Thanks for the welcome, and I appreciate your help very much.
To answer your question about Anti Virus. At this time, this machine does not have an Anti Virus program installed. On 11/3 I will be switching ISP and adding ATT Security Suite. Do you feel that I should install a seperate program? I just want the best protection for my pc and can do what is recommended.
I have followed your instructions and the results are as follows.
GMER 1.0.15.15163 -
http://www.gmer.net
Rootkit scan 2009-11-01 20:16:37
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Skyler\LOCALS~1\Temp\pxtdipow.sys
---- System - GMER 1.0.15 ----
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF861687E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF8616BFE]
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2408 80501C40 2 Bytes [7E, 68] {JLE 0x6a}
.text ntkrnlpa.exe!ZwCallbackReturn + 2740 80501F78 2 Bytes [FE, 6B]
? System32\Drivers\hiber_WMILIB.SYS The system cannot find the path specified. !
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Tcpip \Device\Tcp fio32.sys (FIO32/FIO32)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 11/1/2009 8:21:47 PM - Run 1
OTL by OldTimer - Version 3.1.2.0 Folder = E:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.48 Mb Total Physical Memory | 203.60 Mb Available Physical Memory | 39.88% Memory free
1.22 Gb Paging File | 0.94 Gb Available in Paging File | 76.90% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 63.42 Gb Free Space | 85.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 495.72 Mb Total Space | 486.04 Mb Free Space | 98.05% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TH
Current User Name: Skyler
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - E:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\HPQ\Shared\hpqwmi.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - C:\WINDOWS\system32\fio32.dll ()
SRV - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - C:\Program Files\HPQ\Shared\hpqwmi.exe (Hewlett-Packard Development Company, L.P.)
SRV - C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
SRV - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - C:\WINDOWS\system32\drivers\fio32.sys (FIO32)
DRV - C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - C:\WINDOWS\system32\drivers\usbaapl.sys (Apple, Inc.)
DRV - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant)
DRV - C:\WINDOWS\system32\drivers\HSFHWATI.sys (Conexant Systems, Inc.)
DRV - C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.)
DRV - C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.)
DRV - C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - C:\WINDOWS\system32\drivers\MRV8335XP.sys (Marvell Semiconductor, Inc)
DRV - C:\WINDOWS\system32\drivers\odysseyIM4.sys (Funk Software, Inc.)
DRV - C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Company)
DRV - C:\WINDOWS\system32\CBTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Company)
DRV - C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
DRV - C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
========== Modules (SafeList) ==========
MOD - E:\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.messenger-inquirer.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch =
http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.omuonline.net"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
[2005/12/27 00:08:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Mozilla\Firefox\Profiles\xyqphy8q.default\extensions
[2009/09/16 19:17:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/16 19:17:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Mozilla\Extensions
[2009/09/16 19:17:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Mozilla\Extensions
[2009/09/16 19:17:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2005/12/27 00:08:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Mozilla\Firefox\Profiles\xyqphy8q.default\extensions
[2009/02/23 18:57:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2009/09/17 12:03:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/09/17 12:03:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/23 18:57:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2006/09/03 13:12:48 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2007/01/09 13:03:02 | 00,658,056 | ---- | M] (Move Networks) -- C:\Program Files\Mozilla Firefox\plugins\npmnqmp07010901.dll
[2006/07/27 02:05:47 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2007/03/22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
O1 HOSTS File: (348853 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11962 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/10/31 07:58:26 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Skyler\Desktop\HiJackThis.exe
[2009/10/30 10:40:35 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/30 10:35:24 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/30 10:34:32 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/10/30 10:34:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/10/29 16:21:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Skyler\Application Data\Malwarebytes
[2009/10/29 11:39:18 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/29 11:39:16 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/29 11:39:16 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/29 11:39:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/28 14:07:30 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/28 14:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/10/27 09:51:10 | 00,000,000 | ---D | C] -- C:\Program Files\CS
[2009/10/27 09:26:43 | 00,056,064 | ---- | C] (FIO32) -- C:\WINDOWS\System32\drivers\fio32.sys
[2009/10/19 08:21:12 | 00,176,640 | ---- | C] (Lexmark) -- C:\WINDOWS\System32\LXROSUI.DLL
[2009/10/19 08:09:38 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/10/19 08:09:38 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/10/19 08:04:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Skyler\My Documents\My eBooks
[2009/10/11 06:10:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/11 06:09:52 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/10/11 06:07:35 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/10/11 06:07:22 | 02,065,696 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2009/10/11 06:07:22 | 00,040,448 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\drivers\usbaapl.sys
[2009/10/11 06:07:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/10/11 06:07:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/10/11 03:09:10 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Skyler\Recent
[2009/10/05 10:25:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Skyler\Application Data\DriverCure
[2009/10/05 10:24:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/10/05 10:24:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/10/03 22:48:44 | 00,000,000 | ---D | C] -- C:\users
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/01 11:56:03 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2009/11/01 11:07:49 | 06,815,744 | ---- | M] () -- C:\Documents and Settings\Skyler\ntuser.dat
[2009/11/01 11:05:22 | 00,282,833 | ---- | M] () -- C:\Documents and Settings\Skyler\Desktop\gmer.zip
[2009/10/31 07:46:37 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/31 07:42:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/31 07:41:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/31 07:41:33 | 53,535,1296 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/31 07:40:58 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Skyler\Desktop\HiJackThis.exe
[2009/10/30 22:22:12 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Skyler\ntuser.ini
[2009/10/30 10:35:23 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/29 17:03:48 | 00,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/10/28 15:15:30 | 00,004,895 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/10/28 13:52:35 | 00,013,312 | ---- | M] () -- C:\WINDOWS\rdr_1256759482.exe
[2009/10/28 13:32:16 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465448.xxe
[2009/10/28 13:32:00 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465249.xxe
[2009/10/28 13:32:00 | 00,000,001 | -H-- | M] () -- C:\WINDOWS\tgm2.dat
[2009/10/28 13:31:45 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465349.xxe
[2009/10/28 13:31:45 | 00,000,001 | -H-- | M] () -- C:\WINDOWS\hpm2.dat
[2009/10/28 13:31:28 | 00,000,001 | -H-- | M] () -- C:\WINDOWS\bx4657.dat
[2009/10/28 13:31:27 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465649.xxe
[2009/10/27 18:48:43 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465055.xxe
[2009/10/27 09:26:54 | 00,000,001 | ---- | M] () -- C:\WINDOWS\fdgg34353edfgdfdf
[2009/10/27 09:26:43 | 00,056,064 | ---- | M] (FIO32) -- C:\WINDOWS\System32\drivers\fio32.sys
[2009/10/27 09:26:43 | 00,051,200 | ---- | M] () -- C:\WINDOWS\System32\fio32.dll
[2009/10/27 09:26:30 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465050.xxe
[2009/10/27 09:26:29 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101465248.xxe
[2009/10/27 09:26:29 | 00,000,001 | -H-- | M] () -- C:\WINDOWS\bk23567.dat
[2009/10/27 09:26:28 | 00,000,002 | ---- | M] () -- C:\WINDOWS\0101120101464955.xxe
[2009/10/27 09:26:28 | 00,000,002 | ---- | M] () -- C:\WINDOWS\010112010146116101.xxe
[2009/10/24 20:12:54 | 00,001,405 | ---- | M] () -- C:\WINDOWS\checkip.dat
[2009/10/23 12:46:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/22 23:33:00 | 00,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2009/10/16 18:14:31 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/16 13:22:44 | 00,291,328 | ---- | M] () -- C:\Documents and Settings\Skyler\Desktop\gmer.exe
[2009/10/14 17:17:51 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/11 22:08:04 | 00,444,802 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/11 22:08:04 | 00,384,698 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/11 22:08:04 | 00,054,528 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/11 17:47:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\pcfriend.INI
[2009/10/11 06:08:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/10/11 06:08:51 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/10/11 03:20:50 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\Skyler\Desktop\Windows Media Player.lnk
[2009/10/11 03:20:14 | 00,036,864 | ---- | M] () -- C:\Documents and Settings\Skyler\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/11 02:13:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\muveeapp.INI
[2009/10/07 08:35:52 | 06,944,254 | -H-- | M] () -- C:\Documents and Settings\Skyler\Local Settings\Application Data\IconCache.db
[2009/10/04 16:47:27 | 00,093,640 | ---- | M] () -- C:\Documents and Settings\Skyler\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/01 11:06:50 | 00,282,833 | ---- | C] () -- C:\Documents and Settings\Skyler\Desktop\gmer.zip
[2009/10/30 11:20:39 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/30 10:46:12 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/30 10:35:23 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/28 14:36:34 | 00,004,895 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/10/28 13:52:35 | 00,013,312 | ---- | C] () -- C:\WINDOWS\rdr_1256759482.exe
[2009/10/28 13:32:16 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465448.xxe
[2009/10/28 13:32:00 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465249.xxe
[2009/10/28 13:32:00 | 00,000,001 | -H-- | C] () -- C:\WINDOWS\tgm2.dat
[2009/10/28 13:31:45 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465349.xxe
[2009/10/28 13:31:45 | 00,000,001 | -H-- | C] () -- C:\WINDOWS\hpm2.dat
[2009/10/28 13:31:28 | 00,000,001 | -H-- | C] () -- C:\WINDOWS\bx4657.dat
[2009/10/28 13:31:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465649.xxe
[2009/10/27 18:48:43 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465055.xxe
[2009/10/27 09:26:54 | 00,000,001 | ---- | C] () -- C:\WINDOWS\fdgg34353edfgdfdf
[2009/10/27 09:26:43 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\fio32.dll
[2009/10/27 09:26:30 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465050.xxe
[2009/10/27 09:26:29 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101465248.xxe
[2009/10/27 09:26:29 | 00,000,001 | -H-- | C] () -- C:\WINDOWS\bk23567.dat
[2009/10/27 09:26:28 | 00,000,002 | ---- | C] () -- C:\WINDOWS\0101120101464955.xxe
[2009/10/27 09:26:28 | 00,000,002 | ---- | C] () -- C:\WINDOWS\010112010146116101.xxe
[2009/10/24 19:04:12 | 00,001,405 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2009/10/16 13:22:44 | 00,291,328 | ---- | C] () -- C:\Documents and Settings\Skyler\Desktop\gmer.exe
[2009/10/11 17:47:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2009/10/11 06:08:51 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/10/11 06:08:51 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/10/11 06:07:40 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/11 02:13:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2009/10/05 10:25:02 | 00,000,444 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/10/05 10:24:56 | 00,000,418 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2007/12/05 17:40:22 | 00,093,640 | ---- | C] () -- C:\Documents and Settings\Skyler\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/12/05 15:58:47 | 00,000,029 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2007/12/05 15:58:32 | 00,000,014 | ---- | C] () -- C:\WINDOWS\exchng32.ini
[2007/12/05 15:58:32 | 00,000,012 | ---- | C] () -- C:\WINDOWS\datalink.ini
[2007/12/05 15:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WINHELP.INI
[2006/05/08 20:05:03 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/16 19:52:55 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\unzdll.dll
[2005/12/26 21:39:13 | 00,036,864 | ---- | C] () -- C:\Documents and Settings\Skyler\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/25 03:01:26 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Skyler\Application Data\desktop.ini
[2005/12/25 03:01:24 | 06,944,254 | -H-- | C] () -- C:\Documents and Settings\Skyler\Local Settings\Application Data\IconCache.db
[2005/12/24 20:28:40 | 00,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/12/24 20:21:35 | 00,000,064 | ---- | C] () -- C:\WINDOWS\init.ini
[2005/05/11 22:02:36 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/11 22:02:36 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/11 22:02:35 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/11 22:02:35 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/11 22:02:35 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/11 22:02:35 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/11 21:49:08 | 00,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/02/12 02:33:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 07:16:44 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 07:10:08 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/07 06:58:22 | 00,000,624 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/06 23:47:16 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/06 23:46:50 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/01/13 13:46:34 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996/03/20 00:00:00 | 00,151,040 | ---- | C] () -- C:\WINDOWS\System32\IR32.DLL
[1996/03/20 00:00:00 | 00,107,008 | ---- | C] () -- C:\WINDOWS\System32\TTEMB32.DLL
[1996/03/20 00:00:00 | 00,077,664 | ---- | C] () -- C:\WINDOWS\System32\IR21_R.DLL
[1996/03/20 00:00:00 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\OPENENU.DLL
[1996/03/20 00:00:00 | 00,002,041 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI
[1996/03/20 00:00:00 | 00,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI
========== LOP Check ==========
[2009/10/05 10:32:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2005/05/11 22:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/10/05 10:24:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2007/01/25 22:33:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/10/11 06:11:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/30 10:35:38 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2005/12/24 20:32:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\acccore
[2005/12/24 23:14:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Aim
[2007/03/04 20:41:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Azureus
[2009/10/05 10:25:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\DriverCure
[2005/12/28 13:00:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\InterVideo
[2007/01/25 22:33:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Skyler\Application Data\Viewpoint
[2009/10/31 07:46:37 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/11/01 11:56:03 | 00,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2004/08/04 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/29 17:03:48 | 00,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2009/10/22 23:33:00 | 00,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2009/10/31 07:42:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< Drivers >
< End of report >
OTL Extras logfile created on: 11/1/2009 8:21:47 PM - Run 1
OTL by OldTimer - Version 3.1.2.0 Folder = E:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.48 Mb Total Physical Memory | 203.60 Mb Available Physical Memory | 39.88% Memory free
1.22 Gb Paging File | 0.94 Gb Available in Paging File | 76.90% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 63.42 Gb Free Space | 85.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 495.72 Mb Total Space | 486.04 Mb Free Space | 98.05% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TH
Current User Name: Skyler
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E22217-0E96-4C3F-B831-83AA942B7715}" = UserGuides
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{15D91706-6ADF-44CF-9D7D-FF2D8ACD2C6F}" = LS_HSI
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 A3
"{534AA552-E1F1-4965-B2AA-FBDEB0730D60}" = muvee autoProducer 4.0 - SE
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = TIxx21
"{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B3
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ATI Display Driver" = ATI Display Driver
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C" = Data Fax SoftModem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"ESPN Java Check" = ESPN Java Check
"HijackThis" = HijackThis 2.0.2
"HP Pavillion zv6000 User Guides" = HP Pavillion zv6000 User Guides
"ie8" = Windows Internet Explorer 8
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = Texas Instruments PCIxx21/x515 drivers.
"InstallShield_{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money 2005
"Move Player_is1" = Move Networks Player for Firefox
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Pacific Poker" = Pacific Poker
"ScreensaversInstaller" = Screensavers Installer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/12/2008 5:22:28 AM | Computer Name = SKYLER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.8.20080.62306, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/14/2008 1:44:23 AM | Computer Name = SKYLER | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20080.62306, faulting
module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Error - 7/14/2008 1:45:13 AM | Computer Name = SKYLER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.8.20080.62306, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/27/2008 9:55:45 PM | Computer Name = SKYLER | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20080.4669, faulting
module unknown, version 0.0.0.0, fault address 0x035f310a.
Error - 4/19/2009 8:50:14 PM | Computer Name = TH | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.8.20080.4669, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/28/2009 9:54:04 PM | Computer Name = TH | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{8EFA4753-7169-4CC3-A28B-0A1643B8A39B}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127
Error - 4/28/2009 10:15:21 PM | Computer Name = TH | Source = MsiInstaller | ID = 10005
Description = Product: J2SE Runtime Environment 5.0 Update 2 -- You already have
this version of the JRE installed. Please uninstall the product through your add/remove
programs utility before reinstalling.
Error - 9/6/2009 11:18:44 PM | Computer Name = TH | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 3160, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.
Error - 9/6/2009 11:18:44 PM | Computer Name = TH | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.
Error - 9/6/2009 11:18:48 PM | Computer Name = TH | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 3160, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.
[ System Events ]
Error - 10/29/2009 10:52:13 AM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/29/2009 1:23:10 PM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/29/2009 1:51:28 PM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/29/2009 5:18:37 PM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/29/2009 6:35:35 PM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/30/2009 12:42:48 PM | Computer Name = TH | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.103 for the Network Card with network
address 0014A51D7E2D has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 10/30/2009 12:44:16 PM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/30/2009 1:27:29 PM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/31/2009 12:10:56 AM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
Error - 10/31/2009 9:43:50 AM | Computer Name = TH | Source = Service Control Manager | ID = 7022
Description = The fioo32 service hung on starting.
< End of report >
I look forward to your help and thanks again.