WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Security Certificate [Solved]

Started by WyandotteWyno , Feb 09 2012 12:17 AM

This topic is locked

22 replies to this topic

#1 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 09 February 2012 - 12:17 AM

When trying to open aol mailbox it says there is something wrong with my security certificate and i should not proceed any further. II can't use windows update from microsoft.com, it won't let me download the new definitions for my windows security essentials program and it wouldn't let me run the fix it center either.

I ran the OTL scan but there wasn't an Extras.txt log.

OTL logfile created on: 2/9/2012 12:00:47 AM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.73 Mb Total Physical Memory | 652.22 Mb Available Physical Memory | 64.27% Memory free
1.88 Gb Paging File | 1.64 Gb Available in Paging File | 87.50% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 21.78 Gb Free Space | 58.45% Space Free | Partition Type: NTFS

Computer Name: YOUR-3B54ED6EDD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Owner\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINNT\explorer.exe (Microsoft Corporation)
PRC - C:\WINNT\wanmpsvc.exe (America Online, Inc.)

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - (wuauserv) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (AOLService) -- File not found
SRV - (AOL ACS) -- File not found
SRV - (ACDaemon) -- File not found
SRV - (aawservice) -- File not found
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINNT\system32\TUProgSt.exe (TuneUp Software)
SRV - (AresChatServer) -- C:\Program Files\Ares\chatServer.exe (Ares Development Group)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\WINNT\wanmpsvc.exe (America Online, Inc.)
SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)

========== Driver Services (SafeList) ==========

DRV - (MSHUSBVideo) -- C:\WINNT\system32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (SBRE) -- C:\WINNT\system32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (Tcpip6) -- C:\WINNT\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (ATWPKT2) -- C:\WINNT\system32\drivers\atwpkt2.sys ()
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINNT\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (RecAgent) -- C:\WINNT\system32\drivers\recagent.sys (Smart Link)
DRV - (MxlW2k) -- C:\WINNT\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (Mtlmnt5) -- C:\WINNT\system32\drivers\mtlmnt5.sys ( )
DRV - (Mtlstrm) -- C:\WINNT\system32\drivers\mtlstrm.sys ( )
DRV - (SlNtHal) -- C:\WINNT\system32\drivers\slnthal.sys ( )
DRV - (NtMtlFax) -- C:\WINNT\system32\drivers\ntmtlfax.sys ( )
DRV - (Slntamr) -- C:\WINNT\system32\drivers\slntamr.sys ( )
DRV - (SlWdmSup) -- C:\WINNT\system32\drivers\slwdmsup.sys (Vireo Software)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINNT\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (Aspi32) -- C:\WINNT\System32\drivers\aspi32.sys (Adaptec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://my.aol.com/?n...s00050000000002 [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINNT\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINNT\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINNT\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/02 18:07:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/17 23:04:20 | 000,000,000 | ---D | M]

[2012/01/17 21:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2012/01/27 20:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\qaydy8da.default\extensions
[2012/01/17 21:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QAYDY8DA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QAYDY8DA.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QAYDY8DA.DEFAULT\EXTENSIONS\BROWSERPROTECT@BROWSERPROTECT.COM.XPI
[2012/02/02 18:07:38 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/20 22:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/20 22:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{googl
e:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chro
me&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client
=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINNT\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/01/10 18:19:38 | 000,000,027 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://dcode.suppor...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1199318644546 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg...t/c381/chat.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong Solitaire http://download.game...s/y/mjst4_x.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC7BC81B-A70D-4700-8CBA-E1D77637A0FA}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\userinit.exe) -C:\WINNT\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINNT\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found
NetSvcs: Ip6FwHlp - File not found

Drivers32: msacm.divxa32 - C:\WINNT\System32\DivXa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINNT\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINNT\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINNT\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINNT\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINNT\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINNT\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I263 - C:\WINNT\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINNT\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINNT\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINNT\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINNT\System32\ir50_32.dll ()
Drivers32: VIDC.WMV3 - C:\WINNT\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.X264 - x264vfw.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/08 23:58:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/02/08 23:46:59 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\FixitCenter_Run.exe
[2012/01/17 23:12:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Unused Desktop Shortcuts
[2012/01/17 23:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Sun
[2012/01/17 23:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012/01/17 23:04:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/01/17 23:04:20 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\npdeployJava1.dll
[2012/01/17 23:04:20 | 000,567,184 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\deployJava1.dll
[2012/01/17 23:04:20 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\javaws.exe
[2012/01/17 23:04:20 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\javaw.exe
[2012/01/17 23:04:20 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\java.exe
[2012/01/17 23:04:20 | 000,141,312 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\javacpl.cpl
[2012/01/17 20:18:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/01/16 23:39:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/13 22:23:04 | 000,000,000 | ---D | C] -- C:\c1d7fc001171605dddde
[2012/01/13 17:32:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2008/06/01 17:56:09 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
[2008/06/01 17:56:09 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr80.dll
[2008/06/01 17:56:09 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp80.dll
[2008/06/01 17:56:09 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm80.dll
[2003/07/01 19:02:45 | 000,014,976 | ---- | C] ( ) -- C:\WINNT\System32\drivers\winddx.sys
[1979/12/31 23:00:00 | 001,295,472 | ---- | C] ( ) -- C:\WINNT\System32\drivers\mtlstrm.sys
[1979/12/31 23:00:00 | 000,521,408 | ---- | C] ( ) -- C:\WINNT\System32\drivers\slntamr.sys
[1979/12/31 23:00:00 | 000,210,592 | ---- | C] ( ) -- C:\WINNT\System32\drivers\mtlmnt5.sys
[1979/12/31 23:00:00 | 000,169,120 | ---- | C] ( ) -- C:\WINNT\System32\drivers\ntmtlfax.sys
[1979/12/31 23:00:00 | 000,085,688 | ---- | C] ( ) -- C:\WINNT\System32\drivers\slnthal.sys
[1979/12/31 23:00:00 | 000,045,056 | ---- | C] ( ) -- C:\WINNT\System32\slserv.exe

========== Files - Modified Within 30 Days ==========

[2012/02/08 23:58:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/02/08 23:50:24 | 000,000,424 | -H-- | M] () -- C:\WINNT\tasks\MP Scheduled Scan.job
[2012/02/08 23:47:10 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\FixitCenter_Run.exe
[2012/02/08 23:25:13 | 000,001,158 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2012/02/08 23:23:03 | 000,000,978 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskUserS-1-5-21-4096060120-124127034-945509873-1003UA.job
[2012/02/08 23:22:50 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2012/02/08 18:23:00 | 000,000,926 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskUserS-1-5-21-4096060120-124127034-945509873-1003Core.job
[2012/01/27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\MpSigStub.exe
[2012/01/25 11:22:12 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/25 11:22:11 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2012/01/17 23:02:44 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\javaws.exe
[2012/01/17 23:02:43 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\javaw.exe
[2012/01/17 23:02:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\java.exe
[2012/01/17 23:02:42 | 000,141,312 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\javacpl.cpl
[2012/01/17 23:02:41 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\npdeployJava1.dll
[2012/01/17 23:02:40 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\deployJava1.dll
[2012/01/17 21:33:52 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/17 20:19:45 | 000,001,945 | ---- | M] () -- C:\WINNT\epplauncher.mif
[2012/01/10 18:19:38 | 000,000,027 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts

========== Files Created - No Company Name ==========

[2012/01/17 21:33:52 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/17 21:33:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/01/17 20:24:04 | 000,000,424 | -H-- | C] () -- C:\WINNT\tasks\MP Scheduled Scan.job
[2012/01/17 20:18:36 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/01/10 23:21:23 | 000,002,307 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2012/01/09 18:01:05 | 000,256,000 | ---- | C] () -- C:\WINNT\PEV.exe
[2012/01/09 18:01:05 | 000,208,896 | ---- | C] () -- C:\WINNT\MBR.exe
[2012/01/09 18:01:05 | 000,098,816 | ---- | C] () -- C:\WINNT\sed.exe
[2012/01/09 18:01:05 | 000,080,412 | ---- | C] () -- C:\WINNT\grep.exe
[2012/01/09 18:01:05 | 000,068,096 | ---- | C] () -- C:\WINNT\zip.exe
[2010/07/31 15:14:26 | 000,212,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/04/30 19:37:32 | 000,256,368 | ---- | C] () -- C:\Program Files\WinRAR.chm
[2010/04/30 19:37:32 | 000,141,824 | ---- | C] () -- C:\Program Files\RarExt.dll
[2010/04/30 19:37:32 | 000,052,224 | ---- | C] () -- C:\Program Files\RarExt64.dll
[2010/04/30 19:37:32 | 000,000,495 | ---- | C] () -- C:\Program Files\File_Id.diz
[2010/01/09 21:27:08 | 000,000,056 | -H-- | C] () -- C:\WINNT\System32\ezsidmv.dat
[2008/08/31 19:13:08 | 000,073,220 | ---- | C] () -- C:\WINNT\System32\EPPICPrinterDB.dat
[2008/08/31 19:13:08 | 000,000,097 | ---- | C] () -- C:\WINNT\System32\PICSDK.ini
[2008/08/31 19:13:07 | 000,031,053 | ---- | C] () -- C:\WINNT\System32\EPPICPattern131.dat
[2008/08/31 19:13:07 | 000,029,114 | ---- | C] () -- C:\WINNT\System32\EPPICPattern1.dat
[2008/08/31 19:13:07 | 000,027,417 | ---- | C] () -- C:\WINNT\System32\EPPICPattern121.dat
[2008/08/31 19:13:07 | 000,021,021 | ---- | C] () -- C:\WINNT\System32\EPPICPattern3.dat
[2008/08/31 19:13:07 | 000,015,670 | ---- | C] () -- C:\WINNT\System32\EPPICPattern5.dat
[2008/08/31 19:13:07 | 000,013,280 | ---- | C] () -- C:\WINNT\System32\EPPICPattern2.dat
[2008/08/31 19:13:07 | 000,010,673 | ---- | C] () -- C:\WINNT\System32\EPPICPattern4.dat
[2008/08/31 19:13:07 | 000,004,943 | ---- | C] () -- C:\WINNT\System32\EPPICPattern6.dat
[2008/08/31 19:13:07 | 000,001,140 | ---- | C] () -- C:\WINNT\System32\EPPICPresetData_PT.dat
[2008/08/31 19:13:07 | 000,001,140 | ---- | C] () -- C:\WINNT\System32\EPPICPresetData_BP.dat
[2008/08/31 19:13:07 | 000,001,137 | ---- | C] () -- C:\WINNT\System32\EPPICPresetData_ES.dat
[2008/08/31 19:13:07 | 000,001,130 | ---- | C] () -- C:\WINNT\System32\EPPICPresetData_FR.dat
[2008/08/31 19:13:07 | 000,001,130 | ---- | C] () -- C:\WINNT\System32\EPPICPresetData_CF.dat
[2008/08/31 19:13:07 | 000,001,104 | ---- | C] () -- C:\WINNT\System32\EPPICPresetData_EN.dat
[2008/08/31 19:11:38 | 000,000,044 | ---- | C] () -- C:\WINNT\EPSNX400.ini
[2008/06/19 23:32:00 | 000,001,160 | ---- | C] () -- C:\WINNT\mozver.dat
[2008/06/02 17:23:38 | 000,021,312 | ---- | C] () -- C:\WINNT\choice.exe
[2008/06/01 17:56:28 | 000,018,464 | -HS- | C] () -- C:\WINNT\System32\drivers\fidbox.dat
[2008/06/01 17:56:28 | 000,001,056 | -HS- | C] () -- C:\WINNT\System32\drivers\fidbox2.dat
[2008/05/16 13:59:02 | 000,000,374 | ---- | C] () -- C:\WINNT\wininit.ini
[2008/03/11 16:20:45 | 000,000,121 | ---- | C] () -- C:\WINNT\winzipsp.ini
[2008/02/08 02:00:14 | 000,000,080 | ---- | C] () -- C:\WINNT\SuperUtil.ini
[2008/02/08 01:51:36 | 000,000,000 | ---- | C] () -- C:\WINNT\System32\suupdate.dat
[2008/02/08 01:51:35 | 000,000,000 | ---- | C] () -- C:\WINNT\System32\mssurun.dat
[2007/12/05 03:08:52 | 001,446,464 | ---- | C] () -- C:\Program Files\Silverlight.exe
[2007/10/20 19:08:23 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PnkBstrK.sys
[2007/10/20 18:25:18 | 000,049,152 | ---- | C] () -- C:\WINNT\System32\ChCfg.exe
[2007/10/20 18:23:14 | 000,147,456 | ---- | C] () -- C:\WINNT\System32\RtlCPAPI.dll
[2007/10/18 00:00:21 | 000,055,949 | ---- | C] () -- C:\WINNT\System32\x264-uninstall.exe
[2007/10/11 05:20:56 | 000,000,000 | ---- | C] () -- C:\WINNT\System32\drivers\atwpkt2.sys
[2007/03/02 16:03:53 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/12 22:02:29 | 000,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2007/01/15 01:25:20 | 000,000,079 | ---- | C] () -- C:\WINNT\xptools.ini
[2007/01/15 01:21:58 | 000,000,120 | ---- | C] () -- C:\WINNT\System32\bn.dll
[2007/01/08 18:20:12 | 000,014,848 | ---- | C] () -- C:\WINNT\System32\BASSMOD.dll
[2006/12/18 03:43:12 | 000,000,022 | ---- | C] () -- C:\Program Files\zipnew.dat
[2006/12/18 03:43:12 | 000,000,020 | ---- | C] () -- C:\Program Files\rarnew.dat
[2006/12/18 03:42:56 | 001,039,360 | ---- | C] () -- C:\Program Files\WinRAR.exe
[2006/12/18 03:42:56 | 000,378,880 | ---- | C] () -- C:\Program Files\Rar.exe
[2006/12/18 03:42:56 | 000,246,272 | ---- | C] () -- C:\Program Files\UnRAR.exe
[2006/12/18 03:42:56 | 000,092,672 | ---- | C] () -- C:\Program Files\Default.SFX
[2006/12/18 03:42:56 | 000,074,240 | ---- | C] () -- C:\Program Files\Zip.SFX
[2006/12/18 03:42:56 | 000,069,632 | ---- | C] () -- C:\Program Files\WinCon.SFX
[2006/12/18 03:42:56 | 000,045,056 | ---- | C] () -- C:\Program Files\RarExtLoader.exe
[2006/12/18 03:42:55 | 000,003,271 | ---- | C] () -- C:\Program Files\Order.htm
[2006/12/18 03:42:55 | 000,001,088 | ---- | C] () -- C:\Program Files\RarFiles.lst
[2006/12/18 03:42:55 | 000,001,063 | ---- | C] () -- C:\Program Files\Descript.ion
[2006/12/18 03:42:55 | 000,000,639 | ---- | C] () -- C:\Program Files\Uninstall.lst
[2006/11/07 20:52:05 | 000,000,044 | ---- | C] () -- C:\WINNT\liveup.ini
[2006/08/12 22:09:45 | 000,004,096 | ---- | C] () -- C:\WINNT\d3dx.dat
[2006/07/16 17:08:08 | 000,000,627 | ---- | C] () -- C:\Program Files\playlist.xml
[2006/03/23 19:13:53 | 000,052,490 | ---- | C] () -- C:\WINNT\DcArt32presets.ini
[2006/03/05 01:46:11 | 000,001,610 | ---- | C] () -- C:\WINNT\GPlrLanc.dat
[2005/12/13 17:30:33 | 000,122,535 | ---- | C] () -- C:\WINNT\RSEDNClientUninstaller.exe
[2005/11/22 00:41:22 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\mpauth.dat
[2005/09/26 18:27:37 | 000,000,028 | ---- | C] () -- C:\WINNT\Systems.ini
[2005/08/31 18:05:37 | 000,000,075 | ---- | C] () -- C:\WINNT\System32\sysogg.dll
[2005/07/09 06:00:53 | 000,000,008 | ---- | C] () -- C:\WINNT\System32\wtl.dat
[2005/07/09 05:25:40 | 000,000,004 | ---- | C] () -- C:\WINNT\System32\micr0st.dll
[2005/07/09 05:16:13 | 000,129,024 | ---- | C] () -- C:\WINNT\UNWISE.EXE
[2005/05/20 21:35:09 | 000,000,056 | RHS- | C] () -- C:\WINNT\System32\566097EC98.sys
[2005/03/21 20:59:40 | 000,000,715 | ---- | C] () -- C:\WINNT\aolback.exe.lnk
[2005/03/21 20:53:31 | 000,000,335 | ---- | C] () -- C:\WINNT\nsreg.dat
[2005/02/18 16:53:48 | 000,000,000 | ---- | C] () -- C:\WINNT\impborl.dll
[2005/02/08 14:42:45 | 000,000,092 | ---- | C] () -- C:\Program Files\play.rbn.rm&proto=rtsp
[2005/01/13 22:23:53 | 000,001,131 | ---- | C] () -- C:\WINNT\System32\vh.dat
[2005/01/04 16:19:13 | 000,001,100 | ---- | C] () -- C:\WINNT\dhstatus.dat
[2004/12/15 08:22:09 | 000,149,504 | ---- | C] () -- C:\WINNT\System32\UNWISE.EXE
[2004/10/31 18:32:17 | 000,001,100 | ---- | C] () -- C:\WINNT\checkip.dat
[2004/10/31 18:29:50 | 000,001,393 | ---- | C] () -- C:\WINNT\ipconfig.dat
[2004/09/25 22:23:36 | 000,004,569 | ---- | C] () -- C:\WINNT\System32\secupd.dat
[2004/08/29 21:52:13 | 000,131,072 | ---- | C] () -- C:\WINNT\System32\SpoonUninstall.exe
[2004/08/25 17:53:06 | 000,000,032 | ---- | C] () -- C:\WINNT\easecdripper.ini
[2004/08/25 17:28:05 | 000,003,082 | ---- | C] () -- C:\WINNT\System32\affv6628p4now.sys
[2004/08/17 01:56:38 | 000,122,880 | ---- | C] () -- C:\WINNT\UnGins.exe
[2004/08/13 03:53:41 | 000,000,014 | ---- | C] () -- C:\WINNT\msoffice.ini
[2004/07/21 21:54:24 | 000,001,125 | ---- | C] () -- C:\WINNT\winamp.ini
[2004/05/26 14:42:25 | 000,000,048 | ---- | C] () -- C:\WINNT\upth.ini
[2004/05/26 14:42:25 | 000,000,028 | ---- | C] () -- C:\WINNT\atid.ini
[2004/02/11 07:50:12 | 000,363,520 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2004/02/07 14:41:59 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/22 12:00:28 | 000,012,635 | ---- | C] () -- C:\WINNT\System32\DAntivirus.ini
[2003/10/25 14:37:35 | 000,067,857 | ---- | C] () -- C:\WINNT\cdPlayer.ini
[2003/10/22 10:05:08 | 000,000,030 | ---- | C] () -- C:\WINNT\Morphexe.INI
[2003/10/08 13:34:26 | 000,121,440 | ---- | C] () -- C:\WINNT\System32\MSDRMCtrl.dll
[2003/08/27 18:06:58 | 000,000,027 | ---- | C] () -- C:\WINNT\UP9ASP.INI
[2003/08/27 17:33:30 | 000,006,550 | ---- | C] () -- C:\WINNT\jautoexp.dat
[2003/08/27 16:45:53 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\YCRWin32.dll
[2003/08/27 14:24:03 | 000,000,242 | ---- | C] () -- C:\WINNT\qwimp.ini
[2003/08/26 16:10:20 | 000,000,120 | ---- | C] () -- C:\WINNT\SIERRA.INI
[2003/08/23 13:49:22 | 000,000,396 | ---- | C] () -- C:\WINNT\intuprof.ini
[2003/08/23 13:48:46 | 000,000,880 | ---- | C] () -- C:\WINNT\QUICKEN.INI
[2003/08/22 20:05:57 | 000,002,241 | ---- | C] () -- C:\WINNT\hpdj5600.ini
[2003/08/22 20:05:25 | 000,000,414 | ---- | C] () -- C:\WINNT\hpbvspst.ini
[2003/07/16 14:22:18 | 000,000,061 | ---- | C] () -- C:\WINNT\smscfg.ini
[2003/07/14 13:30:28 | 000,197,120 | ---- | C] () -- C:\WINNT\patchw32.dll
[2003/07/01 19:23:27 | 000,000,000 | ---- | C] () -- C:\WINNT\System32\a3d.dll
[2003/07/01 19:10:07 | 000,000,370 | ---- | C] () -- C:\WINNT\ODBC.INI
[2003/07/01 19:07:33 | 000,282,624 | ---- | C] () -- C:\WINNT\System32\PCDrSystemInformation.dll
[2003/07/01 19:05:00 | 000,094,208 | ---- | C] () -- C:\WINNT\System32\PCDrKernelModeServices.dll
[2003/07/01 19:05:00 | 000,077,824 | ---- | C] () -- C:\WINNT\System32\ProgressTrace.dll
[2003/07/01 19:03:46 | 000,000,561 | ---- | C] () -- C:\WINNT\System32\OEMINFO.INI
[2003/07/01 19:02:45 | 000,466,944 | ---- | C] () -- C:\WINNT\System32\SLLights.dll
[2003/07/01 19:02:45 | 000,376,832 | ---- | C] () -- C:\WINNT\System32\slmh.exe
[2003/07/01 19:02:45 | 000,167,936 | ---- | C] () -- C:\WINNT\System32\minirec.exe
[2003/07/01 19:02:45 | 000,151,552 | ---- | C] () -- C:\WINNT\System32\amr_cpl.dll
[2003/07/01 19:02:45 | 000,061,440 | ---- | C] () -- C:\WINNT\SmCfg.exe
[2003/05/16 11:56:01 | 000,000,770 | ---- | C] () -- C:\WINNT\orun32.ini
[2003/05/16 10:34:34 | 000,002,048 | --S- | C] () -- C:\WINNT\bootstat.dat
[2003/05/16 10:26:45 | 000,021,640 | ---- | C] () -- C:\WINNT\System32\emptyregdb.dat
[2003/05/16 10:20:03 | 000,004,073 | ---- | C] () -- C:\WINNT\ODBCINST.INI
[2003/05/16 10:18:53 | 000,221,632 | ---- | C] () -- C:\WINNT\System32\FNTCACHE.DAT
[2003/03/27 15:28:44 | 000,004,955 | ---- | C] () -- C:\WINNT\System32\DProg.ini
[2002/11/14 11:58:04 | 000,200,192 | ---- | C] () -- C:\WINNT\System32\ir50_qc.dll
[2002/11/14 11:58:04 | 000,183,808 | ---- | C] () -- C:\WINNT\System32\ir50_qcx.dll
[2002/11/14 11:58:02 | 000,755,200 | ---- | C] () -- C:\WINNT\System32\ir50_32.dll
[2002/11/14 11:58:02 | 000,338,432 | ---- | C] () -- C:\WINNT\System32\ir41_qcx.dll
[2002/11/14 11:58:02 | 000,120,320 | ---- | C] () -- C:\WINNT\System32\ir41_qc.dll
[2002/10/15 16:54:04 | 000,153,088 | ---- | C] () -- C:\WINNT\System32\unrar.dll
[2002/10/06 12:42:58 | 000,237,568 | ---- | C] () -- C:\WINNT\System32\OggDS.dll
[2002/10/04 17:04:26 | 000,921,600 | ---- | C] () -- C:\WINNT\System32\VorbisEnc.dll
[2002/10/04 17:04:26 | 000,188,416 | ---- | C] () -- C:\WINNT\System32\vorbis.dll
[2002/10/04 17:04:18 | 000,045,056 | ---- | C] () -- C:\WINNT\System32\ogg.dll
[2002/09/06 10:36:16 | 000,233,472 | ---- | C] () -- C:\WINNT\System32\lame_enc.dll
[2002/05/15 18:38:40 | 000,091,136 | ---- | C] () -- C:\WINNT\System32\mp4fil32.dll
[2002/05/04 08:19:00 | 000,049,152 | ---- | C] () -- C:\WINNT\System32\avisynthEx.dll
[2002/04/19 09:23:26 | 000,106,137 | ---- | C] () -- C:\WINNT\System32\libpostproc.dll
[2001/08/29 18:57:40 | 000,155,648 | ---- | C] () -- C:\WINNT\System32\addurl41.DLL
[2001/07/10 13:43:16 | 000,018,432 | ---- | C] () -- C:\WINNT\System32\winwatch.DLL
[2001/06/22 06:06:02 | 000,167,936 | ---- | C] () -- C:\WINNT\System32\MPEG2DEC.dll
[2000/09/08 16:53:50 | 000,073,839 | ---- | C] () -- C:\WINNT\System32\KodakOneTouch.dll
[1979/12/31 23:00:00 | 013,107,200 | ---- | C] () -- C:\WINNT\System32\oembios.bin
[1979/12/31 23:00:00 | 000,673,088 | ---- | C] () -- C:\WINNT\System32\mlang.dat
[1979/12/31 23:00:00 | 000,433,414 | ---- | C] () -- C:\WINNT\System32\perfh009.dat
[1979/12/31 23:00:00 | 000,272,128 | ---- | C] () -- C:\WINNT\System32\perfi009.dat
[1979/12/31 23:00:00 | 000,218,003 | ---- | C] () -- C:\WINNT\System32\dssec.dat
[1979/12/31 23:00:00 | 000,188,416 | ---- | C] () -- C:\WINNT\System32\slextspk.dll
[1979/12/31 23:00:00 | 000,159,744 | ---- | C] () -- C:\WINNT\System32\SLGen.dll
[1979/12/31 23:00:00 | 000,068,244 | ---- | C] () -- C:\WINNT\System32\perfc009.dat
[1979/12/31 23:00:00 | 000,049,152 | ---- | C] () -- C:\WINNT\System32\coinst.dll
[1979/12/31 23:00:00 | 000,046,258 | ---- | C] () -- C:\WINNT\System32\mib.bin
[1979/12/31 23:00:00 | 000,028,626 | ---- | C] () -- C:\WINNT\System32\perfd009.dat
[1979/12/31 23:00:00 | 000,024,576 | ---- | C] () -- C:\WINNT\slrundll.exe
[1979/12/31 23:00:00 | 000,005,114 | ---- | C] () -- C:\WINNT\System32\oembios.dat
[1979/12/31 23:00:00 | 000,001,804 | ---- | C] () -- C:\WINNT\System32\dcache.bin
[1979/12/31 23:00:00 | 000,000,741 | ---- | C] () -- C:\WINNT\System32\noise.dat

========== LOP Check ==========

[2010/06/11 18:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/07/21 19:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/08/31 21:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2007/01/06 14:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2005/08/09 17:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/05/10 22:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2009/12/07 18:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/07/07 19:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/11/06 19:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/01/03 05:06:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/10/18 21:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/07 18:04:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2007/01/04 23:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus
[2010/06/21 16:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DC++
[2008/09/05 16:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\eBookPro6
[2010/07/07 21:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GlarySoft
[2003/08/05 22:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2008/08/31 21:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leader Technologies
[2008/08/31 19:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2010/02/16 23:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\minimem
[2011/09/05 15:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCTools
[2011/05/09 07:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCToolsFirewallPlus
[2008/08/15 02:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PhotoParade
[2009/11/28 20:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Playrix Entertainment
[2009/10/19 00:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SharePod
[2009/01/04 23:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skinux
[2009/05/02 11:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skunk Studios
[2011/05/09 07:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Spam Monitor
[2009/11/29 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sudden Games
[2009/04/15 01:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Systweak
[2009/09/26 16:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TikisLab
[2005/12/15 03:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2008/02/12 04:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2011/06/29 14:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Wal-Mart Digital Photo Viewer
[2007/10/07 11:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Walgreens
[2006/08/12 22:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Wildfire
[2012/02/08 23:50:24 | 000,000,424 | -H-- | M] () -- C:\WINNT\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/01/04 22:00:56 | 000,000,207 | ---- | M] () -- C:\Boot.bak
[2012/01/09 18:05:00 | 000,000,323 | RHS- | M] () -- C:\boot.ini
[2003/05/16 10:04:38 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2012/01/10 18:33:03 | 000,017,405 | ---- | M] () -- C:\ComboFix.txt
[2005/11/05 06:33:56 | 000,023,188 | ---- | M] () -- C:\devicetable.log
[1999/04/23 21:22:00 | 000,068,871 | RHS- | M] () -- C:\DRVSPACE.BIN
[2008/06/01 15:16:26 | 000,000,182 | ---- | M] () -- C:\drwtsn32.log
[2006/10/22 16:19:22 | 000,174,485 | ---- | M] () -- C:\hpfr5600.log
[2004/09/02 22:33:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/11 17:54:21 | 000,000,350 | -H-- | M] () -- C:\IPH.PH
[2010/06/15 20:54:42 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2004/09/02 22:33:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/09/26 04:26:17 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/06/02 16:48:22 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/02/08 23:22:35 | 1048,576,000 | -HS- | M] () -- C:\pagefile.sys
[2012/01/09 17:56:57 | 000,053,072 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_09.01.2012_17.52.13_log.txt
[2012/01/15 15:55:56 | 000,052,958 | ---- | M] () -- C:\TDSSKiller.2.7.1.0_15.01.2012_15.48.59_log.txt
[2008/02/08 16:01:02 | 000,000,178 | ---- | M] () -- C:\uninstall_rd.bat
[2008/01/24 01:33:58 | 000,000,150 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINNT\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINNT\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINNT\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINNT\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2003/05/16 10:29:48 | 000,000,067 | -HS- | M] () -- C:\WINNT\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2005/02/18 16:53:57 | 000,471,040 | ---- | M] (ScreenTime Media) -- C:\WINNT\Portraits.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >
[2004/05/18 10:50:58 | 000,000,204 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\My Yahoo!.url
[2004/05/18 10:49:54 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Yahoo! Bookmarks.url
[2004/05/18 16:26:04 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Yahoo! Mail.url
[2004/05/18 16:13:06 | 000,000,207 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Yahoo!.url

< %APPDATA%\Microsoft\*.* >
[2004/11/01 00:11:42 | 000,001,530 | -H-- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2007/05/28 15:47:38 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
[2010/03/15 10:28:02 | 000,092,672 | ---- | M] () -- C:\Program Files\Default.SFX
[2006/09/18 19:13:58 | 000,001,063 | ---- | M] () -- C:\Program Files\Descript.ion
[2010/03/11 16:59:10 | 000,000,495 | ---- | M] () -- C:\Program Files\File_Id.diz
[2009/01/08 10:07:21 | 000,006,806 | ---- | M] () -- C:\Program Files\License.txt
[2007/05/28 15:47:34 | 000,003,425 | ---- | M] () -- C:\Program Files\msdll.txt
[2007/05/28 15:47:38 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\msvcm80.dll
[2007/05/28 15:47:38 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\msvcp80.dll
[2007/05/28 15:47:38 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\msvcr80.dll
[2006/10/22 09:21:24 | 000,003,271 | ---- | M] () -- C:\Program Files\Order.htm
[2006/07/12 10:55:05 | 000,000,092 | ---- | M] () -- C:\Program Files\play.rbn.rm&proto=rtsp
[2006/07/16 17:16:10 | 000,000,627 | ---- | M] () -- C:\Program Files\playlist.xml
[2010/03/15 10:26:53 | 000,378,880 | ---- | M] () -- C:\Program Files\Rar.exe
[2010/03/11 16:59:10 | 000,076,080 | ---- | M] () -- C:\Program Files\Rar.txt
[2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\RarExt.dll
[2010/03/15 10:28:25 | 000,052,224 | ---- | M] () -- C:\Program Files\RarExt64.dll
[2010/03/15 10:28:23 | 000,045,056 | ---- | M] () -- C:\Program Files\RarExtLoader.exe
[2006/04/11 10:01:02 | 000,001,088 | ---- | M] () -- C:\Program Files\RarFiles.lst
[2006/12/18 03:43:12 | 000,000,020 | ---- | M] () -- C:\Program Files\rarnew.dat
[2009/03/05 23:53:53 | 000,001,495 | ---- | M] () -- C:\Program Files\ReadMe.txt
[2007/12/05 03:08:43 | 001,446,464 | ---- | M] () -- C:\Program Files\Silverlight.exe
[2010/03/11 16:59:10 | 000,009,232 | ---- | M] () -- C:\Program Files\TechNote.txt
[2010/03/15 10:29:05 | 000,000,639 | ---- | M] () -- C:\Program Files\Uninstall.lst
[2010/03/15 10:26:53 | 000,246,272 | ---- | M] () -- C:\Program Files\UnRAR.exe
[2005/05/12 16:02:30 | 000,000,090 | ---- | M] () -- C:\Program Files\UnrarSrc.txt
[2010/03/11 16:58:43 | 000,019,551 | ---- | M] () -- C:\Program Files\WhatsNew.txt
[2010/03/15 10:27:00 | 000,069,632 | ---- | M] () -- C:\Program Files\WinCon.SFX
[2010/03/15 10:28:36 | 000,256,368 | ---- | M] () -- C:\Program Files\WinRAR.chm
[2010/03/15 10:26:37 | 001,039,360 | ---- | M] () -- C:\Program Files\WinRAR.exe
[2010/03/15 10:28:03 | 000,074,240 | ---- | M] () -- C:\Program Files\Zip.SFX
[2006/12/18 03:43:12 | 000,000,022 | ---- | M] () -- C:\Program Files\zipnew.dat

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2003/05/16 10:18:30 | 000,094,208 | ---- | M] () -- C:\WINNT\System32\config\default.sav
[2003/05/16 10:18:28 | 000,602,112 | ---- | M] () -- C:\WINNT\System32\config\software.sav
[2003/05/16 10:18:28 | 000,380,928 | ---- | M] () -- C:\WINNT\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/06/02 16:53:54 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/09/21 23:52:53 | 000,000,175 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/02/11 01:16:04 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2012/02/08 23:47:10 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\FixitCenter_Run.exe
[2012/02/08 23:58:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-01-03 22:41:39

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Program Files\play.rbn.rm&proto=rtsp:SummaryInformation

< End of report >

Advertisements

Register to Remove

#2 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 12 February 2012 - 03:53 PM

Check the date / time on your computer

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#3 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 12 February 2012 - 07:01 PM

date and time is correct. still doesn't work.

Edited by WyandotteWyno, 12 February 2012 - 07:01 PM.

#4 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 12 February 2012 - 07:03 PM

Please download Malwarebytes' Anti-Malware to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad and if required the program will ask you to reboot to remove locked files.

Post the scan results using Copy/Paste

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#5 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 12 February 2012 - 07:32 PM

Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.13.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Owner :: YOUR-3B54ED6EDD [administrator] 2/12/2012 7:09:15 PM mbam-log-2012-02-12 (19-09-15).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 187406 Time elapsed: 21 minute(s), 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

#6 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 12 February 2012 - 07:34 PM

This might not be an infection causing this but we'll try another tool.

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:
1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1
Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
Double click on ComboFix.exe & follow the prompts.

Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.

Note: If you have XP SP3, use the XP SP2 package.
If Vista or Windows 7, skip the Recovery Console part
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#7 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 12 February 2012 - 08:32 PM

The issue is still present

ComboFix 12-02-12.01 - Owner 02/12/2012 19:59:50.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.604 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2012-01-13 to 2012-02-13 )))))))))))))))))))))))))))))))
.
.
2012-02-13 01:07 . 2012-02-13 01:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-13 01:07 . 2011-12-10 21:24 20464 ----a-w- c:\winnt\system32\drivers\mbam.sys
2012-02-12 12:34 . 2012-02-12 12:34 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{959F92A0-7349-4E04-B59B-7B527357DDF7}\offreg.dll
2012-02-12 12:34 . 2012-02-12 12:34 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{959F92A0-7349-4E04-B59B-7B527357DDF7}\MpKslbc4c659b.sys
2012-02-12 05:52 . 2012-01-17 10:39 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{959F92A0-7349-4E04-B59B-7B527357DDF7}\mpengine.dll
2012-01-24 14:39 . 2012-01-17 10:39 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-18 05:06 . 2012-01-18 05:06 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Sun
2012-01-18 05:04 . 2012-01-18 05:04 -------- d-----w- c:\program files\Common Files\Java
2012-01-18 05:04 . 2012-01-18 05:02 141312 ----a-w- c:\winnt\system32\javacpl.cpl
2012-01-18 05:04 . 2012-01-18 05:02 637848 ----a-w- c:\winnt\system32\npdeployJava1.dll
2012-01-18 05:04 . 2012-01-18 05:02 567184 ----a-w- c:\winnt\system32\deployJava1.dll
2012-01-18 02:18 . 2012-01-18 02:19 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-17 05:39 . 2012-01-17 05:39 -------- dc----w- C:\_OTL
2012-01-14 04:23 . 2012-01-14 04:26 -------- dc----w- C:\c1d7fc001171605dddde
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-29 11:10 . 2012-01-05 03:37 237072 ------w- c:\winnt\system32\MpSigStub.exe
2011-11-29 03:24 . 2011-07-23 03:16 414368 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:25 . 1980-01-01 05:00 1859584 ----a-w- c:\winnt\system32\win32k.sys
2010-03-15 16:28 . 2010-05-01 01:37 52224 -c--a-w- c:\program files\RarExt64.dll
2010-03-15 16:28 . 2006-12-18 09:42 45056 -c--a-w- c:\program files\RarExtLoader.exe
2010-03-15 16:28 . 2010-05-01 01:37 141824 ----a-w- c:\program files\RarExt.dll
2010-03-15 16:28 . 2006-12-18 09:42 74240 -c--a-w- c:\program files\Zip.SFX
2010-03-15 16:28 . 2006-12-18 09:42 92672 -c--a-w- c:\program files\Default.SFX
2010-03-15 16:27 . 2006-12-18 09:42 69632 -c--a-w- c:\program files\WinCon.SFX
2010-03-15 16:26 . 2006-12-18 09:42 378880 -c--a-w- c:\program files\Rar.exe
2010-03-15 16:26 . 2006-12-18 09:42 246272 -c--a-w- c:\program files\UnRAR.exe
2010-03-15 16:26 . 2006-12-18 09:42 1039360 ----a-w- c:\program files\WinRAR.exe
2007-12-05 09:08 . 2007-12-05 09:08 1446464 -c--a-w- c:\program files\Silverlight.exe
2007-05-28 21:47 . 2008-06-01 23:56 626688 -c--a-w- c:\program files\msvcr80.dll
2007-05-28 21:47 . 2008-06-01 23:56 548864 -c--a-w- c:\program files\msvcp80.dll
2007-05-28 21:47 . 2008-06-01 23:56 479232 -c--a-w- c:\program files\msvcm80.dll
2007-05-28 21:47 . 2008-06-01 23:56 1030144 -c--a-w- c:\program files\dbghelp.dll
2012-02-12 20:23 . 2012-01-18 03:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-10_00.41.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-09 05:23 . 2012-02-09 05:23 16384 c:\winnt\Temp\Perflib_Perfdata_26c.dat
+ 2012-01-18 05:04 . 2012-01-18 05:02 223112 c:\winnt\system32\javaws.exe
+ 2012-01-18 05:04 . 2012-01-18 05:02 173960 c:\winnt\system32\javaw.exe
+ 2012-01-18 05:04 . 2012-01-18 05:02 173960 c:\winnt\system32\java.exe
+ 2012-01-18 05:04 . 2012-01-18 05:04 176128 c:\winnt\Installer\b37fa.msi
+ 2012-01-18 05:02 . 2012-01-18 05:02 938496 c:\winnt\Installer\b37f5.msi
+ 2012-01-18 02:19 . 2012-01-18 02:19 785920 c:\winnt\Installer\460596a.msi
+ 2012-01-18 02:18 . 2012-01-18 02:18 483840 c:\winnt\Installer\4605964.msi
+ 2012-01-18 02:18 . 2012-01-18 02:18 301056 c:\winnt\Installer\460595f.msi
+ 2012-01-11 05:22 . 2012-01-11 05:22 3947520 c:\winnt\Installer\1147098.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk]
backup=c:\winnt\pss\Billminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
backup=c:\winnt\pss\Quicken Scheduled Updates.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk]
backup=c:\winnt\pss\Quicken Startup.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SBC Self Support Tool.lnk]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-04 04:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-02-19 05:09 133104 ----atw- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-01-23 16:31 126976 -c--a-w- c:\winnt\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-01-23 16:36 155648 -c--a-w- c:\winnt\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 20:53 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2005-10-12 23:13 7086080 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 16:17 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"KodakCCS"=2 (0x2)
"AOL ACS"=2 (0x2)
"ACDaemon"=3 (0x3)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" /background
"Aim6"="c:\program files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
"ctfmon.exe"=c:\winnt\system32\ctfmon.exe
"Google Update"="c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"AOLDialer"=c:\program files\Common Files\AOL\ACS\AOLDial.exe
"HostManager"="c:\program files\Common Files\AOL\1141465714\ee\AOLSoftware.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"MSConfig"=c:\winnt\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
"HP Software Update"=c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
"HPDJ Taskbar Utility"=c:\winnt\System32\spool\drivers\w32x86\3\hpztsb08.exe
"medicsp2"="c:\program files\twc\medicsp2\bin\sprtcmd.exe" /P medicsp2
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"HotKeysCmds"=c:\winnt\system32\hkcmd.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\PnkBstrK.sys"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\WINNT\\system32\\spool\\drivers\\w32x86\\3\\E_DUPA30.EXE"=
"c:\\WINNT\\system32\\mmc.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2234:TCP"= 2234:TCP:Soulseek
"9420:TCP"= 9420:TCP:RSP
"1035:TCP"= 1035:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R1 MpKslbc4c659b;MpKslbc4c659b;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{959F92A0-7349-4E04-B59B-7B527357DDF7}\MpKslbc4c659b.sys [2/12/2012 6:34 AM 29904]
R1 SBRE;SBRE;c:\winnt\system32\drivers\SBREDrv.sys [2/10/2010 11:24 PM 95024]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\winnt\system32\drivers\nx6000.sys [1/20/2010 7:43 PM 30576]
S0 TfFsMon;TfFsMon;c:\winnt\system32\drivers\TfFsMon.sys --> c:\winnt\system32\drivers\TfFsMon.sys [?]
S0 TFSysMon;TfSysMon;c:\winnt\system32\drivers\TfSysMon.sys --> c:\winnt\system32\drivers\TfSysMon.sys [?]
S1 SuperMounter;SuperMounter; [x]
S2 mrtRate;mrtRate; [x]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\winnt\system32\DRIVERS\netaapl.sys --> c:\winnt\system32\DRIVERS\netaapl.sys [?]
S3 TfNetMon;TfNetMon;\??\c:\winnt\system32\drivers\TfNetMon.sys --> c:\winnt\system32\drivers\TfNetMon.sys [?]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\winnt\system32\Drivers\VMUVC.sys --> c:\winnt\system32\Drivers\VMUVC.sys [?]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\winnt\system32\drivers\vvftUVC.sys --> c:\winnt\system32\drivers\vvftUVC.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLBC4C659B
*Deregistered* - IPVNMon
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-13 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-4096060120-124127034-945509873-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-19 05:09]
.
2012-02-13 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-4096060120-124127034-945509873-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-19 05:09]
.
2007-09-07 c:\winnt\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 23:52]
.
2012-02-12 c:\winnt\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 21:39]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.rr.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: Yahoo! Chat - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\qaydy8da.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Aim6 - c:\program files\AIM6\aim6.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-12 20:12
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4096060120-124127034-945509873-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(204)
c:\winnt\system32\WININET.dll
c:\winnt\system32\ieframe.dll
c:\winnt\system32\webcheck.dll
c:\winnt\system32\WPDShServiceObj.dll
c:\winnt\system32\PortableDeviceTypes.dll
c:\winnt\system32\PortableDeviceApi.dll
.
Completion time: 2012-02-12 20:16:28
ComboFix-quarantined-files.txt 2012-02-13 02:16
ComboFix2.txt 2012-01-11 00:33
ComboFix3.txt 2012-01-10 07:44
ComboFix4.txt 2012-01-10 00:53
.
Pre-Run: 22,946,664,448 bytes free
Post-Run: 22,994,980,864 bytes free
.
- - End Of File - - 310A8B20FF994003BE0039F549DF0606

Edited by WyandotteWyno, 12 February 2012 - 08:33 PM.

#8 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 13 February 2012 - 07:06 AM

Have you contacted with AOL?

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#9 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 13 February 2012 - 01:36 PM

no i have not.

#10 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 13 February 2012 - 02:09 PM

just called and asked about the issue and they tried charging me so I told them no thanks. lol i double checked the date/time/time zone again and its all correct still. i also looked at the certificate info on the original error page and it said that it should be good until 2014.

Advertisements

Register to Remove

#11 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 13 February 2012 - 03:39 PM

That's the only reason I've ever seen that error.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#12 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 13 February 2012 - 06:10 PM

I know when my power goes out I usually have to adjust the date/time to beable to use the internet. Here is what it says about the certificate error on Internet Explorer help. This error occurs when the certificate has been issued by a certification authority that is not recognized by Internet Explorer. It is unlikely that this error will occur on a legitimate business or banking site. Phishing sites often attempt to use fake certificates that will trigger this error. Thats troubling because its aol.com don't you think?

#13 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 13 February 2012 - 06:39 PM

Open your Time/Date
Internet Time > make sure Automatic is checked and the server is time.windows.com
Click Update

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#14 WyandotteWyno

Authentic Member

Authentic Member
33 posts

Posted 13 February 2012 - 07:13 PM

Done. Still get the certificate error. This is weird because I've never had this problem unless the power has gone out.

#15 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 13 February 2012 - 07:16 PM

Try uninstalling AOL and re-install it

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

Body Background

skin color theme