This topic is lockedI know what you mean.hopefully this is the last time you hear from me.
Feel free to browse the rest of the forums as there is a wealth of information.Take care.
WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93125 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
fake critical error warning windows xp :-9
Started by
wilma1313
, Jun 11 2011 07:26 PM
148 replies to this topic
#121
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 15 July 2011 - 10:17 AM
Feel free to browse the rest of the forums as there is a wealth of information.Take care.
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.Register to Remove
#122
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 17 July 2011 - 10:17 AM
Hi, 
I checked Java, that was up to date. I did the OTL cleanup and when it rebooted his mcafee firewall was disabled. I got that running and tried to do a Malwarebytes scan and did one which worked and showed nothing. Then I realized that I should have updated it and when I tried to update got an error message. Tried to shut it down and try again but kept saying Malwarebytes was running, although it is not according to task manager. now the computer won't reboot.
Mentioned this all to him when he got home and he says the firewall has been disabled several times this week for no reason.
I think he is re-infected or infected again. My computer is also now infected with something - which I started a separate thread to address. One of his regular sites is getting up because he surfs on both our computers and now they are both infected. (I only use mine)
I'm trying again to get windows to load on his.
I checked Java, that was up to date. I did the OTL cleanup and when it rebooted his mcafee firewall was disabled. I got that running and tried to do a Malwarebytes scan and did one which worked and showed nothing. Then I realized that I should have updated it and when I tried to update got an error message. Tried to shut it down and try again but kept saying Malwarebytes was running, although it is not according to task manager. now the computer won't reboot.
Mentioned this all to him when he got home and he says the firewall has been disabled several times this week for no reason.
I think he is re-infected or infected again. My computer is also now infected with something - which I started a separate thread to address. One of his regular sites is getting up because he surfs on both our computers and now they are both infected. (I only use mine)
I'm trying again to get windows to load on his.
#123
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 17 July 2011 - 11:33 AM
Hi wilma1313,
What was the error message?
How far into loading Windows does the computer get? Is there an error message?
Try booting to Safe Mode
If that doesn't work try Last Known Good Configuration. The steps are the same as above but this time choose Last Known Good Configuration.
Please confirm that you use ERUNT on this computer.
Thanks
What was the error message?
How far into loading Windows does the computer get? Is there an error message?
Try booting to Safe Mode
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
- Instead of Windows loading as normal, a menu with options should appear;
- Select the first option, to run Windows in Safe Mode, then press "Enter".
- Choose your usual account.
If that doesn't work try Last Known Good Configuration. The steps are the same as above but this time choose Last Known Good Configuration.
Please confirm that you use ERUNT on this computer.
Thanks
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.
#124
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 17 July 2011 - 06:15 PM
It finally loaded normally.
The error message I am not sure what it said - malwarebytes is also now working.
Mcafee had the real time virus scan and spam guard go down for awhile this afternoon. (earlier it was the firewall)
I believe I downloaded and tried to use Erunt - but then when I restored that was no longer on the computer or off the desktop at least....
#125
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 17 July 2011 - 06:40 PM
Hi wilma1313,
That's fine about ERUNT, I thought it may be another option we may need to explore.
What did yo need to do to get Windows to load?
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.
#126
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 17 July 2011 - 06:59 PM
I shut it off and it finally loaded.
The first time it wouldn't load I got the screen that said it wouldn't load and offered me the option to try again. The second time it just would not go beyond his wallpaper. Third time it loaded. When it did the virus scan and anti spam were both disabled. malwarebytes updated and seems to work now....
#127
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 17 July 2011 - 09:31 PM
Hi wilma1313,
Sound like MBAM may have hung during the update attempt. Your last reply would indicate that the Control Set Windows was attempting to load had problems and Windows used a different one which was successful. The use of the alternate control Set, which is normal btw, may or may not explain why McAfee was disabled.
Let's have a look and see if anything has changed.
Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
Click No when asked to download the Avast definitions. We may use that feature later.
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Download OTL to your desktop.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
Please post back with
Sound like MBAM may have hung during the update attempt. Your last reply would indicate that the Control Set Windows was attempting to load had problems and Windows used a different one which was successful. The use of the alternate control Set, which is normal btw, may or may not explain why McAfee was disabled.
Let's have a look and see if anything has changed.
Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
Click No when asked to download the Avast definitions. We may use that feature later.
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Download OTL to your desktop.
- Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output
- Check the boxes beside LOP Check and Purity Check.
- In the window under Custom Scans/Fixes copy and paste the following
netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lîk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Deskuop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
/md5start
iexplore.*
explorer.*
winlogon.*
dll
zx.dll
hlp.dat
/md5stop
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
Please post back with
- aswMBR log
- both OTL logs
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.
#128
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 19 July 2011 - 10:01 AM
Good morning,
Ansmbr will not scan. The button stays greyed out....
#129
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 19 July 2011 - 06:35 PM
Hi wilma1313,
Sorry about the delay, couldn't access the forum all day.
McAfee may be causing problems. Try running aswMBR in Safe Mode. If it still won't run skip it for now and do the OTL scan.
Thanks
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.
#130
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 21 July 2011 - 09:26 PM
Hi,
Same result in safe mode aswMBR will not run, the scan is greyed out and mcaffee was disabled, so should not be that messin with it. Here are the OTL scans. goodnight!
OTL logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcupdmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\VirusScan\McInsUpd.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Garmin\gStart.exe (GARMIN Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\McAfee\SiteAdvisor\sahook.dll ()
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (MOBK370backup) -- C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
========== Driver Services (SafeList) ==========
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBK370Filter) -- C:\WINDOWS\system32\drivers\MOBK370.sys (Mozy, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ibahn:80
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/02 22:12:15 | 000,000,000 | ---D | M]
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011/07/03 12:43:45 | 000,434,745 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14987 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110517161831.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk = C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011/07/21 21:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/07/19 10:59:41 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/12 18:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/07/12 18:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/07/10 15:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/07/10 15:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/07/10 15:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/07/10 15:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/07/10 15:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/07/05 20:34:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/03 13:54:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/07/03 10:10:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\Application Data\SUPERAntiSpyware.com
[2011/07/03 10:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/07/03 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/07/03 08:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/03 08:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/07/03 08:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/07/02 18:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\My Documents\Limew
[2011/06/29 20:44:19 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:44:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/26 14:49:28 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/21 21:42:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/21 21:25:37 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/21 21:23:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/20 14:02:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/19 10:59:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/17 11:35:03 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/07/17 09:23:57 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/15 16:58:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/13 22:54:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/12 18:29:25 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/11 09:59:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/10 15:27:15 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/03 12:43:45 | 000,434,745 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/03 08:02:40 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 19:03:14 | 000,040,764 | ---- | M] () -- C:\WINDOWS\MOBK370.blk
[2011/07/02 19:03:13 | 000,003,352 | ---- | M] () -- C:\WINDOWS\MOBK370.flt
[2011/07/02 18:07:46 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/30 17:03:01 | 000,000,248 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\PaperBack Swap.com.url
[2011/06/29 20:42:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:42:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:42:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/29 20:42:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:42:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/26 17:47:17 | 000,000,237 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\My Documents\The SF Site Kim Stanley Robinson Reading List.url
[2011/06/26 14:49:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 18:29:25 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/10 15:27:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/10 15:27:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/03 08:02:40 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 18:07:46 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/26 14:49:56 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/06/26 14:49:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/16 19:48:00 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 21:26:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/04 22:05:39 | 000,028,792 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/06/07 13:09:54 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2007/05/26 16:27:56 | 000,002,206 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007/05/16 08:47:50 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/28 13:19:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/03/17 18:22:59 | 000,010,752 | -H-- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/08 21:08:45 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/11/08 15:47:14 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\fusioncache.dat
[2006/10/04 02:01:07 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2006/10/04 01:46:48 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/04 01:46:05 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2006/10/04 01:41:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/04 01:15:28 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/10/04 01:14:37 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/10/04 01:14:36 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/10/04 01:14:20 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/06/21 04:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 04:12:42 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2006/06/17 04:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/17 04:37:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/06/17 04:24:58 | 000,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 04:24:57 | 000,000,519 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/17 04:23:25 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/17 04:23:22 | 000,445,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/17 04:23:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/06/17 04:23:22 | 000,072,754 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/17 04:23:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/06/17 04:23:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/06/17 04:23:20 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/06/17 04:23:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/06/17 04:23:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/06/17 04:23:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/06/17 04:23:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/06/17 04:23:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/06/16 21:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/16 21:30:47 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/05 23:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/06/15 02:00:00 | 000,077,321 | ---- | C] () -- C:\WINDOWS\unins000.exe
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010/08/24 22:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/06/04 16:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008/01/29 11:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/10/04 01:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/07/17 09:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/10/04 01:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/02/11 19:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/27 17:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/11 09:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/11 17:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 15:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/01/29 11:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Eyeblaster
[2008/01/29 11:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GameHouse
[2011/06/04 16:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GARMIN
[2007/04/25 20:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\iWin
[2009/12/26 16:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\LimeWire
[2006/10/04 01:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\SampleView
[2008/04/22 06:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Smith Micro
[2006/02/11 19:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\WildTangent
[2006/11/08 15:46:50 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/16 15:00:06 | 001,901,643 | ---- | M] () -- C:\048401000290.rgn
[2006/10/04 01:38:40 | 000,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/10/04 02:01:06 | 000,000,090 | ---- | M] () -- C:\bcmwl5.log
[2006/11/08 15:46:51 | 000,000,221 | ---- | M] () -- C:\Boot.bak
[2011/06/16 19:33:01 | 000,000,337 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/02/09 19:30:55 | 000,014,692 | ---- | M] () -- C:\drwtsn32.log
[2009/04/21 13:45:04 | 000,012,718 | ---- | M] () -- C:\Forerunner_205_305_v290.txt
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2006/10/04 01:48:13 | 000,001,191 | ---- | M] () -- C:\IPH.PH
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2004/08/10 14:00:00 | 000,047,564 | R-S- | M] () -- C:\NTDETECT.COM
[2008/08/28 17:27:29 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/07/21 21:23:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2006/10/04 01:39:47 | 000,000,090 | ---- | M] () -- C:\powerdvd.log
[2006/10/04 01:41:30 | 000,000,191 | ---- | M] () -- C:\touchpad.log
[2007/02/07 04:57:38 | 000,720,896 | ---- | M] (GARMIN Corp.) -- C:\Updater.exe
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/06/17 04:40:30 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/03/22 17:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2007/07/22 15:44:54 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/06/16 21:30:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/06/16 21:30:11 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/06/16 21:30:11 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >
[2008/08/28 17:35:23 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
[2007/03/23 10:36:24 | 000,001,992 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
[2007/04/04 20:57:18 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Open Office Document.lnk
[2008/08/28 17:35:23 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
[2006/06/17 04:41:25 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
[2007/10/05 20:45:00 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >
< %USERPROFILE%\Deskuop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-14 04:18:38
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EX_ >
[2004/08/10 14:00:00 | 000,359,533 | ---- | M] () MD5=4F061B12F3D5457315A0314954E7EF46 -- C:\WINDOWS\I386\EXPLORER.EX_
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/10 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2011/07/21 21:25:46 | 000,022,806 | ---- | M] () MD5=78BB937199B20EB818235BFF8E79DA8C -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.HTM >
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\cs\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:25:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\da\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\de\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\el\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\es\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:08 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fi\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2003/09/15 14:06:02 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\hu\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\it\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ja\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ko\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\nl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:58 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\no\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pt-BR\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ru\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:14 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\sv\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:20 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\th\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\tr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHS\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHT\Help\wwhelp\wwhimpl\java\html\explorer.htm
< MD5 for: EXPLORER.SC_ >
[2004/08/10 14:00:00 | 000,000,181 | ---- | M] () MD5=BC5B38879C56DFBC05C8B5C43AC4D739 -- C:\WINDOWS\I386\EXPLORER.SC_
< MD5 for: EXPLORER.SCF >
[2004/08/10 14:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CH_ >
[2004/08/10 14:00:00 | 000,199,077 | ---- | M] () MD5=5F64795662F162CCD8B30969B6682029 -- C:\WINDOWS\I386\IEXPLORE.CH_
< MD5 for: IEXPLORE.CHM >
[2009/02/21 01:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2004/08/10 14:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie7\iexplore.chm
[2006/09/01 09:43:50 | 000,503,758 | ---- | M] () MD5=652E46500C149D1DC948BF9CEA8C4933 -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.EX_ >
[2004/08/10 14:00:00 | 000,037,895 | ---- | M] () MD5=F83009589844F0C30801CC2221F06AB9 -- C:\WINDOWS\I386\IEXPLORE.EX_
< MD5 for: IEXPLORE.EXE >
[2009/06/29 02:25:31 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=02E2754D3E566C11A4934825920C47DD -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[2008/12/19 00:25:25 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=030D78FE84A086ED376EFCBD2D72C522 -- C:\WINDOWS\ie7updates\KB963027-IE7\iexplore.exe
[2008/10/15 01:34:58 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=056C927CF7207857E8B34F7A8FFD9B9E -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[2010/12/20 06:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2009/04/25 00:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe
[2007/04/24 09:26:26 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=10BDB55982586A432A3951EB19A26009 -- C:\WINDOWS\ie7updates\KB937143-IE7\iexplore.exe
[2008/12/19 00:25:30 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=15E8A89499741D5CF59A9CF6463A4339 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[2008/04/22 03:02:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=197B7E4030CFBD8D2979D375E1787AA2 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[2008/08/23 00:56:15 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=1F03216084447F990AE797317D0A6E70 -- C:\WINDOWS\ie7updates\KB958215-IE7\iexplore.exe
[2010/06/17 10:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2008/04/22 02:40:18 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=232B22817B90AE0AFF2D189E3E3735AC -- C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
[2007/12/06 06:01:25 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2703D940A62B731AA220529DD7331A78 -- C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
[2007/06/27 03:27:30 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=275CEE268B9E5D82474C43D5D249D111 -- C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
[2008/02/29 03:55:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2D0E5592AB5A46C27DAF7CCAFF4F5B59 -- C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
[2009/08/27 00:18:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=332EC7562F3AA7364F2D4231C56DA986 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[2007/08/17 05:21:21 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=3AC2BC667DA0AF2C968E96E1630F5AB5 -- C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
[2009/06/29 03:35:10 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=3CFC56F73D494FC1AA2B6E981DF15ACD -- C:\WINDOWS\ie7updates\KB974455-IE7\iexplore.exe
[2009/10/28 01:54:16 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=4F9B04D546C23A295F3F0AE015BE51DB -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2006/10/17 14:04:40 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=5334D4461AA92A7B008755FE6D13C5F2 -- C:\WINDOWS\ie7updates\KB928090-IE7\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2007/08/17 05:12:49 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=5577D0E3AC2F9F035ACD81B44AF5F511 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
[2008/04/13 19:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2007/10/10 03:16:56 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=632BDE0179847234433CA50945442ACB -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
[2008/06/23 04:20:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=64E376A47763DAEABCDA14BD5B6EA286 -- C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
[2007/02/21 03:00:58 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=683DDE71BCF03B501B912D20CB93B549 -- C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe
[2008/02/22 04:40:22 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=6E0888626E0CAC79F57149814E22DB4D -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
[2010/10/18 06:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2009/10/28 01:54:21 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=80675329E0FD54F016C4F8A83C616349 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[2007/12/06 03:34:45 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=809D17D8FA0FDAEE07778CD821CAFFDE -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
[2007/01/08 19:08:42 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=93A6A4F5293AE19E3B37021AABCF0902 -- C:\WINDOWS\ie7updates\KB931768-IE7\iexplore.exe
[2007/04/24 09:20:41 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=9B3516C1F30DA17ADD3818573047D63C -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
[2008/10/15 02:06:26 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=9D3DB9ADFABD2F0BC778EC03250A3ABB -- C:\WINDOWS\ie7updates\KB961260-IE7\iexplore.exe
[2009/02/27 23:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=A251068640DDB69FD7805B57D89D7FF7 -- C:\WINDOWS\ie7updates\KB969897-IE7\iexplore.exe
[2010/06/17 09:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2010/02/23 00:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\ERDNT\cache\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2010/12/20 05:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2009/02/27 23:54:44 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=BCD8E48709BE4A79606F0B6E8E9A6162 -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe
[2007/06/27 04:16:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=BD8502DFD53FC24FB8D6929DC46B8C2C -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
[2009/04/25 00:27:39 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=C0503FD8D163652735C1EE900672A75C -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2008/06/23 03:23:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=C52A9EF571E91535EB78DB4B8B95EA07 -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[2010/02/23 00:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2007/02/28 01:51:34 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D321092F8529CDAE843D6E24E3CAC6CB -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
[2010/10/18 05:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2011/02/14 06:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 07:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie8\iexplore.exe
[2010/08/25 06:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2004/08/10 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\ie7\iexplore.exe
[2008/08/23 00:56:16 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=E8305C30D35E85D6657ED3E9934CB302 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[2007/10/10 05:59:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=E854D02E4231F704D9BE782A424E6D8B -- C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
[2010/08/25 06:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[2009/08/27 00:18:44 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F232BA9F39BC0F722672C7E79E68EBEA -- C:\WINDOWS\ie7updates\KB976325-IE7\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2006/10/17 14:04:26 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=E83C9C1F9DD9D47BB44871BFC7E69DDD -- C:\WINDOWS\ie8\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2011/07/21 21:41:03 | 000,060,614 | ---- | M] () MD5=E463B5BAAB84A206FA30DFC17E6BFA95 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HL_ >
[2004/08/10 14:00:00 | 000,059,881 | ---- | M] () MD5=D23388C8D5D82D4D1C3B0B6A256E3CB7 -- C:\WINDOWS\I386\IEXPLORE.HL_
< MD5 for: IEXPLORE.HLP >
[2004/08/10 14:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: WINLOGON.EX_ >
[2004/08/10 14:00:00 | 000,261,115 | ---- | M] () MD5=F41C4F5745589D0BB8268C02B71594CA -- C:\WINDOWS\I386\WINLOGON.EX_
< MD5 for: WINLOGON.EXE >
[2004/08/10 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< >
OTL Extras logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\ses2_client_bin_2_8_13g\seswiz.exe" = C:\ses2_client_bin_2_8_13g\seswiz.exe:*:Enabled:Wireless SecureEasySetup -- (Broadcom)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}" = ATI Catalyst Control Center
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C3EC6A8-28A1-AE6D-A6F7-5011C36DB1DB}" = McAfee Online Backup
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}" = Garmin Training Center
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{88B746D6-1956-4D98-BE82-46E45AAA5BC2}" = Garmin Training Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E394CC6D-9F54-41CC-9415-6FFF07885881}" = Garmin WebUpdater
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{FB3F4A45-D3F8-4A6B-8AEC-26BBB15ED0D1}" = Garmin ANT Agent
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"gtw_logo" = gtw_logo
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Mah Jong Medley" = Mah Jong Medley
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"MSC" = McAfee Internet Security
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"RealPlayer 6.0" = RealPlayer Basic
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WT010650" = FATE
"WT010655" = Tradewinds
"WT010661" = Polar Golfer
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Photos Easy Upload Tool" = Yahoo! Photos Easy Upload Tool
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/20/2011 3:25:11 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application Training Center.exe, version 3.6.3.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 3:25:43 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 3:25:45 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1336 (0x538) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All
Users\Application Data\McAfee\MCLOGS\log.ini by C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17018(2313)(0) 17017(0)(1) 7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2)
15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1424 (0x590) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\mcafee\SiteAdvisor\content.dat
by C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 17018(2766)(0) 17017(0)(1)
7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2) 15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 844 (0x34c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SYSTEM32\msctfime.ime
by **\STSYSTRA.EXE 17018(2140)(0) 17017(62)(1) 7007(62)(0) 5006(62)(0) 5004(62)(0)
5003(62)(0) 5002(62)(1) 15002(62)(0)
Error - 7/20/2011 11:05:22 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1372 (0x55c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe
by C:\WINDOWS\Explorer.EXE 4(16)(0) 4(16)(0) 7200(16)(0) 7595(16)(0) 7005(16)(0)
7004(16)(0) 5006(0)(0) 5004(0)(0)
Error - 7/20/2011 11:13:27 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application MOBK370conf.exe, version 1.16.6.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 11:14:44 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -2109236675.
Error - 7/21/2011 10:33:03 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2264 (0x8d8) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee.com\Agent\mcagent.exe
by C:\WINDOWS\system32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
[ System Events ]
Error - 7/21/2011 10:19:46 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/21/2011 10:26:15 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:30:38 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7022
Description = The McShield service hung on starting.
Error - 7/21/2011 10:30:45 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:33:22 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service COMSysApp with
arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the COM+ System Application
service to connect.
Error - 7/21/2011 10:36:06 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7000
Description = The COM+ System Application service failed to start due to the following
error: %%1053
Error - 7/21/2011 10:39:20 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:40:24 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
< End of report >
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
Same result in safe mode aswMBR will not run, the scan is greyed out and mcaffee was disabled, so should not be that messin with it. Here are the OTL scans. goodnight!
OTL logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcupdmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\VirusScan\McInsUpd.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Garmin\gStart.exe (GARMIN Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\McAfee\SiteAdvisor\sahook.dll ()
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (MOBK370backup) -- C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
========== Driver Services (SafeList) ==========
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBK370Filter) -- C:\WINDOWS\system32\drivers\MOBK370.sys (Mozy, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ibahn:80
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/02 22:12:15 | 000,000,000 | ---D | M]
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011/07/03 12:43:45 | 000,434,745 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14987 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110517161831.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk = C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011/07/21 21:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/07/19 10:59:41 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/12 18:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/07/12 18:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/07/10 15:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/07/10 15:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/07/10 15:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/07/10 15:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/07/10 15:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/07/05 20:34:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/03 13:54:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/07/03 10:10:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\Application Data\SUPERAntiSpyware.com
[2011/07/03 10:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/07/03 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/07/03 08:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/03 08:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/07/03 08:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/07/02 18:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\My Documents\Limew
[2011/06/29 20:44:19 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:44:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/26 14:49:28 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/21 21:42:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/21 21:25:37 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/21 21:23:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/20 14:02:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/19 10:59:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/17 11:35:03 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/07/17 09:23:57 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/15 16:58:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/13 22:54:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/12 18:29:25 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/11 09:59:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/10 15:27:15 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/03 12:43:45 | 000,434,745 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/03 08:02:40 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 19:03:14 | 000,040,764 | ---- | M] () -- C:\WINDOWS\MOBK370.blk
[2011/07/02 19:03:13 | 000,003,352 | ---- | M] () -- C:\WINDOWS\MOBK370.flt
[2011/07/02 18:07:46 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/30 17:03:01 | 000,000,248 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\PaperBack Swap.com.url
[2011/06/29 20:42:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:42:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:42:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/29 20:42:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:42:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/26 17:47:17 | 000,000,237 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\My Documents\The SF Site Kim Stanley Robinson Reading List.url
[2011/06/26 14:49:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 18:29:25 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/10 15:27:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/10 15:27:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/03 08:02:40 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 18:07:46 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/26 14:49:56 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/06/26 14:49:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/16 19:48:00 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 21:26:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/04 22:05:39 | 000,028,792 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/06/07 13:09:54 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2007/05/26 16:27:56 | 000,002,206 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007/05/16 08:47:50 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/28 13:19:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/03/17 18:22:59 | 000,010,752 | -H-- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/08 21:08:45 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/11/08 15:47:14 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\fusioncache.dat
[2006/10/04 02:01:07 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2006/10/04 01:46:48 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/04 01:46:05 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2006/10/04 01:41:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/04 01:15:28 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/10/04 01:14:37 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/10/04 01:14:36 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/10/04 01:14:20 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/06/21 04:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 04:12:42 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2006/06/17 04:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/17 04:37:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/06/17 04:24:58 | 000,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 04:24:57 | 000,000,519 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/17 04:23:25 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/17 04:23:22 | 000,445,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/17 04:23:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/06/17 04:23:22 | 000,072,754 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/17 04:23:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/06/17 04:23:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/06/17 04:23:20 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/06/17 04:23:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/06/17 04:23:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/06/17 04:23:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/06/17 04:23:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/06/17 04:23:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/06/16 21:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/16 21:30:47 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/05 23:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/06/15 02:00:00 | 000,077,321 | ---- | C] () -- C:\WINDOWS\unins000.exe
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010/08/24 22:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/06/04 16:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008/01/29 11:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/10/04 01:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/07/17 09:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/10/04 01:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/02/11 19:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/27 17:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/11 09:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/11 17:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 15:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/01/29 11:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Eyeblaster
[2008/01/29 11:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GameHouse
[2011/06/04 16:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GARMIN
[2007/04/25 20:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\iWin
[2009/12/26 16:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\LimeWire
[2006/10/04 01:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\SampleView
[2008/04/22 06:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Smith Micro
[2006/02/11 19:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\WildTangent
[2006/11/08 15:46:50 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/16 15:00:06 | 001,901,643 | ---- | M] () -- C:\048401000290.rgn
[2006/10/04 01:38:40 | 000,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/10/04 02:01:06 | 000,000,090 | ---- | M] () -- C:\bcmwl5.log
[2006/11/08 15:46:51 | 000,000,221 | ---- | M] () -- C:\Boot.bak
[2011/06/16 19:33:01 | 000,000,337 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/02/09 19:30:55 | 000,014,692 | ---- | M] () -- C:\drwtsn32.log
[2009/04/21 13:45:04 | 000,012,718 | ---- | M] () -- C:\Forerunner_205_305_v290.txt
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2006/10/04 01:48:13 | 000,001,191 | ---- | M] () -- C:\IPH.PH
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2004/08/10 14:00:00 | 000,047,564 | R-S- | M] () -- C:\NTDETECT.COM
[2008/08/28 17:27:29 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/07/21 21:23:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2006/10/04 01:39:47 | 000,000,090 | ---- | M] () -- C:\powerdvd.log
[2006/10/04 01:41:30 | 000,000,191 | ---- | M] () -- C:\touchpad.log
[2007/02/07 04:57:38 | 000,720,896 | ---- | M] (GARMIN Corp.) -- C:\Updater.exe
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/06/17 04:40:30 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/03/22 17:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2007/07/22 15:44:54 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/06/16 21:30:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/06/16 21:30:11 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/06/16 21:30:11 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >
[2008/08/28 17:35:23 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
[2007/03/23 10:36:24 | 000,001,992 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
[2007/04/04 20:57:18 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Open Office Document.lnk
[2008/08/28 17:35:23 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
[2006/06/17 04:41:25 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
[2007/10/05 20:45:00 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >
< %USERPROFILE%\Deskuop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-14 04:18:38
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EX_ >
[2004/08/10 14:00:00 | 000,359,533 | ---- | M] () MD5=4F061B12F3D5457315A0314954E7EF46 -- C:\WINDOWS\I386\EXPLORER.EX_
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/10 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2011/07/21 21:25:46 | 000,022,806 | ---- | M] () MD5=78BB937199B20EB818235BFF8E79DA8C -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.HTM >
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\cs\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:25:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\da\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\de\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\el\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\es\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:08 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fi\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2003/09/15 14:06:02 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\hu\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\it\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ja\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ko\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\nl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:58 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\no\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pt-BR\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ru\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:14 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\sv\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:20 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\th\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\tr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHS\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHT\Help\wwhelp\wwhimpl\java\html\explorer.htm
< MD5 for: EXPLORER.SC_ >
[2004/08/10 14:00:00 | 000,000,181 | ---- | M] () MD5=BC5B38879C56DFBC05C8B5C43AC4D739 -- C:\WINDOWS\I386\EXPLORER.SC_
< MD5 for: EXPLORER.SCF >
[2004/08/10 14:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CH_ >
[2004/08/10 14:00:00 | 000,199,077 | ---- | M] () MD5=5F64795662F162CCD8B30969B6682029 -- C:\WINDOWS\I386\IEXPLORE.CH_
< MD5 for: IEXPLORE.CHM >
[2009/02/21 01:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2004/08/10 14:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie7\iexplore.chm
[2006/09/01 09:43:50 | 000,503,758 | ---- | M] () MD5=652E46500C149D1DC948BF9CEA8C4933 -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.EX_ >
[2004/08/10 14:00:00 | 000,037,895 | ---- | M] () MD5=F83009589844F0C30801CC2221F06AB9 -- C:\WINDOWS\I386\IEXPLORE.EX_
< MD5 for: IEXPLORE.EXE >
[2009/06/29 02:25:31 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=02E2754D3E566C11A4934825920C47DD -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[2008/12/19 00:25:25 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=030D78FE84A086ED376EFCBD2D72C522 -- C:\WINDOWS\ie7updates\KB963027-IE7\iexplore.exe
[2008/10/15 01:34:58 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=056C927CF7207857E8B34F7A8FFD9B9E -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[2010/12/20 06:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2009/04/25 00:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe
[2007/04/24 09:26:26 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=10BDB55982586A432A3951EB19A26009 -- C:\WINDOWS\ie7updates\KB937143-IE7\iexplore.exe
[2008/12/19 00:25:30 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=15E8A89499741D5CF59A9CF6463A4339 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[2008/04/22 03:02:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=197B7E4030CFBD8D2979D375E1787AA2 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[2008/08/23 00:56:15 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=1F03216084447F990AE797317D0A6E70 -- C:\WINDOWS\ie7updates\KB958215-IE7\iexplore.exe
[2010/06/17 10:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2008/04/22 02:40:18 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=232B22817B90AE0AFF2D189E3E3735AC -- C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
[2007/12/06 06:01:25 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2703D940A62B731AA220529DD7331A78 -- C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
[2007/06/27 03:27:30 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=275CEE268B9E5D82474C43D5D249D111 -- C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
[2008/02/29 03:55:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2D0E5592AB5A46C27DAF7CCAFF4F5B59 -- C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
[2009/08/27 00:18:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=332EC7562F3AA7364F2D4231C56DA986 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[2007/08/17 05:21:21 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=3AC2BC667DA0AF2C968E96E1630F5AB5 -- C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
[2009/06/29 03:35:10 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=3CFC56F73D494FC1AA2B6E981DF15ACD -- C:\WINDOWS\ie7updates\KB974455-IE7\iexplore.exe
[2009/10/28 01:54:16 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=4F9B04D546C23A295F3F0AE015BE51DB -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2006/10/17 14:04:40 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=5334D4461AA92A7B008755FE6D13C5F2 -- C:\WINDOWS\ie7updates\KB928090-IE7\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2007/08/17 05:12:49 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=5577D0E3AC2F9F035ACD81B44AF5F511 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
[2008/04/13 19:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2007/10/10 03:16:56 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=632BDE0179847234433CA50945442ACB -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
[2008/06/23 04:20:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=64E376A47763DAEABCDA14BD5B6EA286 -- C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
[2007/02/21 03:00:58 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=683DDE71BCF03B501B912D20CB93B549 -- C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe
[2008/02/22 04:40:22 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=6E0888626E0CAC79F57149814E22DB4D -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
[2010/10/18 06:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2009/10/28 01:54:21 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=80675329E0FD54F016C4F8A83C616349 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[2007/12/06 03:34:45 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=809D17D8FA0FDAEE07778CD821CAFFDE -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
[2007/01/08 19:08:42 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=93A6A4F5293AE19E3B37021AABCF0902 -- C:\WINDOWS\ie7updates\KB931768-IE7\iexplore.exe
[2007/04/24 09:20:41 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=9B3516C1F30DA17ADD3818573047D63C -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
[2008/10/15 02:06:26 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=9D3DB9ADFABD2F0BC778EC03250A3ABB -- C:\WINDOWS\ie7updates\KB961260-IE7\iexplore.exe
[2009/02/27 23:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=A251068640DDB69FD7805B57D89D7FF7 -- C:\WINDOWS\ie7updates\KB969897-IE7\iexplore.exe
[2010/06/17 09:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2010/02/23 00:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\ERDNT\cache\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2010/12/20 05:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2009/02/27 23:54:44 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=BCD8E48709BE4A79606F0B6E8E9A6162 -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe
[2007/06/27 04:16:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=BD8502DFD53FC24FB8D6929DC46B8C2C -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
[2009/04/25 00:27:39 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=C0503FD8D163652735C1EE900672A75C -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2008/06/23 03:23:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=C52A9EF571E91535EB78DB4B8B95EA07 -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[2010/02/23 00:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2007/02/28 01:51:34 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D321092F8529CDAE843D6E24E3CAC6CB -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
[2010/10/18 05:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2011/02/14 06:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 07:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie8\iexplore.exe
[2010/08/25 06:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2004/08/10 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\ie7\iexplore.exe
[2008/08/23 00:56:16 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=E8305C30D35E85D6657ED3E9934CB302 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[2007/10/10 05:59:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=E854D02E4231F704D9BE782A424E6D8B -- C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
[2010/08/25 06:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[2009/08/27 00:18:44 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F232BA9F39BC0F722672C7E79E68EBEA -- C:\WINDOWS\ie7updates\KB976325-IE7\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2006/10/17 14:04:26 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=E83C9C1F9DD9D47BB44871BFC7E69DDD -- C:\WINDOWS\ie8\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2011/07/21 21:41:03 | 000,060,614 | ---- | M] () MD5=E463B5BAAB84A206FA30DFC17E6BFA95 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HL_ >
[2004/08/10 14:00:00 | 000,059,881 | ---- | M] () MD5=D23388C8D5D82D4D1C3B0B6A256E3CB7 -- C:\WINDOWS\I386\IEXPLORE.HL_
< MD5 for: IEXPLORE.HLP >
[2004/08/10 14:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: WINLOGON.EX_ >
[2004/08/10 14:00:00 | 000,261,115 | ---- | M] () MD5=F41C4F5745589D0BB8268C02B71594CA -- C:\WINDOWS\I386\WINLOGON.EX_
< MD5 for: WINLOGON.EXE >
[2004/08/10 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< >
OTL Extras logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\ses2_client_bin_2_8_13g\seswiz.exe" = C:\ses2_client_bin_2_8_13g\seswiz.exe:*:Enabled:Wireless SecureEasySetup -- (Broadcom)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}" = ATI Catalyst Control Center
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C3EC6A8-28A1-AE6D-A6F7-5011C36DB1DB}" = McAfee Online Backup
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}" = Garmin Training Center
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{88B746D6-1956-4D98-BE82-46E45AAA5BC2}" = Garmin Training Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E394CC6D-9F54-41CC-9415-6FFF07885881}" = Garmin WebUpdater
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{FB3F4A45-D3F8-4A6B-8AEC-26BBB15ED0D1}" = Garmin ANT Agent
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"gtw_logo" = gtw_logo
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Mah Jong Medley" = Mah Jong Medley
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"MSC" = McAfee Internet Security
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"RealPlayer 6.0" = RealPlayer Basic
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WT010650" = FATE
"WT010655" = Tradewinds
"WT010661" = Polar Golfer
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Photos Easy Upload Tool" = Yahoo! Photos Easy Upload Tool
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/20/2011 3:25:11 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application Training Center.exe, version 3.6.3.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 3:25:43 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 3:25:45 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1336 (0x538) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All
Users\Application Data\McAfee\MCLOGS\log.ini by C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17018(2313)(0) 17017(0)(1) 7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2)
15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1424 (0x590) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\mcafee\SiteAdvisor\content.dat
by C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 17018(2766)(0) 17017(0)(1)
7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2) 15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 844 (0x34c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SYSTEM32\msctfime.ime
by **\STSYSTRA.EXE 17018(2140)(0) 17017(62)(1) 7007(62)(0) 5006(62)(0) 5004(62)(0)
5003(62)(0) 5002(62)(1) 15002(62)(0)
Error - 7/20/2011 11:05:22 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1372 (0x55c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe
by C:\WINDOWS\Explorer.EXE 4(16)(0) 4(16)(0) 7200(16)(0) 7595(16)(0) 7005(16)(0)
7004(16)(0) 5006(0)(0) 5004(0)(0)
Error - 7/20/2011 11:13:27 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application MOBK370conf.exe, version 1.16.6.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 11:14:44 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -2109236675.
Error - 7/21/2011 10:33:03 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2264 (0x8d8) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee.com\Agent\mcagent.exe
by C:\WINDOWS\system32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
[ System Events ]
Error - 7/21/2011 10:19:46 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/21/2011 10:26:15 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:30:38 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7022
Description = The McShield service hung on starting.
Error - 7/21/2011 10:30:45 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:33:22 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service COMSysApp with
arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the COM+ System Application
service to connect.
Error - 7/21/2011 10:36:06 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7000
Description = The COM+ System Application service failed to start due to the following
error: %%1053
Error - 7/21/2011 10:39:20 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:40:24 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
< End of report >
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
Register to Remove
#131
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 21 July 2011 - 09:26 PM
Hi,
Same result in safe mode aswMBR will not run, the scan is greyed out and mcaffee was disabled, so should not be that messin with it. Here are the OTL scans. goodnight!
OTL logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcupdmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\VirusScan\McInsUpd.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Garmin\gStart.exe (GARMIN Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\McAfee\SiteAdvisor\sahook.dll ()
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (MOBK370backup) -- C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
========== Driver Services (SafeList) ==========
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBK370Filter) -- C:\WINDOWS\system32\drivers\MOBK370.sys (Mozy, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ibahn:80
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/02 22:12:15 | 000,000,000 | ---D | M]
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011/07/03 12:43:45 | 000,434,745 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14987 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110517161831.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk = C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011/07/21 21:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/07/19 10:59:41 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/12 18:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/07/12 18:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/07/10 15:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/07/10 15:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/07/10 15:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/07/10 15:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/07/10 15:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/07/05 20:34:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/03 13:54:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/07/03 10:10:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\Application Data\SUPERAntiSpyware.com
[2011/07/03 10:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/07/03 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/07/03 08:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/03 08:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/07/03 08:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/07/02 18:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\My Documents\Limew
[2011/06/29 20:44:19 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:44:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/26 14:49:28 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/21 21:42:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/21 21:25:37 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/21 21:23:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/20 14:02:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/19 10:59:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/17 11:35:03 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/07/17 09:23:57 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/15 16:58:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/13 22:54:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/12 18:29:25 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/11 09:59:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/10 15:27:15 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/03 12:43:45 | 000,434,745 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/03 08:02:40 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 19:03:14 | 000,040,764 | ---- | M] () -- C:\WINDOWS\MOBK370.blk
[2011/07/02 19:03:13 | 000,003,352 | ---- | M] () -- C:\WINDOWS\MOBK370.flt
[2011/07/02 18:07:46 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/30 17:03:01 | 000,000,248 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\PaperBack Swap.com.url
[2011/06/29 20:42:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:42:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:42:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/29 20:42:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:42:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/26 17:47:17 | 000,000,237 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\My Documents\The SF Site Kim Stanley Robinson Reading List.url
[2011/06/26 14:49:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 18:29:25 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/10 15:27:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/10 15:27:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/03 08:02:40 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 18:07:46 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/26 14:49:56 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/06/26 14:49:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/16 19:48:00 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 21:26:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/04 22:05:39 | 000,028,792 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/06/07 13:09:54 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2007/05/26 16:27:56 | 000,002,206 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007/05/16 08:47:50 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/28 13:19:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/03/17 18:22:59 | 000,010,752 | -H-- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/08 21:08:45 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/11/08 15:47:14 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\fusioncache.dat
[2006/10/04 02:01:07 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2006/10/04 01:46:48 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/04 01:46:05 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2006/10/04 01:41:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/04 01:15:28 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/10/04 01:14:37 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/10/04 01:14:36 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/10/04 01:14:20 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/06/21 04:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 04:12:42 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2006/06/17 04:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/17 04:37:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/06/17 04:24:58 | 000,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 04:24:57 | 000,000,519 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/17 04:23:25 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/17 04:23:22 | 000,445,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/17 04:23:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/06/17 04:23:22 | 000,072,754 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/17 04:23:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/06/17 04:23:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/06/17 04:23:20 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/06/17 04:23:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/06/17 04:23:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/06/17 04:23:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/06/17 04:23:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/06/17 04:23:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/06/16 21:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/16 21:30:47 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/05 23:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/06/15 02:00:00 | 000,077,321 | ---- | C] () -- C:\WINDOWS\unins000.exe
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010/08/24 22:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/06/04 16:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008/01/29 11:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/10/04 01:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/07/17 09:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/10/04 01:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/02/11 19:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/27 17:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/11 09:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/11 17:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 15:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/01/29 11:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Eyeblaster
[2008/01/29 11:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GameHouse
[2011/06/04 16:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GARMIN
[2007/04/25 20:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\iWin
[2009/12/26 16:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\LimeWire
[2006/10/04 01:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\SampleView
[2008/04/22 06:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Smith Micro
[2006/02/11 19:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\WildTangent
[2006/11/08 15:46:50 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/16 15:00:06 | 001,901,643 | ---- | M] () -- C:\048401000290.rgn
[2006/10/04 01:38:40 | 000,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/10/04 02:01:06 | 000,000,090 | ---- | M] () -- C:\bcmwl5.log
[2006/11/08 15:46:51 | 000,000,221 | ---- | M] () -- C:\Boot.bak
[2011/06/16 19:33:01 | 000,000,337 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/02/09 19:30:55 | 000,014,692 | ---- | M] () -- C:\drwtsn32.log
[2009/04/21 13:45:04 | 000,012,718 | ---- | M] () -- C:\Forerunner_205_305_v290.txt
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2006/10/04 01:48:13 | 000,001,191 | ---- | M] () -- C:\IPH.PH
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2004/08/10 14:00:00 | 000,047,564 | R-S- | M] () -- C:\NTDETECT.COM
[2008/08/28 17:27:29 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/07/21 21:23:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2006/10/04 01:39:47 | 000,000,090 | ---- | M] () -- C:\powerdvd.log
[2006/10/04 01:41:30 | 000,000,191 | ---- | M] () -- C:\touchpad.log
[2007/02/07 04:57:38 | 000,720,896 | ---- | M] (GARMIN Corp.) -- C:\Updater.exe
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/06/17 04:40:30 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/03/22 17:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2007/07/22 15:44:54 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/06/16 21:30:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/06/16 21:30:11 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/06/16 21:30:11 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >
[2008/08/28 17:35:23 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
[2007/03/23 10:36:24 | 000,001,992 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
[2007/04/04 20:57:18 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Open Office Document.lnk
[2008/08/28 17:35:23 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
[2006/06/17 04:41:25 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
[2007/10/05 20:45:00 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >
< %USERPROFILE%\Deskuop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-14 04:18:38
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EX_ >
[2004/08/10 14:00:00 | 000,359,533 | ---- | M] () MD5=4F061B12F3D5457315A0314954E7EF46 -- C:\WINDOWS\I386\EXPLORER.EX_
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/10 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2011/07/21 21:25:46 | 000,022,806 | ---- | M] () MD5=78BB937199B20EB818235BFF8E79DA8C -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.HTM >
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\cs\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:25:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\da\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\de\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\el\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\es\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:08 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fi\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2003/09/15 14:06:02 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\hu\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\it\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ja\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ko\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\nl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:58 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\no\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pt-BR\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ru\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:14 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\sv\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:20 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\th\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\tr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHS\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHT\Help\wwhelp\wwhimpl\java\html\explorer.htm
< MD5 for: EXPLORER.SC_ >
[2004/08/10 14:00:00 | 000,000,181 | ---- | M] () MD5=BC5B38879C56DFBC05C8B5C43AC4D739 -- C:\WINDOWS\I386\EXPLORER.SC_
< MD5 for: EXPLORER.SCF >
[2004/08/10 14:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CH_ >
[2004/08/10 14:00:00 | 000,199,077 | ---- | M] () MD5=5F64795662F162CCD8B30969B6682029 -- C:\WINDOWS\I386\IEXPLORE.CH_
< MD5 for: IEXPLORE.CHM >
[2009/02/21 01:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2004/08/10 14:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie7\iexplore.chm
[2006/09/01 09:43:50 | 000,503,758 | ---- | M] () MD5=652E46500C149D1DC948BF9CEA8C4933 -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.EX_ >
[2004/08/10 14:00:00 | 000,037,895 | ---- | M] () MD5=F83009589844F0C30801CC2221F06AB9 -- C:\WINDOWS\I386\IEXPLORE.EX_
< MD5 for: IEXPLORE.EXE >
[2009/06/29 02:25:31 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=02E2754D3E566C11A4934825920C47DD -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[2008/12/19 00:25:25 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=030D78FE84A086ED376EFCBD2D72C522 -- C:\WINDOWS\ie7updates\KB963027-IE7\iexplore.exe
[2008/10/15 01:34:58 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=056C927CF7207857E8B34F7A8FFD9B9E -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[2010/12/20 06:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2009/04/25 00:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe
[2007/04/24 09:26:26 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=10BDB55982586A432A3951EB19A26009 -- C:\WINDOWS\ie7updates\KB937143-IE7\iexplore.exe
[2008/12/19 00:25:30 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=15E8A89499741D5CF59A9CF6463A4339 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[2008/04/22 03:02:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=197B7E4030CFBD8D2979D375E1787AA2 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[2008/08/23 00:56:15 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=1F03216084447F990AE797317D0A6E70 -- C:\WINDOWS\ie7updates\KB958215-IE7\iexplore.exe
[2010/06/17 10:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2008/04/22 02:40:18 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=232B22817B90AE0AFF2D189E3E3735AC -- C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
[2007/12/06 06:01:25 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2703D940A62B731AA220529DD7331A78 -- C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
[2007/06/27 03:27:30 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=275CEE268B9E5D82474C43D5D249D111 -- C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
[2008/02/29 03:55:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2D0E5592AB5A46C27DAF7CCAFF4F5B59 -- C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
[2009/08/27 00:18:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=332EC7562F3AA7364F2D4231C56DA986 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[2007/08/17 05:21:21 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=3AC2BC667DA0AF2C968E96E1630F5AB5 -- C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
[2009/06/29 03:35:10 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=3CFC56F73D494FC1AA2B6E981DF15ACD -- C:\WINDOWS\ie7updates\KB974455-IE7\iexplore.exe
[2009/10/28 01:54:16 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=4F9B04D546C23A295F3F0AE015BE51DB -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2006/10/17 14:04:40 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=5334D4461AA92A7B008755FE6D13C5F2 -- C:\WINDOWS\ie7updates\KB928090-IE7\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2007/08/17 05:12:49 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=5577D0E3AC2F9F035ACD81B44AF5F511 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
[2008/04/13 19:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2007/10/10 03:16:56 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=632BDE0179847234433CA50945442ACB -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
[2008/06/23 04:20:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=64E376A47763DAEABCDA14BD5B6EA286 -- C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
[2007/02/21 03:00:58 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=683DDE71BCF03B501B912D20CB93B549 -- C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe
[2008/02/22 04:40:22 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=6E0888626E0CAC79F57149814E22DB4D -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
[2010/10/18 06:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2009/10/28 01:54:21 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=80675329E0FD54F016C4F8A83C616349 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[2007/12/06 03:34:45 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=809D17D8FA0FDAEE07778CD821CAFFDE -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
[2007/01/08 19:08:42 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=93A6A4F5293AE19E3B37021AABCF0902 -- C:\WINDOWS\ie7updates\KB931768-IE7\iexplore.exe
[2007/04/24 09:20:41 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=9B3516C1F30DA17ADD3818573047D63C -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
[2008/10/15 02:06:26 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=9D3DB9ADFABD2F0BC778EC03250A3ABB -- C:\WINDOWS\ie7updates\KB961260-IE7\iexplore.exe
[2009/02/27 23:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=A251068640DDB69FD7805B57D89D7FF7 -- C:\WINDOWS\ie7updates\KB969897-IE7\iexplore.exe
[2010/06/17 09:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2010/02/23 00:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\ERDNT\cache\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2010/12/20 05:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2009/02/27 23:54:44 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=BCD8E48709BE4A79606F0B6E8E9A6162 -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe
[2007/06/27 04:16:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=BD8502DFD53FC24FB8D6929DC46B8C2C -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
[2009/04/25 00:27:39 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=C0503FD8D163652735C1EE900672A75C -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2008/06/23 03:23:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=C52A9EF571E91535EB78DB4B8B95EA07 -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[2010/02/23 00:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2007/02/28 01:51:34 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D321092F8529CDAE843D6E24E3CAC6CB -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
[2010/10/18 05:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2011/02/14 06:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 07:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie8\iexplore.exe
[2010/08/25 06:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2004/08/10 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\ie7\iexplore.exe
[2008/08/23 00:56:16 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=E8305C30D35E85D6657ED3E9934CB302 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[2007/10/10 05:59:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=E854D02E4231F704D9BE782A424E6D8B -- C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
[2010/08/25 06:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[2009/08/27 00:18:44 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F232BA9F39BC0F722672C7E79E68EBEA -- C:\WINDOWS\ie7updates\KB976325-IE7\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2006/10/17 14:04:26 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=E83C9C1F9DD9D47BB44871BFC7E69DDD -- C:\WINDOWS\ie8\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2011/07/21 21:41:03 | 000,060,614 | ---- | M] () MD5=E463B5BAAB84A206FA30DFC17E6BFA95 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HL_ >
[2004/08/10 14:00:00 | 000,059,881 | ---- | M] () MD5=D23388C8D5D82D4D1C3B0B6A256E3CB7 -- C:\WINDOWS\I386\IEXPLORE.HL_
< MD5 for: IEXPLORE.HLP >
[2004/08/10 14:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: WINLOGON.EX_ >
[2004/08/10 14:00:00 | 000,261,115 | ---- | M] () MD5=F41C4F5745589D0BB8268C02B71594CA -- C:\WINDOWS\I386\WINLOGON.EX_
< MD5 for: WINLOGON.EXE >
[2004/08/10 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< >
OTL Extras logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\ses2_client_bin_2_8_13g\seswiz.exe" = C:\ses2_client_bin_2_8_13g\seswiz.exe:*:Enabled:Wireless SecureEasySetup -- (Broadcom)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}" = ATI Catalyst Control Center
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C3EC6A8-28A1-AE6D-A6F7-5011C36DB1DB}" = McAfee Online Backup
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}" = Garmin Training Center
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{88B746D6-1956-4D98-BE82-46E45AAA5BC2}" = Garmin Training Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E394CC6D-9F54-41CC-9415-6FFF07885881}" = Garmin WebUpdater
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{FB3F4A45-D3F8-4A6B-8AEC-26BBB15ED0D1}" = Garmin ANT Agent
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"gtw_logo" = gtw_logo
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Mah Jong Medley" = Mah Jong Medley
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"MSC" = McAfee Internet Security
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"RealPlayer 6.0" = RealPlayer Basic
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WT010650" = FATE
"WT010655" = Tradewinds
"WT010661" = Polar Golfer
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Photos Easy Upload Tool" = Yahoo! Photos Easy Upload Tool
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/20/2011 3:25:11 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application Training Center.exe, version 3.6.3.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 3:25:43 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 3:25:45 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1336 (0x538) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All
Users\Application Data\McAfee\MCLOGS\log.ini by C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17018(2313)(0) 17017(0)(1) 7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2)
15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1424 (0x590) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\mcafee\SiteAdvisor\content.dat
by C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 17018(2766)(0) 17017(0)(1)
7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2) 15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 844 (0x34c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SYSTEM32\msctfime.ime
by **\STSYSTRA.EXE 17018(2140)(0) 17017(62)(1) 7007(62)(0) 5006(62)(0) 5004(62)(0)
5003(62)(0) 5002(62)(1) 15002(62)(0)
Error - 7/20/2011 11:05:22 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1372 (0x55c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe
by C:\WINDOWS\Explorer.EXE 4(16)(0) 4(16)(0) 7200(16)(0) 7595(16)(0) 7005(16)(0)
7004(16)(0) 5006(0)(0) 5004(0)(0)
Error - 7/20/2011 11:13:27 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application MOBK370conf.exe, version 1.16.6.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 11:14:44 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -2109236675.
Error - 7/21/2011 10:33:03 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2264 (0x8d8) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee.com\Agent\mcagent.exe
by C:\WINDOWS\system32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
[ System Events ]
Error - 7/21/2011 10:19:46 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/21/2011 10:26:15 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:30:38 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7022
Description = The McShield service hung on starting.
Error - 7/21/2011 10:30:45 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:33:22 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service COMSysApp with
arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the COM+ System Application
service to connect.
Error - 7/21/2011 10:36:06 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7000
Description = The COM+ System Application service failed to start due to the following
error: %%1053
Error - 7/21/2011 10:39:20 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:40:24 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
< End of report >
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
Same result in safe mode aswMBR will not run, the scan is greyed out and mcaffee was disabled, so should not be that messin with it. Here are the OTL scans. goodnight!
OTL logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcupdmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\VirusScan\McInsUpd.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Garmin\gStart.exe (GARMIN Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\McAfee\SiteAdvisor\sahook.dll ()
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (MOBK370backup) -- C:\Program Files\McAfee Online Backup\MOBK370backup.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
========== Driver Services (SafeList) ==========
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBK370Filter) -- C:\WINDOWS\system32\drivers\MOBK370.sys (Mozy, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ibahn:80
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/02 22:12:15 | 000,000,000 | ---D | M]
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions
[2009/12/26 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Miguel\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011/07/03 12:43:45 | 000,434,745 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14987 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110517161831.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk = C:\Program Files\McAfee Online Backup\MOBK370stat.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011/07/21 21:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/07/19 10:59:41 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/12 18:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/07/12 18:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/07/10 15:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/07/10 15:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/07/10 15:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/07/10 15:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/07/10 15:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/07/05 20:34:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/03 13:54:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/07/03 12:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/07/03 10:10:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\Application Data\SUPERAntiSpyware.com
[2011/07/03 10:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/07/03 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/07/03 08:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/03 08:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/07/03 08:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/07/02 18:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Miguel\My Documents\Limew
[2011/06/29 20:44:19 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:44:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:44:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/26 14:49:28 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/21 21:42:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/21 21:25:37 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/21 21:23:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/20 14:02:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/19 10:59:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Miguel\Desktop\OTL.exe
[2011/07/19 08:28:02 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner.Miguel\Desktop\aswMBR.exe
[2011/07/17 11:35:03 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/07/17 09:23:57 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/15 16:58:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/13 22:54:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/12 18:29:25 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/11 09:59:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/10 15:27:15 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/03 12:43:45 | 000,434,745 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/03 08:02:40 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 19:03:14 | 000,040,764 | ---- | M] () -- C:\WINDOWS\MOBK370.blk
[2011/07/02 19:03:13 | 000,003,352 | ---- | M] () -- C:\WINDOWS\MOBK370.flt
[2011/07/02 18:07:46 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/30 17:03:01 | 000,000,248 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Desktop\PaperBack Swap.com.url
[2011/06/29 20:42:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 20:42:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 20:42:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/29 20:42:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/29 20:42:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/26 17:47:17 | 000,000,237 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\My Documents\The SF Site Kim Stanley Robinson Reading List.url
[2011/06/26 14:49:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 18:29:25 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/07/12 18:29:24 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/07/10 15:27:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/07/10 15:27:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/03 08:02:40 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\SpywareBlaster.lnk
[2011/07/02 18:07:46 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Desktop\BookMooch Member Home.url
[2011/06/26 14:49:56 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/06/26 14:49:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/16 19:48:00 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 21:26:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/04 22:05:39 | 000,028,792 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/06/07 13:09:54 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2007/05/26 16:27:56 | 000,002,206 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007/05/16 08:47:50 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/28 13:19:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/03/17 18:22:59 | 000,010,752 | -H-- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/08 21:08:45 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/11/08 15:47:14 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Owner.Miguel\Local Settings\Application Data\fusioncache.dat
[2006/10/04 02:01:07 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2006/10/04 01:46:48 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/04 01:46:05 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2006/10/04 01:41:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/04 01:15:28 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/10/04 01:14:37 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/10/04 01:14:36 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/10/04 01:14:20 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/06/21 04:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 04:12:42 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2006/06/17 04:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/17 04:37:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/06/17 04:24:58 | 000,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 04:24:57 | 000,000,519 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/17 04:23:25 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/17 04:23:22 | 000,445,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/17 04:23:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/06/17 04:23:22 | 000,072,754 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/17 04:23:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/06/17 04:23:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/06/17 04:23:20 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/06/17 04:23:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/06/17 04:23:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/06/17 04:23:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/06/17 04:23:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/06/17 04:23:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/06/16 21:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/16 21:30:47 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/05 23:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/06/15 02:00:00 | 000,077,321 | ---- | C] () -- C:\WINDOWS\unins000.exe
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010/08/24 22:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/06/04 16:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008/01/29 11:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/10/04 01:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/07/17 09:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/10/04 01:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/02/11 19:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/27 17:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/11 09:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/11 17:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 15:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/01/29 11:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Eyeblaster
[2008/01/29 11:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GameHouse
[2011/06/04 16:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\GARMIN
[2007/04/25 20:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\iWin
[2009/12/26 16:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\LimeWire
[2006/10/04 01:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\SampleView
[2008/04/22 06:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\Smith Micro
[2006/02/11 19:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Miguel\Application Data\WildTangent
[2006/11/08 15:46:50 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/16 15:00:06 | 001,901,643 | ---- | M] () -- C:\048401000290.rgn
[2006/10/04 01:38:40 | 000,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/10/04 02:01:06 | 000,000,090 | ---- | M] () -- C:\bcmwl5.log
[2006/11/08 15:46:51 | 000,000,221 | ---- | M] () -- C:\Boot.bak
[2011/06/16 19:33:01 | 000,000,337 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr
[2006/06/17 04:41:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/02/09 19:30:55 | 000,014,692 | ---- | M] () -- C:\drwtsn32.log
[2009/04/21 13:45:04 | 000,012,718 | ---- | M] () -- C:\Forerunner_205_305_v290.txt
[2011/07/21 21:23:44 | 2011,279,360 | -HS- | M] () -- C:\hiberfil.sys
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2006/10/04 01:48:13 | 000,001,191 | ---- | M] () -- C:\IPH.PH
[2006/06/17 04:41:16 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2004/08/10 14:00:00 | 000,047,564 | R-S- | M] () -- C:\NTDETECT.COM
[2008/08/28 17:27:29 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/07/21 21:23:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2006/10/04 01:39:47 | 000,000,090 | ---- | M] () -- C:\powerdvd.log
[2006/10/04 01:41:30 | 000,000,191 | ---- | M] () -- C:\touchpad.log
[2007/02/07 04:57:38 | 000,720,896 | ---- | M] (GARMIN Corp.) -- C:\Updater.exe
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/06/17 04:40:30 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/03/22 17:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2007/07/22 15:44:54 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Owner.Miguel\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/06/16 21:30:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/06/16 21:30:11 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/06/16 21:30:11 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >
[2008/08/28 17:35:23 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
[2007/03/23 10:36:24 | 000,001,992 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
[2007/04/04 20:57:18 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Open Office Document.lnk
[2008/08/28 17:35:23 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
[2006/06/17 04:41:25 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
[2007/10/05 20:45:00 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >
< %USERPROFILE%\Deskuop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-14 04:18:38
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EX_ >
[2004/08/10 14:00:00 | 000,359,533 | ---- | M] () MD5=4F061B12F3D5457315A0314954E7EF46 -- C:\WINDOWS\I386\EXPLORER.EX_
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/10 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2011/07/21 21:25:46 | 000,022,806 | ---- | M] () MD5=78BB937199B20EB818235BFF8E79DA8C -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.HTM >
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\cs\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:25:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\da\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\de\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\el\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\es\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:08 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fi\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\fr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2003/09/15 14:06:02 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\hu\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\it\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ja\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:42 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ko\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\nl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:26:58 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\no\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pl\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\pt-BR\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\ru\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:14 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\sv\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:27:20 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\th\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/20 17:42:18 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\tr\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHS\Help\wwhelp\wwhimpl\java\html\explorer.htm
[2005/01/19 18:44:52 | 000,002,057 | ---- | M] () MD5=0768146E197314BF50A1E3E5E89892F1 -- C:\Program Files\ATI Technologies\ATI.ACE\zh-CHT\Help\wwhelp\wwhimpl\java\html\explorer.htm
< MD5 for: EXPLORER.SC_ >
[2004/08/10 14:00:00 | 000,000,181 | ---- | M] () MD5=BC5B38879C56DFBC05C8B5C43AC4D739 -- C:\WINDOWS\I386\EXPLORER.SC_
< MD5 for: EXPLORER.SCF >
[2004/08/10 14:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CH_ >
[2004/08/10 14:00:00 | 000,199,077 | ---- | M] () MD5=5F64795662F162CCD8B30969B6682029 -- C:\WINDOWS\I386\IEXPLORE.CH_
< MD5 for: IEXPLORE.CHM >
[2009/02/21 01:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2004/08/10 14:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie7\iexplore.chm
[2006/09/01 09:43:50 | 000,503,758 | ---- | M] () MD5=652E46500C149D1DC948BF9CEA8C4933 -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.EX_ >
[2004/08/10 14:00:00 | 000,037,895 | ---- | M] () MD5=F83009589844F0C30801CC2221F06AB9 -- C:\WINDOWS\I386\IEXPLORE.EX_
< MD5 for: IEXPLORE.EXE >
[2009/06/29 02:25:31 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=02E2754D3E566C11A4934825920C47DD -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[2008/12/19 00:25:25 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=030D78FE84A086ED376EFCBD2D72C522 -- C:\WINDOWS\ie7updates\KB963027-IE7\iexplore.exe
[2008/10/15 01:34:58 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=056C927CF7207857E8B34F7A8FFD9B9E -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[2010/12/20 06:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2009/04/25 00:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe
[2007/04/24 09:26:26 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=10BDB55982586A432A3951EB19A26009 -- C:\WINDOWS\ie7updates\KB937143-IE7\iexplore.exe
[2008/12/19 00:25:30 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=15E8A89499741D5CF59A9CF6463A4339 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[2008/04/22 03:02:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=197B7E4030CFBD8D2979D375E1787AA2 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[2008/08/23 00:56:15 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=1F03216084447F990AE797317D0A6E70 -- C:\WINDOWS\ie7updates\KB958215-IE7\iexplore.exe
[2010/06/17 10:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2008/04/22 02:40:18 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=232B22817B90AE0AFF2D189E3E3735AC -- C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
[2007/12/06 06:01:25 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2703D940A62B731AA220529DD7331A78 -- C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
[2007/06/27 03:27:30 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=275CEE268B9E5D82474C43D5D249D111 -- C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
[2008/02/29 03:55:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2D0E5592AB5A46C27DAF7CCAFF4F5B59 -- C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
[2009/08/27 00:18:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=332EC7562F3AA7364F2D4231C56DA986 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[2007/08/17 05:21:21 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=3AC2BC667DA0AF2C968E96E1630F5AB5 -- C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
[2009/06/29 03:35:10 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=3CFC56F73D494FC1AA2B6E981DF15ACD -- C:\WINDOWS\ie7updates\KB974455-IE7\iexplore.exe
[2009/10/28 01:54:16 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=4F9B04D546C23A295F3F0AE015BE51DB -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2006/10/17 14:04:40 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=5334D4461AA92A7B008755FE6D13C5F2 -- C:\WINDOWS\ie7updates\KB928090-IE7\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2007/08/17 05:12:49 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=5577D0E3AC2F9F035ACD81B44AF5F511 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
[2008/04/13 19:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2007/10/10 03:16:56 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=632BDE0179847234433CA50945442ACB -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
[2008/06/23 04:20:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=64E376A47763DAEABCDA14BD5B6EA286 -- C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
[2007/02/21 03:00:58 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=683DDE71BCF03B501B912D20CB93B549 -- C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe
[2008/02/22 04:40:22 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=6E0888626E0CAC79F57149814E22DB4D -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
[2010/10/18 06:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2009/10/28 01:54:21 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=80675329E0FD54F016C4F8A83C616349 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[2007/12/06 03:34:45 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=809D17D8FA0FDAEE07778CD821CAFFDE -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
[2007/01/08 19:08:42 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=93A6A4F5293AE19E3B37021AABCF0902 -- C:\WINDOWS\ie7updates\KB931768-IE7\iexplore.exe
[2007/04/24 09:20:41 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=9B3516C1F30DA17ADD3818573047D63C -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
[2008/10/15 02:06:26 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=9D3DB9ADFABD2F0BC778EC03250A3ABB -- C:\WINDOWS\ie7updates\KB961260-IE7\iexplore.exe
[2009/02/27 23:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=A251068640DDB69FD7805B57D89D7FF7 -- C:\WINDOWS\ie7updates\KB969897-IE7\iexplore.exe
[2010/06/17 09:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2010/02/23 00:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\ERDNT\cache\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2010/12/20 05:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2009/02/27 23:54:44 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=BCD8E48709BE4A79606F0B6E8E9A6162 -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe
[2007/06/27 04:16:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=BD8502DFD53FC24FB8D6929DC46B8C2C -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
[2009/04/25 00:27:39 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=C0503FD8D163652735C1EE900672A75C -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2008/06/23 03:23:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=C52A9EF571E91535EB78DB4B8B95EA07 -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[2010/02/23 00:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2007/02/28 01:51:34 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D321092F8529CDAE843D6E24E3CAC6CB -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
[2010/10/18 05:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2011/02/14 06:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 07:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie8\iexplore.exe
[2010/08/25 06:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2004/08/10 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\ie7\iexplore.exe
[2008/08/23 00:56:16 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=E8305C30D35E85D6657ED3E9934CB302 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[2007/10/10 05:59:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=E854D02E4231F704D9BE782A424E6D8B -- C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
[2010/08/25 06:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[2009/08/27 00:18:44 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F232BA9F39BC0F722672C7E79E68EBEA -- C:\WINDOWS\ie7updates\KB976325-IE7\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2006/10/17 14:04:26 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=E83C9C1F9DD9D47BB44871BFC7E69DDD -- C:\WINDOWS\ie8\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2011/07/21 21:41:03 | 000,060,614 | ---- | M] () MD5=E463B5BAAB84A206FA30DFC17E6BFA95 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HL_ >
[2004/08/10 14:00:00 | 000,059,881 | ---- | M] () MD5=D23388C8D5D82D4D1C3B0B6A256E3CB7 -- C:\WINDOWS\I386\IEXPLORE.HL_
< MD5 for: IEXPLORE.HLP >
[2004/08/10 14:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: WINLOGON.EX_ >
[2004/08/10 14:00:00 | 000,261,115 | ---- | M] () MD5=F41C4F5745589D0BB8268C02B71594CA -- C:\WINDOWS\I386\WINLOGON.EX_
< MD5 for: WINLOGON.EXE >
[2004/08/10 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< >
OTL Extras logfile created on: 7/21/2011 9:51:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Owner.Miguel\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 66.37% Memory free
3.72 Gb Paging File | 3.07 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.20 Gb Total Space | 99.47 Gb Free Space | 69.95% Space Free | Partition Type: NTFS
Drive D: | 6.83 Gb Total Space | 4.83 Gb Free Space | 70.72% Space Free | Partition Type: FAT32
Computer Name: MIGUEL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\ses2_client_bin_2_8_13g\seswiz.exe" = C:\ses2_client_bin_2_8_13g\seswiz.exe:*:Enabled:Wireless SecureEasySetup -- (Broadcom)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}" = ATI Catalyst Control Center
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C3EC6A8-28A1-AE6D-A6F7-5011C36DB1DB}" = McAfee Online Backup
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}" = Garmin Training Center
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{88B746D6-1956-4D98-BE82-46E45AAA5BC2}" = Garmin Training Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E394CC6D-9F54-41CC-9415-6FFF07885881}" = Garmin WebUpdater
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{FB3F4A45-D3F8-4A6B-8AEC-26BBB15ED0D1}" = Garmin ANT Agent
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"gtw_logo" = gtw_logo
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Mah Jong Medley" = Mah Jong Medley
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"MSC" = McAfee Internet Security
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"RealPlayer 6.0" = RealPlayer Basic
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WT010650" = FATE
"WT010655" = Tradewinds
"WT010661" = Polar Golfer
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Photos Easy Upload Tool" = Yahoo! Photos Easy Upload Tool
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/20/2011 3:25:11 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application Training Center.exe, version 3.6.3.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 3:25:43 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 3:25:45 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -1803583187.
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1336 (0x538) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All
Users\Application Data\McAfee\MCLOGS\log.ini by C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17018(2313)(0) 17017(0)(1) 7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2)
15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1424 (0x590) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\mcafee\SiteAdvisor\content.dat
by C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 17018(2766)(0) 17017(0)(1)
7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(2) 15002(0)(0)
Error - 7/20/2011 10:08:29 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 844 (0x34c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SYSTEM32\msctfime.ime
by **\STSYSTRA.EXE 17018(2140)(0) 17017(62)(1) 7007(62)(0) 5006(62)(0) 5004(62)(0)
5003(62)(0) 5002(62)(1) 15002(62)(0)
Error - 7/20/2011 11:05:22 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1372 (0x55c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe
by C:\WINDOWS\Explorer.EXE 4(16)(0) 4(16)(0) 7200(16)(0) 7595(16)(0) 7005(16)(0)
7004(16)(0) 5006(0)(0) 5004(0)(0)
Error - 7/20/2011 11:13:27 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1002
Description = Hanging application MOBK370conf.exe, version 1.16.6.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/20/2011 11:14:44 PM | Computer Name = MIGUEL | Source = Application Hang | ID = 1001
Description = Fault bucket -2109236675.
Error - 7/21/2011 10:33:03 PM | Computer Name = MIGUEL | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2264 (0x8d8) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee.com\Agent\mcagent.exe
by C:\WINDOWS\system32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
[ System Events ]
Error - 7/21/2011 10:19:46 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/21/2011 10:26:15 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:30:38 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7022
Description = The McShield service hung on starting.
Error - 7/21/2011 10:30:45 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:33:22 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service COMSysApp with
arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
Error - 7/21/2011 10:36:05 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the COM+ System Application
service to connect.
Error - 7/21/2011 10:36:06 PM | Computer Name = MIGUEL | Source = Service Control Manager | ID = 7000
Description = The COM+ System Application service failed to start due to the following
error: %%1053
Error - 7/21/2011 10:39:20 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
Error - 7/21/2011 10:40:24 PM | Computer Name = MIGUEL | Source = DCOM | ID = 10010
Description = The server {209500FC-6B45-4693-8871-6296C4843751} did not register
with DCOM within the required timeout.
< End of report >
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
#132
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 21 July 2011 - 10:31 PM
Hi wilma1313,
Everything looks fine in the OTL log. I just downloaded a copy of aswmbr.exe and it ran fine. It did take it a bit to ask if I wanted to download the definitions during which time the scan button was greyed out. Do you get to the point where it asks to download the definitions?
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.
#133
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 22 July 2011 - 07:25 AM
nope, I will pull it up and let it be while I go to an appt and see what it says when I get hojme....
#134
oldman960
-
- Retired Classroom Teacher
-
- 14,770 posts
Forum God
Posted 22 July 2011 - 09:23 AM
Hi wilma1313,
Ok. It may be a corrupted download, I've had that happen.
Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself
Microsoft MVP 2011-2015
Threads will be closed if no response after 5 days.
#135
wilma1313
-
- Authentic Member
-
- 386 posts
Silver Member
Posted 22 July 2011 - 09:55 AM
Amazingly enough this time it very quickly asked about downloading the definitions 9which never happened at all before) so was able to scan and it had not finished when I left for appt so let it run, and came home and the computer had shut down, no log files.
Trying again, but have to leave again, so if its shut down when I get back will try it in safe mode.
I'm ready to throw both the computers out the window today. Mine is slow, but its because Mcaffee is trying to do its weekly scan -- it keeps hanging up. 
Will post back later whatever happens with his scan.
Will post back later whatever happens with his scan.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
