)
MD5=82B24CB70E5944E6E34662205A2A5B78 --
C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/12 05:57:17 |
000,055,808 | ---- | M] (Microsoft Corporation)
MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2004/08/12
06:11:50 | 000,467,200 | ---- | M] (Intel Corporation)
MD5=F26BFD48B1C314E0F23BF77ACFA75940 --
C:\WINDOWS\dell\iastor\iastor.sys
[2004/08/12 06:11:50 | 000,467,200 |
---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 --
C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13
16:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation)
MD5=1B7F071C51B77C272875C3A23E1E4550 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06
10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation)
MD5=6C476D33D82F1054849790181E8F7772 --
C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 10:46:09
| 000,408,064 | ---- | M] (Microsoft Corporation)
MD5=6C476D33D82F1054849790181E8F7772 --
C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/12 06:02:00
| 000,407,040 | ---- | M] (Microsoft Corporation)
MD5=96353FCECBA774BB8DA74A1C6507015A --
C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/12 06:02:00 |
000,407,040 | ---- | M] (Microsoft Corporation)
MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/12
06:04:44 | 000,180,224 | ---- | M] (Microsoft Corporation)
MD5=0F78E27F563F2AAF74B91A49E2ABF19A --
C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/12 06:04:44 |
000,180,224 | ---- | M] (Microsoft Corporation)
MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13
16:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation)
MD5=A86BB5E61BF3E39B62AB4C7E7085A084 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/12 06:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2004/08/03
22:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation)
MD5=6CD7B22193718F1D17A47A1CD6D37E75 --
C:\WINDOWS\system32\dllcache\usbstor.sys
[2004/08/03 22:08:48 |
000,026,496 | ---- | M] (Microsoft Corporation)
MD5=6CD7B22193718F1D17A47A1CD6D37E75 --
C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/13 10:45:38 |
000,026,368 | ---- | M] (Microsoft Corporation)
MD5=A32426D9B14A089EAA1D922E0C5801A9 --
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\usbstor.sys

<

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto
Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto
Update\Results\Install\\LastSuccessTime: 2010-11-10 07:13:23

< End of report >

Admin Posts : 87 Reputation : 0 Join date : 2010-12-24

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{133CD5EF-A4A1-442a-8D50-910B5DEF76BD}" = 4200_Help
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19526CAF-CF4D-470E-A134-A9A1A19C5782}" = ErrorSmart
"{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}" = The Sims Superstar
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{279C4248-7769-45CA-A03F-E8339954C4F3}" = EarthLink Redistributed
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2A011F38-2F3B-484F-9595-E8462430F0BF}" = ELNBonus
"{2F72E05E-2371-4C05-9091-B643A9456267}" = EarthLink Setup
"{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{34611BCF-3157-405b-A34E-879C7DC79142}" = 4200
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{50915408-4940-4C36-B4CC-0D9944FA4C59}" = EarthLink FastLane
"{51487A3E-7A7D-46D8-B7E5-7F85B57B8C2F}" = EarthLink Common
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5A633ED0-E5D7-4D65-AB8D-53ED43510284}" = Symantec AntiVirus
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62329568-19B5-43CF-9524-3EE4DD709D01}" = EarthLink Pop-Up Blocker
"{63F2408D-A675-4d97-A256-70EACB6B9B4A}" = AiOSoftware
"{68A2A8FC-2CA0-4b6c-BE09-CC7ABE2A8DDC}" = 4200Trb
"{691B06EC-F84C-4103-B4D4-3FC5BC4941E9}" = OLYMPUS muvee theaterPack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{83670AE5-73B8-49E0-933E-954987391587}" = EarthLink Update Manager
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{96C267DA-0926-4C11-B4E7-4D3EF85130D0}" = Paint.NET v3.22
"{9A0DCD97-9648-45ed-A52C-133C728AB2FF}" = 4200Tour
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA52B348-0683-49B3-BE24-8D042C7AC544}" = Deal Info
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ACF2AD4B-9374-4B72-B79B-A743CD41F2A4}" = EarthLink TaskPanel
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF226123-1A6F-4ec1-8DEF-E35E7A0D0127}" = Fax
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C69AEBA2-6BDC-4C84-9275-6A48D4E1E4B1}" = EarthLink MailBox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB8251EE-C86B-410D-83B2-1E28E9DE2C2B}" = LG GSM PC Components
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D9C3CDEB-BC7F-4CB3-BC92-719B365DF28E}" = EarthLink IM
"{DBDB8C5A-E0B9-4C10-A649-59D962E3A07F}" = EarthLink Webspace
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0FC1E09-AF67-47BC-9E61-90ECFEB4CE82}" = OLYMPUS Master 2
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"a6927771-15e2-e782-974c-142740629d47" = Contextual Platform Globaladsolution
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AFD653D92C0CA9E8F375124D6A0B19FFBA89B1D2" = Windows Driver Package - Razer (Razerlow) HIDClass (03/07/2007 1.0.0.2)
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Toolbar 4.0" = AOL Toolbar 4.0
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"BroadJump Client Foundation" = BroadJump Client Foundation
"BrotherSoft_Extreme Toolbar" = BrotherSoft Extreme Toolbar
"conduitEngine" = Conduit Engine
"Dell Photo Printer 720" = Dell Photo Printer 720
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EarthLink TotalAccess 2004" = EarthLink TotalAccess 2004
"Endless Online" = Endless Online 0.28
"Foxit Reader" = Foxit Reader
"GoogleVideoPlayer" = Google Video Player
"Gunz" = MAIET entertainment - Gunz
"HP Photo & Imaging" = HP Image Zone 3.5
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"LimeWire" = LimeWire 4.16.0
"Little Fighter 2" = Little Fighter 2 1.9c
"Little Fighter 2 Toolbar" = Little Fighter 2 Toolbar
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.15)" = Mozilla Firefox (3.5.15)
"Owl and Mouse Build a Castle" = Owl and Mouse Build a Castle
"RealArcade 1.2" = RealArcade
"SBC Yahoo! Applications" = SBC Yahoo! Applications
"SBC.MCCInstall" = SBC Self Support Tool
"Steam App 80" = Condition Zero
"TruVoice" = Lernout & Hauspie TruVoice for Microsoft Agent
"vcrckdonhjokc" = RON Tool Globaladsolution
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"ViewpointSearchBarV35" = Viewpoint Toolbar V35 (Remove Only)
"Wedding Dash_is1" = Wedding Dash
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinGimp-2.0_is1" = The GIMP 2.2.17
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"World of Kaneva" = World of Kaneva Phase 1
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Music Engine" = Yahoo! Music Jukebox
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZHTIELangPack" = Chinese (Traditional) Language Support

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/5/2010 7:19:21 PM | Computer Name = LAMFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.46.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/6/2010 12:18:34 AM | Computer Name = LAMFAMILY | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.

Error - 12/6/2010 1:59:16 AM | Computer Name = LAMFAMILY | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.

Error - 12/6/2010 8:02:28 PM | Computer Name = LAMFAMILY | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.

Error - 12/6/2010 8:07:01 PM | Computer Name = LAMFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.1.1.12, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 232: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 11/14/2010 3:44:29 PM | Computer Name = LAMFAMILY | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 0018E7421CBE has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 12/3/2010 12:39:44 AM | Computer Name = LAMFAMILY | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.

Error - 12/5/2010 8:51:25 PM | Computer Name = LAMFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12/5/2010 8:52:23 PM | Computer Name = LAMFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips intelppm NPPTNT2 OMCI SAVRT SAVRTPEL SYMTDI

Error - 12/5/2010 9:09:31 PM | Computer Name = LAMFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12/5/2010 9:10:27 PM | Computer Name = LAMFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde

Error - 12/6/2010 1:44:56 AM | Computer Name = LAMFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde

Admin Posts : 87 Reputation : 0 Join date : 2010-12-24

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{133CD5EF-A4A1-442a-8D50-910B5DEF76BD}" = 4200_Help
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19526CAF-CF4D-470E-A134-A9A1A19C5782}" = ErrorSmart
"{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}" = The Sims Superstar
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{279C4248-7769-45CA-A03F-E8339954C4F3}" = EarthLink Redistributed
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2A011F38-2F3B-484F-9595-E8462430F0BF}" = ELNBonus
"{2F72E05E-2371-4C05-9091-B643A9456267}" = EarthLink Setup
"{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{34611BCF-3157-405b-A34E-879C7DC79142}" = 4200
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{50915408-4940-4C36-B4CC-0D9944FA4C59}" = EarthLink FastLane
"{51487A3E-7A7D-46D8-B7E5-7F85B57B8C2F}" = EarthLink Common
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5A633ED0-E5D7-4D65-AB8D-53ED43510284}" = Symantec AntiVirus
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62329568-19B5-43CF-9524-3EE4DD709D01}" = EarthLink Pop-Up Blocker
"{63F2408D-A675-4d97-A256-70EACB6B9B4A}" = AiOSoftware
"{68A2A8FC-2CA0-4b6c-BE09-CC7ABE2A8DDC}" = 4200Trb
"{691B06EC-F84C-4103-B4D4-3FC5BC4941E9}" = OLYMPUS muvee theaterPack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{83670AE5-73B8-49E0-933E-954987391587}" = EarthLink Update Manager
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{96C267DA-0926-4C11-B4E7-4D3EF85130D0}" = Paint.NET v3.22
"{9A0DCD97-9648-45ed-A52C-133C728AB2FF}" = 4200Tour
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA52B348-0683-49B3-BE24-8D042C7AC544}" = Deal Info
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ACF2AD4B-9374-4B72-B79B-A743CD41F2A4}" = EarthLink TaskPanel
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF226123-1A6F-4ec1-8DEF-E35E7A0D0127}" = Fax
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C69AEBA2-6BDC-4C84-9275-6A48D4E1E4B1}" = EarthLink MailBox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB8251EE-C86B-410D-83B2-1E28E9DE2C2B}" = LG GSM PC Components
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D9C3CDEB-BC7F-4CB3-BC92-719B365DF28E}" = EarthLink IM
"{DBDB8C5A-E0B9-4C10-A649-59D962E3A07F}" = EarthLink Webspace
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0FC1E09-AF67-47BC-9E61-90ECFEB4CE82}" = OLYMPUS Master 2
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"a6927771-15e2-e782-974c-142740629d47" = Contextual Platform Globaladsolution
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AFD653D92C0CA9E8F375124D6A0B19FFBA89B1D2" = Windows Driver Package - Razer (Razerlow) HIDClass (03/07/2007 1.0.0.2)
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Toolbar 4.0" = AOL Toolbar 4.0
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"BroadJump Client Foundation" = BroadJump Client Foundation
"BrotherSoft_Extreme Toolbar" = BrotherSoft Extreme Toolbar
"conduitEngine" = Conduit Engine
"Dell Photo Printer 720" = Dell Photo Printer 720
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EarthLink TotalAccess 2004" = EarthLink TotalAccess 2004
"Endless Online" = Endless Online 0.28
"Foxit Reader" = Foxit Reader
"GoogleVideoPlayer" = Google Video Player
"Gunz" = MAIET entertainment - Gunz
"HP Photo & Imaging" = HP Image Zone 3.5
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"LimeWire" = LimeWire 4.16.0
"Little Fighter 2" = Little Fighter 2 1.9c
"Little Fighter 2 Toolbar" = Little Fighter 2 Toolbar
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.15)" = Mozilla Firefox (3.5.15)
"Owl and Mouse Build a Castle" = Owl and Mouse Build a Castle
"RealArcade 1.2" = RealArcade
"SBC Yahoo! Applications" = SBC Yahoo! Applications
"SBC.MCCInstall" = SBC Self Support Tool
"Steam App 80" = Condition Zero
"TruVoice" = Lernout & Hauspie TruVoice for Microsoft Agent
"vcrckdonhjokc" = RON Tool Globaladsolution
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"ViewpointSearchBarV35" = Viewpoint Toolbar V35 (Remove Only)
"Wedding Dash_is1" = Wedding Dash
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinGimp-2.0_is1" = The GIMP 2.2.17
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"World of Kaneva" = World of Kaneva Phase 1
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Music Engine" = Yahoo! Music Jukebox
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZHTIELangPack" = Chinese (Traditional) Language Support

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/5/2010 7:19:21 PM | Computer Name = LAMFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.46.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/6/2010 12:18:34 AM | Computer Name = LAMFAMILY | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.

Error - 12/6/2010 1:59:16 AM | Computer Name = LAMFAMILY | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.

Error - 12/6/2010 8:02:28 PM | Computer Name = LAMFAMILY | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.

Error - 12/6/2010 8:07:01 PM | Computer Name = LAMFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.1.1.12, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 232: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 12/6/2010 8:07:09 PM | Computer Name = LAMFAMILY | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 11/14/2010 3:44:29 PM | Computer Name = LAMFAMILY | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 0018E7421CBE has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 12/3/2010 12:39:44 AM | Computer Name = LAMFAMILY | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.

Error - 12/5/2010 8:51:25 PM | Computer Name = LAMFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12/5/2010 8:52:23 PM | Computer Name = LAMFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips intelppm NPPTNT2 OMCI SAVRT SAVRTPEL SYMTDI

Error - 12/5/2010 9:09:31 PM | Computer Name = LAMFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12/5/2010 9:10:27 PM | Computer Name = LAMFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde

Error - 12/6/2010 1:44:56 AM | Computer Name = LAMFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde

Admin Posts : 87 Reputation : 0 Join date : 2010-12-24

Hi,

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

* Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [URL="http://www.bleepingcomputer.com/forums/topic114351.html"]here[/URL]
* Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
* As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
* Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

* Click on Yes, to continue scanning for malware.
* When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

» Still cant get rid of hard drive diagnostic after using malware remov and others
» Still cant get rid of hard drive diagnostic after using malware remov and others
» How to Add an External Hard Drive to Your Boxee Box
» Portugal Fails to Ease Bailout Concern With Spending-Cut Drive