WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93125 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

[Resolved] Malwarebytes not working Plus More

Started by topband , Mar 01 2009 08:59 PM

Page 7 of 11
5
6
7
8
9

This topic is locked

152 replies to this topic

#91 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 09 August 2009 - 09:58 AM

Hi Topband, Have tried disabling OnLine Armor to see if browsing improves? Thanks

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Advertisements

Register to Remove

#92 topband

Authentic Member

Authentic Member
83 posts

Posted 09 August 2009 - 01:10 PM

hi om...yes armor has been off for a while ....i noticed now that firefox (the usual browser i use) freezes up when i try to answer you and then when i switch to explorer it reacts fairly normal ... so should i uninstall firefox and reinstall it? .... i just now ran a speed test with speakeasy.net and it showed 5 mb download and 650 kb upload which is aobut the tops on this config ..... i'll keep working with explorer ...how bout microsoft ...did they make something change on the interfaces ? i noticed my old students WORD program runs pretty wacky ....freezing and other junk i forgot ....i'll try explorer for awhile ...what do you think on this one ? i'll update you on more after i use this explorere xclusively for a few days ..got any other ideas ? thnx om jh ps question on virtual memory (cuz i get that low memory prompt sometimes...what is the right setting for that ? thnx

#93 topband

Authentic Member

Authentic Member
83 posts

Posted 09 August 2009 - 02:24 PM

hi om OK explorer is the same ...freezes and slow ...what about system settings ? did something change or did i inadvertantly set some calibration wrong ? how do we analyze that possibility ? must be huge right ? thnx om ...cant believe the amount of time used just navigating these things ... something is in this one ....jh

#94 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 09 August 2009 - 05:52 PM

Hi Topband, Can you live with it for a few days? I need to be absent from the forums for a bit. Thanks for understanding.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#95 topband

Authentic Member

Authentic Member
83 posts

Posted 10 August 2009 - 01:09 AM

no prob OM thnx for the email jh

#96 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 23 August 2009 - 10:20 AM

Hi Topband,

Sorry about the delay, I missed your post after I got back. Let's take another look at this system.

Please read through these instructions to familarize yourself with what to expect when this tool runs

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Please post back with the combofix log.

Thanks

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#97 topband

Authentic Member

Authentic Member
83 posts

Posted 06 October 2009 - 11:08 PM

OK OM Hello Sir

Back in the Crack as some moron might say ...

OK where were we ? The Computer B is the unit i am communicating on ...Computer A is the machine of choice faster newer etc .... we got to the point of fixing B pretty good ...good enuff still somethings on that one ...but nevertheless ...time now to attack Computer A ...

COMP A will NOT connect to the internet for some reason I dont know why ...can't figure it and there are some programs on there I cannot lose so i cant erase the memory and start over ...unless you know how to save PROGRAMS somehow which i dont ..otherwise the computer A runs pretty good ...so on to the FIX sir;

Here is the latest procedures I have done

Loaded and RAN the Disinfectant (scan/hidden file autorun.inf) on the FLASH DRIVE as you suggested because I will be moving thing to the other computer on that (Comp A)

I loaded and I have run the OTList2 you gave me a while back on to that flash drive and and below is the LOG:

hope this one is EZ OM thank you for your help

OTListIt logfile created on: 10/6/2009 9:13:36 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 595.38 Mb Available Physical Memory | 62.12% Memory free
2.85 Gb Paging File | 2.62 Gb Available in Paging File | 91.83% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 289.23 Gb Total Space | 164.84 Gb Free Space | 56.99% Space Free | Partition Type: NTFS
Drive D: | 8.83 Gb Total Space | 0.39 Gb Free Space | 4.39% Space Free | Partition Type: FAT32
Drive E: | 22.45 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1.89 Gb Total Space | 0.47 Gb Free Space | 24.96% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOPBAND
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2007/06/13 03:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/08/02 23:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 20:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2008/10/19 15:44:35 | 00,147,456 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006/06/21 04:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/07/21 17:53:04 | 00,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2001/02/23 11:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2002/12/17 18:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlservr.exe
PRC - [2006/05/09 15:50:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005/08/05 20:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2008/04/13 17:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009/05/22 01:26:10 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2005/08/02 23:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe -- (ARSVC [Auto | Running])
SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 20:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2003/03/24 11:54:46 | 00,073,728 | ---- | M] () -- C:\Program Files\LEAD Technologies, Inc\LEADTOOLS ePrint 3.0\Bin\LPSVS03N.EXE -- (EPrint III Service [Disabled | Stopped])
SRV - [2007/09/07 10:58:57 | 01,838,592 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager [Disabled | Stopped])
SRV - [2009/03/20 22:29:22 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2004/08/09 21:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/22 10:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2007/12/11 13:10:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/10/19 15:44:35 | 00,147,456 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/06/21 04:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/07/21 17:53:04 | 00,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service [Auto | Running])
SRV - [2005/08/05 20:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2001/02/23 11:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])
SRV - [2004/08/10 03:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2002/12/17 18:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlservr.exe -- (MSSQL$RETSDATA [Auto | Running])
SRV - [2002/12/17 18:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2006/05/09 15:50:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2007/08/09 00:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Disabled | Stopped])
SRV - [2007/08/24 15:53:14 | 00,072,176 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10 [Disabled | Stopped])
SRV - [2007/08/24 15:53:16 | 00,362,992 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10 [Disabled | Stopped])
SRV - [2007/08/24 15:52:48 | 00,309,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10 [Auto | Stopped])
SRV - [2007/08/24 15:52:38 | 01,083,888 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10 [Disabled | Stopped])
SRV - [2007/08/24 15:52:46 | 00,166,384 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10 [Auto | Stopped])
SRV - File not found -- -- (SessionLauncher [Disabled | Stopped])
SRV - [2002/12/17 18:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlagent.EXE -- (SQLAgent$RETSDATA [On_Demand | Stopped])
SRV - File not found -- -- (ThreatFire [Disabled | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 11:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2005/03/09 14:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2004/03/10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [1999/09/10 12:06:00 | 00,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32 [System | Running])
DRV - [2008/04/13 11:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2001/11/08 15:06:00 | 00,051,072 | ---- | M] (SCM Microsystems Inc.) -- C:\WINDOWS\system32\DRIVERS\EUSBMSD.SYS -- (EUSBMSD [On_Demand | Stopped])
DRV - [2006/09/19 12:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/04/13 16:47:38 | 00,168,064 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\system32\DRIVERS\hcwPP2.sys -- (hcwPP2 [On_Demand | Running])
DRV - [2008/04/13 09:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2004/10/04 16:26:03 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/10/04 16:26:04 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2004/10/04 16:26:08 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2005/12/06 11:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys -- (HSXHWBS2 [On_Demand | Running])
DRV - [2005/12/06 11:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_DP.sys -- (HSX_DP [On_Demand | Running])
DRV - [2006/06/14 11:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008/04/13 11:45:34 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\IrBus.sys -- (IrBus [On_Demand | Stopped])
DRV - [2005/10/05 15:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/04/13 11:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2007/05/03 14:37:08 | 00,022,152 | ---- | M] (Maxtor Corp.) -- C:\WINDOWS\system32\DRIVERS\mxopswd.sys -- (MXOPSWD [On_Demand | Stopped])
DRV - [2006/05/09 15:50:00 | 03,535,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006/03/03 15:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006/03/03 15:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2002/03/19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\pclepci.sys -- (PCLEPCI [System | Running])
DRV - [2005/12/12 17:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Stopped])
DRV - [2004/08/09 21:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/07/31 15:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/03 14:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2007/08/18 03:09:04 | 00,057,328 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DRIVERS\RxFilter.sys -- (RxFilter [Disabled | Stopped])
DRV - [2007/04/09 05:27:07 | 00,031,548 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
DRV - [2008/04/13 09:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2006/08/18 13:55:08 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
DRV - [2009/02/26 22:36:37 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2008/04/13 11:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2005/12/06 11:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys -- (winachsx [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "www.topbandevents.com"
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5

FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Components: C:\PROGRAM FILES\FLOCK\COMPONENTS
FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\PROGRAM FILES\FLOCK\PLUGINS [2009/10/05 18:33:33 | 00,000,000 | ---D | M]

[2009/01/11 15:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions
[2009/01/11 15:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2009/01/09 20:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/11 15:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\jv7pb2x6.default\extensions
[2009/01/09 20:23:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\jv7pb2x6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/01/11 15:46:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/09/03 16:28:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/07/06 15:35:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 24 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/18 13:38:06 | 00,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2007/12/26 23:23:00 | 00,000,027 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009/10/06 20:32:04 | 00,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/10/06 21:13:30 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[20 C:\Documents and Settings\HP_Administrator\Desktop\*.tmp files]
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\marapihe
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\bakerulu
[2009/10/06 21:13:30 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTListIt2.exe
[2009/10/06 21:08:18 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/06 21:01:49 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/10/06 20:57:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\temp
[2009/10/06 20:41:49 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/06 18:24:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\MSNInstaller
[2009/10/05 20:14:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Previous Months
[2009/02/16 01:57:55 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/11/06 09:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 09:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/31 00:25:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2008/07/21 16:14:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI
[2007/10/28 15:40:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/09/27 15:35:56 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/08/21 12:22:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/08/19 13:17:34 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/19 13:17:34 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2007/06/12 09:09:54 | 00,749,568 | ---- | C] () -- C:\WINDOWS\System32\swfgen.dll
[2007/06/11 14:32:16 | 00,000,031 | ---- | C] () -- C:\WINDOWS\bluevoda.ini
[2007/05/13 20:43:57 | 00,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/05/13 20:43:57 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/24 12:52:52 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/03/21 15:43:53 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2007/03/14 14:42:09 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/06 19:08:55 | 00,000,199 | ---- | C] () -- C:\WINDOWS\swacnfg.ini
[2007/03/05 13:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/03/05 13:18:44 | 00,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/03/03 19:23:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OlaUtl32.INI
[2007/03/03 19:22:59 | 00,001,625 | ---- | C] () -- C:\WINDOWS\OLAGNT32.INI
[2007/03/02 00:34:14 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/18 14:05:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/18 13:46:03 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/08/18 13:41:33 | 00,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/08/18 13:41:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/08/18 13:38:20 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/18 13:27:41 | 00,000,252 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/18 13:27:06 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/08/18 13:21:33 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/08/18 13:19:27 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/08/18 13:18:11 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 13:18:11 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 13:18:11 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 13:18:11 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/18 13:18:11 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 13:18:11 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/18 13:18:11 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/18 13:17:01 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/08/18 12:56:18 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/08/18 12:56:18 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/08/18 12:56:02 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/08/30 21:02:00 | 00,000,709 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/30 13:52:36 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/05 21:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 23:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/09 21:00:00 | 00,001,920 | ---- | C] () -- C:\WINDOWS\System32\i6fhtwwt.dll
[2004/07/26 07:51:38 | 00,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/18 08:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2002/02/27 09:41:28 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002/02/27 09:41:26 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002/02/27 09:41:26 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2000/10/01 23:23:36 | 00,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll
[1998/12/08 11:09:44 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1998/12/08 11:09:44 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[1998/12/08 11:09:44 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\lffpx90n.dll
[1996/04/01 10:00:00 | 00,000,200 | ---- | C] () -- C:\WINDOWS\System32\CAPTURE2.INI

========== Files - Modified Within 30 Days ==========

[287 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[20 C:\Documents and Settings\HP_Administrator\Desktop\*.tmp files]
[2009/10/06 21:10:06 | 00,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{17F015C8-57FA-45D9-B2E3-851F92A5E8AA}.job
[2009/10/06 21:05:24 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/10/06 21:05:10 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/10/06 21:05:09 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\desktop.ini
[2009/10/06 21:05:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/06 21:05:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/06 21:05:01 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/06 20:52:51 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/06 20:52:23 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/06 20:52:12 | 00,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2769080022-1748412195-781348209-1007.job
[2009/10/06 20:10:26 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2009/10/06 10:16:38 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2009/10/05 18:41:33 | 00,000,031 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2009/10/05 18:11:05 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/10/05 18:03:05 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/09/14 02:12:36 | 00,229,888 | ---- | M] () -- C:\WINDOWS\PEV.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\Snapshot_002.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\Inka King TOP BAND Mix.mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\centre_logo.tif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\(Unknown) - Still 001.jpg:Roxio EMC Stream
< End of report >

#98 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 09 October 2009 - 07:15 AM

Hi TopBand, Nice to see you again. It's been awhile, so I'll have to review this thread and see what we were doing. I will be off line most of this weekend so you may not hear from me for a day or 2.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#99 topband

Authentic Member

Authentic Member
83 posts

Posted 27 October 2009 - 11:27 PM

hi OM ...are you back ? thought i'd gkve it a rest till you were ianto this one ...nothing has changed on comp a and the scan results should be the same .... the issue is ...it will not go online ....no browser will open online .... thanks for looking at this if you have time john hancock

#100 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 28 October 2009 - 01:50 AM

Hi Topband,

OTListIt2 has been updated, it now called OTL. You last log is a few weeks old and things may have chaned.So if you can give me a new log we'll see what we can do.

Here's the instructions for OTL

Download OTListIt2 to your desktop.

Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Thanks

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Advertisements

Register to Remove

#101 topband

Authentic Member

Authentic Member
83 posts

Posted 28 October 2009 - 02:12 AM

hi om

here is the latest OTL ...thnx

OTListIt logfile created on: 10/28/2009 1:03:56 AM - Run 3
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 604.16 Mb Available Physical Memory | 63.03% Memory free
2.85 Gb Paging File | 2.63 Gb Available in Paging File | 92.33% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 289.23 Gb Total Space | 164.40 Gb Free Space | 56.84% Space Free | Partition Type: NTFS
Drive D: | 8.83 Gb Total Space | 0.39 Gb Free Space | 4.39% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOPBAND
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2005/08/02 23:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 20:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2008/10/19 15:44:35 | 00,147,456 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006/06/21 04:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/07/21 17:53:04 | 00,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2001/02/23 11:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2002/12/17 18:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlservr.exe
PRC - [2006/05/09 15:50:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007/06/13 03:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/08/05 20:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/08/09 21:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008/04/13 17:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009/05/22 01:26:10 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2005/08/02 23:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe -- (ARSVC [Auto | Running])
SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 20:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2003/03/24 11:54:46 | 00,073,728 | ---- | M] () -- C:\Program Files\LEAD Technologies, Inc\LEADTOOLS ePrint 3.0\Bin\LPSVS03N.EXE -- (EPrint III Service [Disabled | Stopped])
SRV - [2007/09/07 10:58:57 | 01,838,592 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager [Disabled | Stopped])
SRV - [2009/03/20 22:29:22 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2004/08/09 21:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/22 10:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2007/12/11 13:10:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/10/19 15:44:35 | 00,147,456 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/06/21 04:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/07/21 17:53:04 | 00,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service [Auto | Running])
SRV - [2005/08/05 20:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2001/02/23 11:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])
SRV - [2004/08/10 03:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2002/12/17 18:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlservr.exe -- (MSSQL$RETSDATA [Auto | Running])
SRV - [2002/12/17 18:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2006/05/09 15:50:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2007/08/09 00:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Disabled | Stopped])
SRV - [2007/08/24 15:53:14 | 00,072,176 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10 [Disabled | Stopped])
SRV - [2007/08/24 15:53:16 | 00,362,992 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10 [Disabled | Stopped])
SRV - [2007/08/24 15:52:48 | 00,309,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10 [Auto | Stopped])
SRV - [2007/08/24 15:52:38 | 01,083,888 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10 [Disabled | Stopped])
SRV - [2007/08/24 15:52:46 | 00,166,384 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10 [Auto | Stopped])
SRV - File not found -- -- (SessionLauncher [Disabled | Stopped])
SRV - [2002/12/17 18:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlagent.EXE -- (SQLAgent$RETSDATA [On_Demand | Stopped])
SRV - File not found -- -- (ThreatFire [Disabled | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 11:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2005/03/09 14:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2004/03/10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [1999/09/10 12:06:00 | 00,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32 [System | Running])
DRV - [2008/04/13 11:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2001/11/08 15:06:00 | 00,051,072 | ---- | M] (SCM Microsystems Inc.) -- C:\WINDOWS\system32\DRIVERS\EUSBMSD.SYS -- (EUSBMSD [On_Demand | Stopped])
DRV - [2006/09/19 12:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/04/13 16:47:38 | 00,168,064 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\system32\DRIVERS\hcwPP2.sys -- (hcwPP2 [On_Demand | Stopped])
DRV - [2008/04/13 09:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2004/10/04 16:26:03 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/10/04 16:26:04 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2004/10/04 16:26:08 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2005/12/06 11:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys -- (HSXHWBS2 [On_Demand | Running])
DRV - [2005/12/06 11:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_DP.sys -- (HSX_DP [On_Demand | Running])
DRV - [2006/06/14 11:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008/04/13 11:45:34 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\IrBus.sys -- (IrBus [On_Demand | Stopped])
DRV - [2005/10/05 15:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/04/13 11:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2007/05/03 14:37:08 | 00,022,152 | ---- | M] (Maxtor Corp.) -- C:\WINDOWS\system32\DRIVERS\mxopswd.sys -- (MXOPSWD [On_Demand | Stopped])
DRV - [2006/05/09 15:50:00 | 03,535,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006/03/03 15:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006/03/03 15:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2002/03/19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\pclepci.sys -- (PCLEPCI [System | Running])
DRV - [2005/12/12 17:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Stopped])
DRV - [2004/08/09 21:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/07/31 15:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/03 14:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2007/08/18 03:09:04 | 00,057,328 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DRIVERS\RxFilter.sys -- (RxFilter [Disabled | Stopped])
DRV - [2007/04/09 05:27:07 | 00,031,548 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
DRV - [2008/04/13 09:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2006/08/18 13:55:08 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
DRV - [2009/02/26 22:36:37 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2008/04/13 11:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2005/12/06 11:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys -- (winachsx [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "www.topbandevents.com"
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5

FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Components: C:\PROGRAM FILES\FLOCK\COMPONENTS
FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\PROGRAM FILES\FLOCK\PLUGINS [2009/10/05 18:33:33 | 00,000,000 | ---D | M]

[2009/01/11 15:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions
[2009/01/11 15:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2009/01/09 20:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/11 15:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\jv7pb2x6.default\extensions
[2009/01/09 20:23:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\jv7pb2x6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/01/11 15:46:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/09/03 16:28:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/07/06 15:35:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 24 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/18 13:38:06 | 00,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/10/26 10:24:39 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\marapihe
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\bakerulu
[2009/10/27 18:00:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/10/21 11:13:25 | 00,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2009/10/21 11:13:25 | 00,306,688 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2009/10/06 21:13:30 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTListIt2.exe
[2009/10/06 21:08:18 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/06 21:01:49 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/10/06 20:57:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\temp
[2009/10/06 20:41:49 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/06 18:24:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\MSNInstaller
[2009/10/05 20:14:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Previous Months
[2009/02/16 01:57:55 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/11/06 09:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 09:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/31 00:25:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2008/07/21 16:14:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI
[2007/10/28 15:40:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/09/27 15:35:56 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/08/21 12:22:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/08/19 13:17:34 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/19 13:17:34 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2007/06/12 09:09:54 | 00,749,568 | ---- | C] () -- C:\WINDOWS\System32\swfgen.dll
[2007/06/11 14:32:16 | 00,000,031 | ---- | C] () -- C:\WINDOWS\bluevoda.ini
[2007/05/13 20:43:57 | 00,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/05/13 20:43:57 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/24 12:52:52 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/03/21 15:43:53 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2007/03/14 14:42:09 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/06 19:08:55 | 00,000,199 | ---- | C] () -- C:\WINDOWS\swacnfg.ini
[2007/03/05 13:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/03/05 13:18:44 | 00,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/03/03 19:23:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OlaUtl32.INI
[2007/03/03 19:22:59 | 00,001,625 | ---- | C] () -- C:\WINDOWS\OLAGNT32.INI
[2007/03/02 00:34:14 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/18 14:05:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/18 13:46:03 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/08/18 13:41:33 | 00,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/08/18 13:41:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/08/18 13:38:20 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/18 13:27:41 | 00,000,252 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/18 13:27:06 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/08/18 13:21:33 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/08/18 13:19:27 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/08/18 13:18:11 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 13:18:11 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 13:18:11 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 13:18:11 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/18 13:18:11 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 13:18:11 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/18 13:18:11 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/18 13:17:01 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/08/18 12:56:18 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/08/18 12:56:18 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/08/18 12:56:02 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/08/30 21:02:00 | 00,000,709 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/30 13:52:36 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/05 21:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 23:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/09 21:00:00 | 00,001,920 | ---- | C] () -- C:\WINDOWS\System32\i6fhtwwt.dll
[2004/07/26 07:51:38 | 00,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/18 08:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2002/02/27 09:41:28 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002/02/27 09:41:26 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002/02/27 09:41:26 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2000/10/01 23:23:36 | 00,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll
[1998/12/08 11:09:44 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1998/12/08 11:09:44 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[1998/12/08 11:09:44 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\lffpx90n.dll
[1996/04/01 10:00:00 | 00,000,200 | ---- | C] () -- C:\WINDOWS\System32\CAPTURE2.INI

========== Files - Modified Within 30 Days ==========

[287 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/10/28 01:05:20 | 00,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{17F015C8-57FA-45D9-B2E3-851F92A5E8AA}.job
[2009/10/28 01:03:10 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/10/28 01:02:42 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/10/28 01:02:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\desktop.ini
[2009/10/28 01:02:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/28 01:02:18 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/28 01:02:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/28 01:02:15 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/27 14:18:17 | 00,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2769080022-1748412195-781348209-1007.job
[2009/10/27 14:18:17 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2009/10/27 03:09:00 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Backup.job
[2009/10/24 12:34:55 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/10/24 12:34:55 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/10/24 12:34:55 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/10/20 15:52:47 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2009/10/20 15:46:17 | 00,002,381 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\ULTRA 2.lnk
[2009/10/17 02:20:53 | 00,000,548 | ---- | M] () -- C:\WINDOWS\tasks\Rescue Reminder for 2HAPX1GZ.job
[2009/10/10 10:54:14 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/06 20:52:51 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/06 20:52:23 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/06 10:16:38 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2009/10/05 18:41:33 | 00,000,031 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\Snapshot_002.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\Inka King TOP BAND Mix.mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\centre_logo.tif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\(Unknown) - Still 001.jpg:Roxio EMC Stream
< End of report >

#102 topband

Authentic Member

Authentic Member
83 posts

Posted 28 October 2009 - 02:24 AM

HI OM

Just made an error ... forget the last post andd this is the proper POST as you suggested this consists of BOTH POSTS in this email and the second one is designated ....sorry bout that one

OTL Extras logfile created on: 10/28/2009 1:19:18 AM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 588.60 Mb Available Physical Memory | 61.41% Memory free
2.85 Gb Paging File | 2.63 Gb Available in Paging File | 92.18% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 289.23 Gb Total Space | 164.40 Gb Free Space | 56.84% Space Free | Partition Type: NTFS
Drive D: | 8.83 Gb Total Space | 0.39 Gb Free Space | 4.39% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 1.89 Gb Total Space | 0.39 Gb Free Space | 20.40% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOPBAND
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\Piolet\Piolet.exe" = C:\Program Files\Piolet\Piolet.exe:*:Enabled:Piolet -- (MP2P Technologies.)
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- (Azureus Inc)
"C:\Documents and Settings\All Users\Application Data\vt3studio\vt3mws\VT3MWS.EXE" = C:\Documents and Settings\All Users\Application Data\vt3studio\vt3mws\VT3MWS.EXE:*:Disabled:VT3MWS -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\WINDOWS\ehome\ehrecvr.exe" = C:\WINDOWS\ehome\ehrecvr.exe:*:Enabled:ehRecvr -- (Microsoft Corporation)
"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" = C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe:*:Enabled:GoogleUpdaterService -- (Google)
"C:\WINDOWS\system32\dwwin.exe" = C:\WINDOWS\system32\dwwin.exe:*:Enabled:dwwin -- (Microsoft Corporation)
"C:\Program Files\Cleaner 5\Cleaner 5.exe" = C:\Program Files\Cleaner 5\Cleaner 5.exe:*:Enabled:Cleaner Application -- (Terran Interactive)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01DD84CF-69D6-4B44-9930-CA9ABC1B07A2}" = ULTRA Master Sets Library 1
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{16A51CA1-C8F3-42E8-9EFA-C1607E82CA92}" = Microsoft Office Live Meeting 2005 Replay Wrapper
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}" = iTunes
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{25F6C900-C138-4888-A56C-91D3D063023A}" = HP Update
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 10
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{395131D0-71C3-4411-8DDD-84E7A4EC8754}" = Intellisync® for Yahoo!
"{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4BCE366F-A0E0-4869-A6E2-A77CD82C8FFD}" = TubeTilla Free
"{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5D6EC6F7-9B38-4a02-B063-97C2048B56A2}" = 7200_Help
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}" = muvee autoProducer unPlugged 2.0
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A1975EB-27E6-491D-94BC-6355FA25F40F}" = Google Web Accelerator
"{6CC9B4FB-161D-4330-97C3-9D48CA5FD106}" = ULTRA 2 Program Files
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BDA5B96-4253-45B6-BB57-1682E96555E0}" = TrueForms for AgentOffice
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{913D0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard for Students and Teachers
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{995237D9-6E24-45D9-9B06-C13AA62F518B}" = Placeholder for ULTRA 2 MSL installs
"{9A9A1828-31D1-4590-A99F-022B7237AFAE}" = Roxio MediaShare
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{9E694B64-864C-4F22-8229-12D53CA93E94}" = Video Explosion Deluxe
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A0B295C3-FD3C-11D4-A811-0090279106C3}" = WordPerfect Office 2002
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A7391302-FADF-4314-80DC-C757DAE45178}" = 7200
"{A898F014-EF7E-4B71-88D6-7C5A09BC8C86}" = LEADTOOLS ePrint 3.0
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC966B90-53CA-4710-8EEE-57ED25387872}" = 7200Trb
"{AE3046D7-845E-4A10-B299-CACE9F801E68}" = ULTRA 2
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B279F2F1-3B2F-3A96-AC11-5743CD43DCCB}" = Google Talk Plugin
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio 9 Content CD/DVD
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Easy Media Creator 10 Suite
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{D65D3265-88E9-48E2-A200-A6FA2D530C83}" = AgentOffice
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (RETSDATA)
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{F8A69088-4788-4D51-B933-00E9E90BDC3A}" = eNeighborhoods ()
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FB4740B3-2530-452D-A825-F7AB246CA7DF}" = muvee autoProducer 5.0
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator 9.0" = Adobe Illustrator 9.0
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe SVG Viewer" = Adobe SVG Viewer
"AVI MPEG Video Converter" = AVI MPEG Video Converter
"AviSynth" = AviSynth 2.5
"AwayMode160" = Microsoft Away Mode
"Azureus Vuze" = Azureus Vuze
"Cleaner 5" = Cleaner 5
"Click'N Design 3D (V5)" = Click'N Design 3D (V5)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"Director 8 Shockwave Studio" = Director 8 Shockwave Studio
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FXhome CompositeLab Pro" = FXhome CompositeLab Pro (remove only)
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"Hollywood FX 5.5 Additional Effects" = Hollywood FX 5.5 Additional Effects
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart for Media Center PC" = HP Photosmart for Media Center PC
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"InstallShield_{D65D3265-88E9-48E2-A200-A6FA2D530C83}" = AgentOffice 8.5
"IsoBuster_is1" = IsoBuster 1.9
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maxthon2" = Maxthon2 Browser (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero PhotoShow Express" = Nero PhotoShow Express
"NeroVision!UninstallKey" = NeroVision Express 2
"Netscape Browser" = Netscape Browser (remove only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = NeroMIX
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Standard Edition 2003 60 days trial
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Picasa 3" = Picasa 3
"Piolet" = Piolet 1.9.8
"Piolet Toolbar" = Piolet Toolbar
"PowerISO" = PowerISO
"proDAD-Heroglyph-1.0" = proDAD Heroglyph 1.0
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"Rhapsody" = Rhapsody
"SecondLife" = SecondLife (remove only)
"SecondLifeADITI" = SecondLifeADITI (remove only)
"Steinberg Cubase LE" = Steinberg Cubase LE
"SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
"SWiSH Max2" = SWiSH Max2
"TeleKast" = TeleKast 1.0.0.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dr. DivX 2.0 OSS" = Dr. DivX 2.0 OSS

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/27/2009 5:49:01 PM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/27/2009 5:49:01 PM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/27/2009 7:36:01 PM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/27/2009 7:36:01 PM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/27/2009 9:23:01 PM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/27/2009 9:23:01 PM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/28/2009 4:02:27 AM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/28/2009 4:02:27 AM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/28/2009 4:02:30 AM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

Error - 10/28/2009 4:02:30 AM | Computer Name = TOPBAND | Source = Userenv | ID = 1041
Description =

[ System Events ]
Error - 10/28/2009 4:02:33 AM | Computer Name = TOPBAND | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/28/2009 4:02:33 AM | Computer Name = TOPBAND | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 10/28/2009 4:02:33 AM | Computer Name = TOPBAND | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/28/2009 4:02:33 AM | Computer Name = TOPBAND | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 10/28/2009 4:02:36 AM | Computer Name = TOPBAND | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2 TfFsMon TfSysMon

Error - 10/28/2009 4:02:40 AM | Computer Name = TOPBAND | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service RoxMediaDB10
with arguments "" in order to run the server: {14EFC14B-A5E8-4CC7-8E8F-2E46FA6A3878}

Error - 10/28/2009 4:03:08 AM | Computer Name = TOPBAND | Source = Service Control Manager | ID = 7034
Description = The Roxio Hard Drive Watcher 10 service terminated unexpectedly.
It has done this 1 time(s).

Error - 10/28/2009 4:04:25 AM | Computer Name = TOPBAND | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8007f0ed: Security Update for Windows XP (KB946648).

Error - 10/28/2009 4:17:33 AM | Computer Name = TOPBAND | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/28/2009 4:17:33 AM | Computer Name = TOPBAND | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 30 minutes. NtpClient has no source of accurate
time.

< End of report >

THE SECOND POST IS HERE :

OTL logfile created on: 10/28/2009 1:19:18 AM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 588.60 Mb Available Physical Memory | 61.41% Memory free
2.85 Gb Paging File | 2.63 Gb Available in Paging File | 92.18% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 289.23 Gb Total Space | 164.40 Gb Free Space | 56.84% Space Free | Partition Type: NTFS
Drive D: | 8.83 Gb Total Space | 0.39 Gb Free Space | 4.39% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 1.89 Gb Total Space | 0.39 Gb Free Space | 20.40% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOPBAND
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\arservice.exe (Microsoft)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\System32\wscntfy.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (ARSVC [Auto | Running]) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (EPrint III Service [Disabled | Stopped]) -- C:\Program Files\LEAD Technologies, Inc\LEADTOOLS ePrint 3.0\Bin\LPSVS03N.EXE ()
SRV - (GoogleDesktopManager [Disabled | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (Maxtor Sync Service [Auto | Running]) -- C:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (MSSQL$RETSDATA [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (Pml Driver HPZ12 [Disabled | Stopped]) -- C:\WINDOWS\System32\HPZipm12.exe (HP)
SRV - (Roxio UPnP Renderer 10 [Disabled | Stopped]) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 10 [Disabled | Stopped]) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (RoxLiveShare10 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (Sonic Solutions)
SRV - (RoxMediaDB10 [Disabled | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (RoxWatch10 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe (Sonic Solutions)
SRV - (SessionLauncher [Disabled | Stopped]) -- File not found
SRV - (SQLAgent$RETSDATA [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL$RETSDATA\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (ThreatFire [Disabled | Stopped]) -- File not found
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (ASAPIW2k [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ASAPIW2k.sys (Pinnacle Systems GmbH)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (EUSBMSD [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\EUSBMSD.SYS (SCM Microsystems Inc.)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hcwPP2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\hcwPP2.sys (Hauppauge Computer Works, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP)
DRV - (HSX_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (HSXHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (IrBus [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IrBus.sys (Microsoft Corporation)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (MXOPSWD [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mxopswd.sys (Maxtor Corp.)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (PCLEPCI [System | Running]) -- C:\WINDOWS\System32\drivers\pclepci.sys (Pinnacle Systems GmbH)
DRV - (Ps2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\PS2.sys (Hewlett-Packard Company)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (RxFilter [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RxFilter.sys (Sonic Solutions)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\System32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\System32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (winachsx [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "www.topbandevents.com"
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5

FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2009/10/05 18:33:33 | 00,000,000 | ---D | M]

[2009/01/11 15:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions
[2009/01/11 15:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2009/01/09 20:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/11 15:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\jv7pb2x6.default\extensions
[2009/01/09 20:23:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\jv7pb2x6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/01/11 15:46:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/09/03 16:28:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/07/06 15:35:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
[2007/08/31 02:08:39 | 00,135,680 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2008/12/05 23:52:44 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/10/19 15:44:08 | 00,410,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2007/08/15 15:30:54 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/09/05 16:03:36 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/08/10 16:57:23 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008/08/10 16:57:47 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2008/08/10 16:57:15 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2008/09/04 18:45:22 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/03/09 16:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Web Accelerator) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 24 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/18 13:38:06 | 00,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/10/06 20:32:04 | 00,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/10/06 18:24:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\MSNInstaller
[2009/10/28 01:18:04 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2009/10/27 18:00:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/10/21 11:13:25 | 00,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2009/10/21 11:13:25 | 00,306,688 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2009/10/06 21:08:18 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/06 21:01:49 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/10/05 20:14:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Previous Months

========== Files - Modified Within 30 Days ==========

[287 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/10/28 01:14:48 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2009/10/28 01:05:20 | 00,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{17F015C8-57FA-45D9-B2E3-851F92A5E8AA}.job
[2009/10/28 01:03:10 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/10/28 01:02:42 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/10/28 01:02:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/28 01:02:18 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/28 01:02:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/28 01:02:15 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/27 14:18:17 | 00,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2769080022-1748412195-781348209-1007.job
[2009/10/27 14:18:17 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2009/10/27 03:09:00 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Backup.job
[2009/10/24 12:34:55 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/10/24 12:34:55 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/10/24 12:34:55 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/10/20 20:36:20 | 00,053,760 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/20 15:52:47 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2009/10/20 15:46:17 | 00,002,381 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\ULTRA 2.lnk
[2009/10/17 02:20:53 | 00,000,548 | ---- | M] () -- C:\WINDOWS\tasks\Rescue Reminder for 2HAPX1GZ.job
[2009/10/10 10:54:14 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/06 20:52:51 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/06 20:52:23 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/06 10:16:38 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2009/10/05 18:41:33 | 00,000,031 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI

========== Files - No Company Name ==========
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\marapihe
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\bakerulu
[2009/10/06 20:41:49 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/02/16 01:57:55 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/11/06 21:05:46 | 00,038,459 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\dBase.ADR
[2008/11/06 21:04:28 | 00,038,489 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Comma Separated Values (DOS).ADR
[2008/11/06 21:03:39 | 00,038,480 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Tab Separated Values (Windows).ADR
[2008/11/06 20:52:45 | 00,038,466 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft Excel.ADR
[2008/11/06 09:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 09:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/31 00:25:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2008/09/07 10:17:52 | 00,000,170 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
[2008/07/21 16:14:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI
[2007/10/28 15:40:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/10/19 01:01:26 | 00,008,432 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\rx_audio.Cache
[2007/10/19 01:01:26 | 00,000,144 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\rx_image.Cache
[2007/09/27 15:35:56 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/08/21 12:22:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/08/19 13:17:34 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/19 13:17:34 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2007/07/30 10:57:56 | 00,031,212 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Comma Separated Values (Windows).ADR
[2007/06/12 09:09:54 | 00,749,568 | ---- | C] () -- C:\WINDOWS\System32\swfgen.dll
[2007/06/11 14:32:16 | 00,000,031 | ---- | C] () -- C:\WINDOWS\bluevoda.ini
[2007/05/13 20:43:57 | 00,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/05/13 20:43:57 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/24 12:52:52 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/03/21 15:43:53 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2007/03/14 14:42:09 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/09 13:36:49 | 00,002,502 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/08 21:28:12 | 00,201,136 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\GDIPFONTCACHEV1.DAT
[2007/03/06 19:08:55 | 00,000,199 | ---- | C] () -- C:\WINDOWS\swacnfg.ini
[2007/03/05 13:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/03/05 13:18:44 | 00,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/03/03 19:23:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OlaUtl32.INI
[2007/03/03 19:22:59 | 00,001,625 | ---- | C] () -- C:\WINDOWS\OLAGNT32.INI
[2007/03/02 12:50:22 | 00,002,510 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\.googlewebacchosts
[2007/03/02 00:34:14 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/03/01 21:38:07 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\desktop.ini
[2007/03/01 21:38:06 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\PFP100JCM.{PB
[2007/03/01 21:38:05 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\PFP100JPR.{PB
[2007/03/01 21:38:04 | 00,053,760 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/01 21:38:04 | 00,048,376 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/03/01 21:38:04 | 00,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2006/08/18 14:05:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/18 13:46:03 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/08/18 13:41:33 | 00,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/08/18 13:41:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/08/18 13:38:20 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/18 13:27:41 | 00,000,252 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/18 13:27:06 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/08/18 13:22:28 | 00,001,200 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/08/18 13:21:33 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/08/18 13:19:27 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/08/18 13:18:11 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 13:18:11 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 13:18:11 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 13:18:11 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/18 13:18:11 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 13:18:11 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/18 13:18:11 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/18 13:17:01 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/08/18 12:56:18 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/08/18 12:56:18 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/08/18 12:56:02 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/08/30 21:02:00 | 00,000,709 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/30 13:52:36 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/30 13:52:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/05 21:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 23:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/09 21:00:00 | 00,001,920 | ---- | C] () -- C:\WINDOWS\System32\i6fhtwwt.dll
[2004/07/26 07:51:38 | 00,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/18 08:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2002/02/27 09:41:28 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002/02/27 09:41:26 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002/02/27 09:41:26 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2000/10/01 23:23:36 | 00,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll
[1998/12/08 11:09:44 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1998/12/08 11:09:44 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[1998/12/08 11:09:44 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\lffpx90n.dll
[1996/04/01 10:00:00 | 00,000,200 | ---- | C] () -- C:\WINDOWS\System32\CAPTURE2.INI

========== LOP Check ==========

[2009/07/18 15:06:36 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/05/12 09:35:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2007/03/14 14:35:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2008/08/04 12:23:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2007/09/27 15:37:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2007/08/11 00:04:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2006/08/18 13:34:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2007/03/02 10:44:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2007/11/03 21:59:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2008/06/15 12:01:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad
[2007/11/22 21:41:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2006/08/18 13:38:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2007/06/06 21:04:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ipswitch
[2008/12/05 18:48:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2007/03/22 12:47:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/02/27 02:28:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/03/03 17:28:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2007/03/24 12:52:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009/02/10 19:59:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2007/03/05 13:24:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raize
[2007/10/06 22:20:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2006/08/18 13:17:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2007/03/24 15:34:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/03/03 16:39:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/02/10 19:57:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2008/12/30 15:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vt3studio
[2008/09/07 10:46:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/10/27 03:09:00 | 00,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\Backup.job
[2004/08/10 04:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/27 14:18:17 | 00,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2009/10/28 01:03:10 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/10/27 14:18:17 | 00,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2769080022-1748412195-781348209-1007.job
[2009/10/17 02:20:53 | 00,000,548 | ---- | M] () -- C:\WINDOWS\Tasks\Rescue Reminder for 2HAPX1GZ.job
[2009/10/28 01:02:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/28 01:05:20 | 00,000,444 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{17F015C8-57FA-45D9-B2E3-851F92A5E8AA}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\Snapshot_002.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\Inka King TOP BAND Mix.mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\centre_logo.tif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\HP_Administrator\My Documents\(Unknown) - Still 001.jpg:Roxio EMC Stream
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80337C03
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2C595FF3
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
< End of report >

#103 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 28 October 2009 - 03:40 AM

Hi Topband,

Are you trying to connect wireless or wired to the router?

What exactly happens when you try to open a browser?

Next, Double click on OTL.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following
Do Not copy the word CODE
please note the fix starts with the :

:Reg

:Files
C:\WINDOWS\System32\marapihe
C:\WINDOWS\System32\bakerulu

:Commands
[purity]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top

Let the program run unhindered
Please save the resulting log to be posted in your next reply.

Please post the OTL log.

Thanks

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#104 topband

Authentic Member

Authentic Member
83 posts

Posted 28 October 2009 - 01:06 PM

Hi OM thnx for the research here is the log as suggested PS I tried the browser they open but give me the IE cannot display the webpage message tnx jh : All processes killed ========== REGISTRY ========== ========== FILES ========== C:\WINDOWS\System32\marapihe moved successfully. C:\WINDOWS\System32\bakerulu moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 151762 bytes User: HPLAPTOP ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: HP_Administrator ->Temp folder emptied: 438182 bytes File delete failed. C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 114262 bytes ->Java cache emptied: 189400 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 177882595 bytes User: John Hancock User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes C:\WINDOWS\msdownld.tmp folder deleted successfully. %systemroot% .tmp files removed: 1053297 bytes %systemroot%\System32 .tmp files removed: 91910935 bytes File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_400.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7ac.dat scheduled to be deleted on reboot. Windows Temp folder emptied: 81920 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 259.29 mb OTL by OldTimer - Version 3.0.22.1 log created on 10282009_115542 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\Perflib_Perfdata_400.dat not found! File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7ac.dat not found! Registry entries deleted on Reboot...

#105 topband

Authentic Member

Authentic Member
83 posts

Posted 28 October 2009 - 01:39 PM

i forgot to mention the computers are all hard wired ...but have also been originally connected with wireless .... so both ways but presently direct wiring jh

Body Background

skin color theme