warning boxes popping up computer to become non responsive and fre

mare_wbpa · June 26, 2013, 12:08:20 AM

I'm the one who needs your patience. I can't believe that you and Corinne are hanging in with me this long. Here's the Run/fix scan:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
Error: Unable to interpret < :OTL> in the current context!
Error: Unable to interpret < FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)> in the current context!
Error: Unable to interpret < FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)> in the current context!
Error: Unable to interpret < FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)> in the current context!
Error: Unable to interpret < FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)> in the current context!
Error: Unable to interpret < FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)> in the current context!
Error: Unable to interpret < FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)> in the current context!
Error: Unable to interpret < FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/22 19:52:14 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/22 19:52:14 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < [2013/04/13 21:10:44 | 000,000,000 | ---D | M] (GetSavin) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:40 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll> in the current context!
Error: Unable to interpret < O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.> in the current context!
Error: Unable to interpret < O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.> in the current context!
Error: Unable to interpret < O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.> in the current context!
Error: Unable to interpret < [2013/05/22 19:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\RealNetworks> in the current context!
Error: Unable to interpret < [2013/05/22 19:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks> in the current context!
Error: Unable to interpret < [2013/05/22 19:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:51 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:33 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:33 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:29 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll> in the current context!
Error: Unable to interpret < [2013/05/24 13:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan> in the current context!
Error: Unable to interpret < [2013/05/24 13:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller> in the current context!
Error: Unable to interpret < [2013/05/22 19:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\real> in the current context!
Error: Unable to interpret < [2013/05/22 19:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real> in the current context!
Error: Unable to interpret < [2013/05/22 11:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue> in the current context!
Error: Unable to interpret < [2013/06/11 19:13:42 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job> in the current context!
Error: Unable to interpret < [2013/05/24 13:38:42 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3067886581-847020557-550397895-1009.job> in the current context!
Error: Unable to interpret < [2013/05/22 19:52:40 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:51 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:33 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:33 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll> in the current context!
Error: Unable to interpret < [2013/05/22 19:50:29 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll> in the current context!
Error: Unable to interpret < [2013/05/22 20:02:24 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job> in the current context!
Error: Unable to interpret < [2013/05/22 19:54:22 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3067886581-847020557-550397895-1009.job> in the current context!
Error: Unable to interpret < [2013/05/22 19:52:40 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk> in the current context!
Error: Unable to interpret < [2013/04/13 20:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\WhiteSmoke_New(2)> in the current context!
Error: Unable to interpret < [2013/04/13 20:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect(2)> in the current context!
Error: Unable to interpret < [2013/04/13 20:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)> in the current context!
Error: Unable to interpret < [2013/06/23 12:35:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job> in the current context!
Error: Unable to interpret < :reg> in the current context!
Error: Unable to interpret < [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}]> in the current context!
Error: Unable to interpret < [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}]> in the current context!
Error: Unable to interpret < [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 16.0]> in the current context!
Error: Unable to interpret < :commands> in the current context!

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Compaq_Owner
->Temp folder emptied: 26003 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19190597 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 492 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 18.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06252013_185550

Files\Folders moved on Reboot...
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

mare_wbpa · June 26, 2013, 12:13:35 AM

Here's the Quik Scan log. It's quite lenghty for a Qiuk Scan

OTL logfile created on: 6/25/2013 7:18:54 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.48 Mb Total Physical Memory | 44.29 Mb Available Physical Memory | 11.55% Memory free
943.36 Mb Paging File | 245.94 Mb Available in Paging File | 26.07% Paging File free
Paging file location(s): C:\pagefile.sys 600 1200 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.41 Gb Total Space | 126.34 Gb Free Space | 70.03% Space Free | Partition Type: NTFS
Drive D: | 5.88 Gb Total Space | 0.87 Gb Free Space | 14.85% Space Free | Partition Type: FAT32

Computer Name: YOUR-F78BF48CE2 | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/11 19:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\OTL.exe
PRC - [2013/05/21 18:49:07 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/04/04 03:15:08 | 001,117,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/03/28 02:48:36 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/02/19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2011/11/10 20:19:14 | 001,130,496 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe
PRC - [2011/10/05 10:25:42 | 000,045,056 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
PRC - [2010/11/18 05:05:07 | 000,862,032 | R--- | M] (Storage Appliance Corp.) -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacReminder.exe
PRC - [2010/11/18 05:05:06 | 000,163,664 | R--- | M] (Storage Appliance Corporation) -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacNetAgent.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2004/08/04 00:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013/06/15 12:52:30 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013/05/21 18:49:02 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/10 20:18:30 | 000,049,152 | ---- | M] () -- C:\Program Files\Stickies\shook70.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/02/06 00:17:07 | 000,147,493 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\bwfiles.dll
MOD - [2009/02/06 00:17:07 | 000,094,243 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\FrExt.dll
MOD - [2009/02/06 00:17:07 | 000,061,496 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\clntutil.dll
MOD - [2009/02/06 00:17:07 | 000,024,615 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\frext-6750491.dll
MOD - [2009/02/06 00:17:07 | 000,024,615 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\BWfiles-6750491.dll
MOD - [2009/02/06 00:17:02 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\HPClientExt.dll
MOD - [2004/08/04 00:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/15 13:12:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 18:49:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/18 05:05:06 | 000,163,664 | R--- | M] (Storage Appliance Corporation) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacNetAgent.exe -- (SacNetAgentService_C57C4F854F53)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2013/05/20 20:06:25 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/07/12 13:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/04/20 12:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005/04/12 12:42:16 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 12:08:44 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/03/09 10:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/19 14:21:56 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/06/29 13:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/12/02 21:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/11 18:28:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/07/29 17:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IEFM1&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLH
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/22 20:26:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks [2010/01/31 19:07:40 | 000,000,000 | ---D | M]

[2009/08/29 18:32:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2013/04/13 21:10:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions
[2010/06/12 16:20:39 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2013/04/13 21:10:44 | 000,000,000 | ---D | M] (GetSavin) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)
[2013/06/21 10:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions
[2012/11/29 19:36:49 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/04/27 10:58:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/12 16:20:39 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2013/04/13 21:44:24 | 000,019,225 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\newtabgoogle@graememcc.co.uk.xpi
[2013/06/21 10:53:55 | 000,178,105 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\rapportive@rapportive.com.xpi
[2013/05/21 18:49:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 18:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl(2)\5(2).0_0\

O1 HOSTS File: ([2013/06/09 18:02:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background File not found
O4 - HKCU..\Run: [SacReminderHDDV2N] C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacReminder.exe (Storage Appliance Corp.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 24.229.54.212 216.144.187.199 204.186.80.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14D9CC6F-26E4-4C91-A6EC-9E1BA6683FAC}: DhcpNameServer = 192.168.2.1 24.229.54.212 216.144.187.199 204.186.80.229
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/27 00:53:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\AutoRun\command - "" = K:\rcaeasyrip_setup.exe
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\install\command - "" = K:\rcaeasyrip_setup.exe
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualEnglish\command - "" = K:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualFrench\command - "" = K:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualSpanish\command - "" = K:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell - "" = AutoRun
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell\AutoRun\command - "" = K:\StartClickFreeBackup.exe
O33 - MountPoints2\{a3ee96ed-8aa7-11de-b65c-0013d41842a8}\Shell\AutoRun\command - "" = L:\MI.exe
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/25 11:06:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/13 20:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
[2013/06/13 17:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/06/11 19:53:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/10 20:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/06/10 19:13:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/06/10 19:13:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\.#
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\WINDOWS
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Shared
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/06/09 18:06:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/06/06 11:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/06 11:53:39 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/06/05 18:18:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/06/05 18:18:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/06/05 18:18:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/06/05 18:18:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/06/05 18:18:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/05 18:17:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/06/05 17:24:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/06/05 17:23:19 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/03 19:36:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2013/06/03 11:59:14 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2013/06/02 21:22:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/02 11:57:25 | 000,000,000 | ---D | C] -- C:\8b92052dd8fbc345a9bdf0e9
[2013/05/30 20:45:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Wildtangent
[2013/05/30 19:57:50 | 000,000,000 | ---D | C] -- C:\d321eb98beeded867b1c1470
[2013/05/28 17:52:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/05/28 17:52:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/05/28 17:39:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/07/27 17:25:12 | 000,055,296 | ---- | C] (CANON INC.) -- C:\Documents and Settings\Compaq_Owner\cnmss Canon MX310 series Printer (Local).dll

========== Files - Modified Within 30 Days ==========

[2013/06/25 19:25:27 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/25 19:00:45 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX310 series Printer.lnk
[2013/06/25 18:59:12 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job
[2013/06/25 18:58:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/25 18:58:52 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/25 12:54:11 | 000,007,996 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2013/06/25 12:27:24 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Quik Scan.wps
[2013/06/24 10:52:23 | 000,184,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL 6.wps
[2013/06/22 12:22:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/13 21:06:17 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Rogue Killer ScAN.wps
[2013/06/13 17:41:46 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/06/12 19:15:47 | 000,174,872 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Log 2.wps
[2013/06/11 22:41:37 | 000,082,779 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL log.rtf
[2013/06/10 11:39:29 | 000,003,592 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/06/09 18:09:26 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combofix4.5.wps
[2013/06/09 18:02:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/09 13:21:17 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Comvofix 3 log.wps
[2013/06/08 19:06:43 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\comdo fix2.wps
[2013/06/07 20:42:11 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combo fix log.wps
[2013/06/06 11:55:08 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/03 15:42:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/02 21:22:00 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/02 21:03:44 | 000,503,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/02 21:03:44 | 000,088,018 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/28 17:45:15 | 000,250,048 | RHS- | M] () -- C:\ntldr

========== Files Created - No Company Name ==========

[2013/06/25 12:27:19 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Quik Scan.wps
[2013/06/24 10:50:48 | 000,184,832 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL 6.wps
[2013/06/13 21:06:14 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Rogue Killer ScAN.wps
[2013/06/11 22:48:14 | 000,174,872 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Log 2.wps
[2013/06/11 22:38:53 | 000,082,779 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL log.rtf
[2013/06/10 19:15:55 | 402,182,144 | -HS- | C] () -- C:\hiberfil.sys
[2013/06/09 18:09:26 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combofix4.5.wps
[2013/06/09 13:21:17 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Comvofix 3 log.wps
[2013/06/08 19:06:43 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\comdo fix2.wps
[2013/06/07 20:42:11 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combo fix log.wps
[2013/06/06 11:55:08 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/05 18:18:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/06/05 18:18:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/05 18:18:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/06/05 18:18:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/06/05 18:18:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/28 17:45:45 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/05/28 17:45:42 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/12/28 15:00:20 | 000,003,592 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/12 19:54:54 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3067886581-847020557-550397895-1009-0.dat
[2012/10/11 21:54:45 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/01/13 12:34:27 | 000,011,058 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\af8798e8
[2011/04/09 21:40:52 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\23Cegp.dat
[2010/10/20 23:15:45 | 000,009,194 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\.recently-used.xbel
[2009/03/14 22:28:40 | 000,007,996 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/03/12 21:41:24 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/02/05 23:45:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/07/18 12:20:31 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 00:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/11 12:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2009/02/12 00:15:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/10/24 12:35:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/25 12:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CraftEdge
[2013/06/25 18:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/09/14 20:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2012/10/09 22:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N
[2009/02/09 00:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2013/06/10 19:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/15 13:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/08/31 14:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/26 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/19 18:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/12 19:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/06/10 19:13:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\.#
[2012/12/11 12:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVG2013
[2012/04/30 12:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\calibre
[2009/03/13 11:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canon
[2009/08/26 16:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Clone2Go Video Converter Professional
[2013/05/26 14:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Garmin
[2010/10/20 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\inkscape
[2009/02/05 23:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterMute
[2009/02/09 17:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2009/02/06 12:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2010/08/08 20:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2009/02/22 23:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NewSoft
[2009/09/14 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nova Development
[2010/01/11 21:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ooVoo Details
[2009/02/05 23:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2013/04/13 21:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)
[2010/10/17 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Serif
[2013/04/13 21:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Smilebox
[2013/06/25 18:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\stickies
[2013/04/13 21:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SwvUpdater(2)
[2009/03/14 22:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2012/12/11 12:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software
[2009/09/15 13:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ulead Systems
[2013/05/22 11:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue

========== Purity Check ==========

< End of report >

DonnaB · June 26, 2013, 03:11:46 AM

Hm? That's still not right. I now see that OTL was downloaded to the Downloads folder, as shown below, instead of the desktop.

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\My Documents\Downloads

Could you go to the Downloads folder and drag and drop OTL onto the desktop please, and run the fix again? I'm quite sure that is the problem, though I am going to look into this error further, just in case.

I'll post the fix here so you don't have to go looking in the other post for it.

Double click on the to open the program.
Under the Custom Scans/Fixes box at the bottom, paste in the following

Quote

:Commands
[CREATERESTOREPOINT]

:OTL
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/22 19:52:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/22 19:52:14 | 000,000,000 | ---D | M]
[2013/04/13 21:10:44 | 000,000,000 | ---D | M] (GetSavin) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)
[2013/05/22 19:50:40 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
[2013/05/22 19:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\RealNetworks
[2013/05/22 19:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/05/22 19:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/05/22 19:50:51 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/22 19:50:33 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/22 19:50:33 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/22 19:50:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2013/05/22 19:50:29 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/24 13:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2013/05/24 13:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013/05/22 19:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\real
[2013/05/22 19:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2013/05/22 11:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2013/06/11 19:13:42 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job
[2013/05/24 13:38:42 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3067886581-847020557-550397895-1009.job
[2013/05/22 19:52:40 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/22 19:50:51 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/22 19:50:33 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/22 19:50:33 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/22 19:50:29 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/22 20:02:24 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job
[2013/05/22 19:54:22 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3067886581-847020557-550397895-1009.job
[2013/05/22 19:52:40 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/04/13 20:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\WhiteSmoke_New(2)
[2013/04/13 20:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect(2)
[2013/04/13 20:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)
[2013/06/23 12:35:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 16.0]

:commands
[emptytemp]
Make sure all other windows are closed.
Click the Run Fix button at the top
Let the program run uninterupted. The computer should reboot when the scan is done. If not, please reboot the computer.
Post the log that is found in C:\_OTL\Moved Files in your next reply.
Open OTL again and click the Quick Scan button. Please post the log it produces in your next reply along with the fix log.

mare_wbpa · June 26, 2013, 03:32:04 PM

I copied this log from the notepad that popped up after the scan and reboot. Is that OK?

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32\ not found.
File c:\program files\real\realplayer\Netscape6\nppl3260.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2\ not found.
File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2\ not found.
File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2\ not found.
File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32\ not found.
File c:\program files\real\realplayer\Netscape6\nprpplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1\ not found.
File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCE04E1F-9378-4f39-96F6-5689A9159E45}\ not found.
File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABDE892B-13A8-4d1b-88E6-365A6E755758}\ not found.
File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext not found.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\getsavin(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\getsavin(2)\data(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\getsavin(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\windows(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\window(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\utils(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\traits(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\tabs(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\system(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\private-browsing(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\l10n(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\events(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\event(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\dom(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\content(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2)\addon(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\api-utils(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\addon-kit(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2)\addon-kit(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\resources(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\defaults(2)\preferences(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2)\defaults(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\getsavin@jetpack(2) folder moved successfully.
File C:\Program Files\mozilla firefox\plugins\nprpplugin.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Folder C:\Documents and Settings\Compaq_Owner\Application Data\RealNetworks\ not found.
Folder C:\Program Files\RealNetworks\ not found.
Folder C:\Documents and Settings\All Users\Application Data\RealNetworks\ not found.
File C:\WINDOWS\System32\rmoc3260.dll not found.
File C:\WINDOWS\System32\pndx5016.dll not found.
File C:\WINDOWS\System32\pndx5032.dll not found.
Folder C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\ not found.
File C:\WINDOWS\System32\pncrt.dll not found.
C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\4.0.1.16 folder moved successfully.
C:\Program Files\Norton Security Scan\Norton Security Scan\Engine folder moved successfully.
C:\Program Files\Norton Security Scan\Norton Security Scan folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.1(3).16\09(2)\01(2) folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.1(3).16\09(2) folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.1(3).16 folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.1(2).16\09\01 folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.1(2).16\09 folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.1(2).16 folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS folder moved successfully.
C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35} folder moved successfully.
C:\Program Files\NortonInstaller folder moved successfully.
C:\Program Files\real\realplayer\Update folder moved successfully.
C:\Program Files\real\realplayer folder moved successfully.
C:\Program Files\real folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Real\Update folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealUpgrade folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Real folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\Third party Terms folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\se\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\se folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\ru\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\ru folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\no\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\no folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\nl\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\nl folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\jp\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\jp folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\it\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\it folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\fr\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\fr folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\fi\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\fi folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\es\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\es folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\en\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\en folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\dk\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\dk folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\de\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\de folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\br\LC_MESSAGES folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale\br folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC\locale folder moved successfully.
C:\Program Files\Uniblue\SpeedUpMyPC folder moved successfully.
C:\Program Files\Uniblue folder moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3067886581-847020557-550397895-1009.job moved successfully.
File C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk not found.
File C:\WINDOWS\System32\rmoc3260.dll not found.
File C:\WINDOWS\System32\pndx5016.dll not found.
File C:\WINDOWS\System32\pndx5032.dll not found.
File C:\WINDOWS\System32\pncrt.dll not found.
File C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job not found.
File C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3067886581-847020557-550397895-1009.job not found.
File C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk not found.
C:\Program Files\WhiteSmoke_New(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\ffprotect(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\Dialogs(2)\spsd(2)\images(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\Dialogs(2)\spsd(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\Dialogs(2)\spbd(2)\images(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\Dialogs(2)\spbd(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\Dialogs(2)\lib(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\Dialogs(2) folder moved successfully.
C:\Program Files\SearchProtect(2)\bin(2) folder moved successfully.
C:\Program Files\SearchProtect(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\SProtectorRepository(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\Dialogs(2)\spsd(2)\images(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\Dialogs(2)\spsd(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\Dialogs(2)\spbd(2)\images(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\Dialogs(2)\spbd(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\Dialogs(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2)\Dialogs(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\ffprotect(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\Dialogs(2)\spsd(2)\images(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\Dialogs(2)\spsd(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\Dialogs(2)\spbd(2)\images(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\Dialogs(2)\spbd(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\Dialogs(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\Dialogs(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2)\bin(2) folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\SearchProtect(2) folder moved successfully.
File C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3067886581-847020557-550397895-1009.job not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 16.0\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Compaq_Owner
->Temp folder emptied: 12902958 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 121868841 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 754 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 129.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06262013_111145

Files\Folders moved on Reboot...
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

mare_wbpa · June 26, 2013, 04:18:33 PM

This is the log from the Quik Scan, it is also from the Notepad pop up.

OTL logfile created on: 6/26/2013 11:33:44 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.48 Mb Total Physical Memory | 115.09 Mb Available Physical Memory | 30.01% Memory free
943.36 Mb Paging File | 507.75 Mb Available in Paging File | 53.82% Paging File free
Paging file location(s): C:\pagefile.sys 600 1200 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.41 Gb Total Space | 125.98 Gb Free Space | 69.83% Space Free | Partition Type: NTFS
Drive D: | 5.88 Gb Total Space | 0.87 Gb Free Space | 14.85% Space Free | Partition Type: FAT32

Computer Name: YOUR-F78BF48CE2 | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/11 19:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/04/04 03:15:08 | 001,117,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/03/28 02:48:36 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/02/19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/06/04 09:31:40 | 001,466,760 | ---- | M] (Garmin) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2011/11/10 20:19:14 | 001,130,496 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe
PRC - [2011/10/05 10:25:42 | 000,045,056 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
PRC - [2010/11/18 05:05:07 | 000,862,032 | R--- | M] (Storage Appliance Corp.) -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacReminder.exe
PRC - [2010/11/18 05:05:06 | 000,163,664 | R--- | M] (Storage Appliance Corporation) -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacNetAgent.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2004/08/04 00:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/11 12:15:58 | 000,391,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
MOD - [2012/10/11 12:15:57 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2012/10/11 12:12:19 | 000,656,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
MOD - [2012/10/11 12:12:07 | 017,629,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2012/10/11 12:11:40 | 000,721,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
MOD - [2012/10/11 12:11:35 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2012/10/11 12:11:24 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2012/10/11 12:11:11 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2012/10/11 12:11:02 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2012/10/11 12:10:47 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2012/10/11 12:10:35 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2012/10/11 12:10:10 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2012/10/11 12:09:43 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011/11/10 20:18:30 | 000,049,152 | ---- | M] () -- C:\Program Files\Stickies\shook70.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/02/06 00:17:07 | 000,147,493 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\bwfiles.dll
MOD - [2009/02/06 00:17:07 | 000,094,243 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\FrExt.dll
MOD - [2009/02/06 00:17:07 | 000,061,496 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\clntutil.dll
MOD - [2009/02/06 00:17:07 | 000,024,615 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\frext-6750491.dll
MOD - [2009/02/06 00:17:07 | 000,024,615 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\BWfiles-6750491.dll
MOD - [2009/02/06 00:17:02 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\HPClientExt.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/15 13:12:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 18:49:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Start_Pending] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/18 05:05:06 | 000,163,664 | R--- | M] (Storage Appliance Corporation) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacNetAgent.exe -- (SacNetAgentService_C57C4F854F53)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2013/05/20 20:06:25 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/07/12 13:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/04/20 12:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005/04/12 12:42:16 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 12:08:44 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/03/09 10:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/19 14:21:56 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/06/29 13:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/12/02 21:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/11 18:28:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/07/29 17:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IEFM1&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLH
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/22 20:26:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks [2010/01/31 19:07:40 | 000,000,000 | ---D | M]

[2009/08/29 18:32:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2013/06/26 11:22:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions
[2010/06/12 16:20:39 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2013/06/21 10:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions
[2012/11/29 19:36:49 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/04/27 10:58:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/12 16:20:39 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2013/04/13 21:44:24 | 000,019,225 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\newtabgoogle@graememcc.co.uk.xpi
[2013/06/21 10:53:55 | 000,178,105 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\rapportive@rapportive.com.xpi
[2013/05/21 18:49:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 18:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl(2)\5(2).0_0\

O1 HOSTS File: ([2013/06/09 18:02:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background File not found
O4 - HKCU..\Run: [SacReminderHDDV2N] C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacReminder.exe (Storage Appliance Corp.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 24.229.54.212 216.144.187.199 204.186.80.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14D9CC6F-26E4-4C91-A6EC-9E1BA6683FAC}: DhcpNameServer = 192.168.2.1 24.229.54.212 216.144.187.199 204.186.80.229
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/27 00:53:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\AutoRun\command - "" = K:\rcaeasyrip_setup.exe
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\install\command - "" = K:\rcaeasyrip_setup.exe
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualEnglish\command - "" = K:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualFrench\command - "" = K:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualSpanish\command - "" = K:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell - "" = AutoRun
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell\AutoRun\command - "" = K:\StartClickFreeBackup.exe
O33 - MountPoints2\{a3ee96ed-8aa7-11de-b65c-0013d41842a8}\Shell\AutoRun\command - "" = L:\MI.exe
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/25 11:06:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/13 20:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
[2013/06/13 17:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/06/11 19:53:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/11 19:39:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/10 20:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/06/10 19:13:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/06/10 19:13:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\.#
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\WINDOWS
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Shared
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/06/09 18:06:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/06/06 11:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/06 11:53:39 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/06/05 18:18:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/06/05 18:18:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/06/05 18:18:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/06/05 18:18:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/06/05 18:18:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/05 18:17:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/06/05 17:24:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/06/05 17:23:19 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/03 19:36:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2013/06/03 11:59:14 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2013/06/02 21:22:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/02 11:57:25 | 000,000,000 | ---D | C] -- C:\8b92052dd8fbc345a9bdf0e9
[2013/05/30 20:45:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Wildtangent
[2013/05/30 19:57:50 | 000,000,000 | ---D | C] -- C:\d321eb98beeded867b1c1470
[2013/05/28 17:52:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/05/28 17:52:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/05/28 17:39:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/07/27 17:25:12 | 000,055,296 | ---- | C] (CANON INC.) -- C:\Documents and Settings\Compaq_Owner\cnmss Canon MX310 series Printer (Local).dll

========== Files - Modified Within 30 Days ==========

[2013/06/26 11:30:17 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX310 series Printer.lnk
[2013/06/26 11:26:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/26 11:26:03 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/26 10:25:29 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/25 12:54:11 | 000,007,996 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2013/06/25 12:27:24 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Quik Scan.wps
[2013/06/24 10:52:23 | 000,184,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL 6.wps
[2013/06/22 12:22:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/13 21:06:17 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Rogue Killer ScAN.wps
[2013/06/13 17:41:46 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/06/12 19:15:47 | 000,174,872 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Log 2.wps
[2013/06/11 22:41:37 | 000,082,779 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL log.rtf
[2013/06/11 19:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/10 11:39:29 | 000,003,592 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/06/09 18:09:26 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combofix4.5.wps
[2013/06/09 18:02:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/09 13:21:17 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Comvofix 3 log.wps
[2013/06/08 19:06:43 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\comdo fix2.wps
[2013/06/07 20:42:11 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combo fix log.wps
[2013/06/06 11:55:08 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/03 15:42:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/02 21:22:00 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/02 21:03:44 | 000,503,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/02 21:03:44 | 000,088,018 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/28 17:45:15 | 000,250,048 | RHS- | M] () -- C:\ntldr

========== Files Created - No Company Name ==========

[2013/06/25 12:27:19 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Quik Scan.wps
[2013/06/24 10:50:48 | 000,184,832 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL 6.wps
[2013/06/13 21:06:14 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Rogue Killer ScAN.wps
[2013/06/11 22:48:14 | 000,174,872 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Log 2.wps
[2013/06/11 22:38:53 | 000,082,779 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL log.rtf
[2013/06/10 19:15:55 | 402,182,144 | -HS- | C] () -- C:\hiberfil.sys
[2013/06/09 18:09:26 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combofix4.5.wps
[2013/06/09 13:21:17 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Comvofix 3 log.wps
[2013/06/08 19:06:43 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\comdo fix2.wps
[2013/06/07 20:42:11 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combo fix log.wps
[2013/06/06 11:55:08 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/05 18:18:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/06/05 18:18:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/05 18:18:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/06/05 18:18:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/06/05 18:18:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/28 17:45:45 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/05/28 17:45:42 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/12/28 15:00:20 | 000,003,592 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/12 19:54:54 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3067886581-847020557-550397895-1009-0.dat
[2012/10/11 21:54:45 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/01/13 12:34:27 | 000,011,058 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\af8798e8
[2011/04/09 21:40:52 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\23Cegp.dat
[2010/10/20 23:15:45 | 000,009,194 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\.recently-used.xbel
[2009/03/14 22:28:40 | 000,007,996 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/03/12 21:41:24 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/02/05 23:45:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/07/18 12:20:31 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 00:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/11 12:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2009/02/12 00:15:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/10/24 12:35:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/25 12:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CraftEdge
[2013/06/26 10:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/09/14 20:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2012/10/09 22:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N
[2009/02/09 00:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2013/06/10 19:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/15 13:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/08/31 14:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/26 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/19 18:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/12 19:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/06/10 19:13:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\.#
[2012/12/11 12:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVG2013
[2012/04/30 12:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\calibre
[2009/03/13 11:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canon
[2009/08/26 16:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Clone2Go Video Converter Professional
[2013/05/26 14:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Garmin
[2010/10/20 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\inkscape
[2009/02/05 23:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterMute
[2009/02/09 17:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2009/02/06 12:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2010/08/08 20:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2009/02/22 23:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NewSoft
[2009/09/14 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nova Development
[2010/01/11 21:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ooVoo Details
[2009/02/05 23:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2010/10/17 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Serif
[2013/04/13 21:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Smilebox
[2013/06/26 10:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\stickies
[2013/04/13 21:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SwvUpdater(2)
[2009/03/14 22:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2012/12/11 12:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software
[2009/09/15 13:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ulead Systems
[2013/05/22 11:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue

========== Purity Check ==========

< End of report >

DonnaB · June 26, 2013, 04:21:54 PM

QuoteI copied this log from the notepad that popped up after the scan and reboot. Is that OK?

Yes! That is perfect! Thank you! :cheesy:

Give me a moment or 2 to look over the new OTL log before we move on to the SP3 issue.

I don't recall if you ever mentioned that you have the installation discs, or not, just in case they are ever needed. Do you have them?

mare_wbpa · June 26, 2013, 04:58:59 PM

If you're asking about the Windows Recovery Discs, yes, I have them. I really hope we don't have to use them tho.

mare_wbpa · June 26, 2013, 09:24:48 PM

I thought oof something that may or may not be significant to the scans I did. I had most of the plugins disabled when I did the scans. Would that make a difference? The computer runs so much better with most of them disabled. Just thought I'd mention it.

DonnaB · June 27, 2013, 06:05:44 PM

The discs that you have, how many are there and what does each disc say on them? Did they come with the computer?

The reason I ask is that when we get to the point of working on the Windows Updates we may come across the need to repair files that might have been damaged when the Uniblue registry cleaner was used, if the program was used.

The plugins being disabled would not make a difference. The tools we use are designed to find the files and will display if they are disabled or not.

Presently we're discussing some files that keep showing up in the logs, past and present. Please do not perform a System Restore. This will undo everything that has been accomplished thus far and we'll have to start over.

Back shortly with further instructions. :) So hang in there, please!

mare_wbpa · June 27, 2013, 11:07:04 PM

Well, there are 9 total discs, 8 came with the computer and I had to buy a supplemental disc when I did the recovery after trying to install the SP2 and it didn't work. The recovery didn't work either. Thus the supplemental disc. They say "System Recovery Microsoft windows XP Home Edition Service Pack 2 Discs, 1-8.

DonnaB · June 28, 2013, 03:07:53 AM

Hm. Ok. I don't think those 8 discs will help for what I'd like to try though I have a friend I can reach out to that would know for sure. May I please ask what the 9th disc says on it?

Hopefully this is the last time that I have to ask you to run the following fix in OTL for me. We have just a few more files to remove that I think had been restored from the system restore.

Double click on the to open the program.
Under the Custom Scans/Fixes box at the bottom, paste in the following

Quote
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\SearchScopes,DefaultScope = {3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IEFM1&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLH
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[2013/06/10 19:13:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\.#
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\WINDOWS
[2013/06/10 19:13:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\.#
[2013/05/22 11:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue
[2012/12/11 12:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software

[emptytemp]
Make sure all other windows are closed.
Click the Run Fix button at the top
Let the program run uninterupted. The computer should reboot when the scan is done. If not, please reboot the computer.
Post the log that is found in C:\_OTL\Moved Files in your next reply.
Open OTL again and click the Quick Scan button. Please post the log it produces in your next reply along with the fix log.

Thank you,

Donna :)

mare_wbpa · June 28, 2013, 02:52:30 PM

The 9th disc says"Compaq Presario PC Supplemental Recovery Disc". I haven't done the scans yet.

DonnaB · June 28, 2013, 03:09:29 PM

:thumbsup: Thanks for the info. I have a feeling that 9th disc is a driver disc.

I'll wait for the scans. No hurry. :)

mare_wbpa · June 28, 2013, 04:28:30 PM

Here's the Run/Fix scan:
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D26BC94-09CF-4C60-B9E3-206E5C0CCB0F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Documents and Settings\Compaq_Owner\Application Data\.# folder moved successfully.
C:\Documents and Settings\Compaq_Owner\WINDOWS\system folder moved successfully.
C:\Documents and Settings\Compaq_Owner\WINDOWS folder moved successfully.
Folder C:\Documents and Settings\Compaq_Owner\Application Data\.#\ not found.
C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue\SpeedUpMyPC folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue\Registry Booster2 folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software\TU2012 folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software folder moved successfully.
File ptytemp] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06282013_115650

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

mare_wbpa · June 28, 2013, 05:09:10 PM

Quik Scan log:

OTL logfile created on: 6/28/2013 12:54:28 PM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.48 Mb Total Physical Memory | 75.77 Mb Available Physical Memory | 19.76% Memory free
943.36 Mb Paging File | 254.84 Mb Available in Paging File | 27.01% Paging File free
Paging file location(s): C:\pagefile.sys 600 1200 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.41 Gb Total Space | 125.93 Gb Free Space | 69.80% Space Free | Partition Type: NTFS
Drive D: | 5.88 Gb Total Space | 0.87 Gb Free Space | 14.85% Space Free | Partition Type: FAT32

Computer Name: YOUR-F78BF48CE2 | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/11 19:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2013/05/21 18:49:07 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/04/04 03:15:08 | 001,117,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/03/28 02:48:36 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/02/19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/06/04 09:31:40 | 001,466,760 | ---- | M] (Garmin) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2011/11/10 20:19:14 | 001,130,496 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe
PRC - [2011/10/05 10:25:42 | 000,045,056 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
PRC - [2010/11/18 05:05:07 | 000,862,032 | R--- | M] (Storage Appliance Corp.) -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacReminder.exe
PRC - [2010/11/18 05:05:06 | 000,163,664 | R--- | M] (Storage Appliance Corporation) -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacNetAgent.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2004/08/04 00:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013/05/21 18:49:02 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/10/11 12:15:58 | 000,391,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
MOD - [2012/10/11 12:15:57 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2012/10/11 12:12:19 | 000,656,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
MOD - [2012/10/11 12:12:07 | 017,629,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2012/10/11 12:11:40 | 000,721,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
MOD - [2012/10/11 12:11:35 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2012/10/11 12:11:24 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2012/10/11 12:11:11 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2012/10/11 12:11:02 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2012/10/11 12:10:47 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2012/10/11 12:10:35 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2012/10/11 12:10:10 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2012/10/11 12:09:43 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011/11/10 20:18:30 | 000,049,152 | ---- | M] () -- C:\Program Files\Stickies\shook70.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/02/06 00:17:07 | 000,147,493 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\bwfiles.dll
MOD - [2009/02/06 00:17:07 | 000,094,243 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\FrExt.dll
MOD - [2009/02/06 00:17:07 | 000,061,496 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\clntutil.dll
MOD - [2009/02/06 00:17:07 | 000,024,615 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\frext-6750491.dll
MOD - [2009/02/06 00:17:07 | 000,024,615 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\BWfiles-6750491.dll
MOD - [2009/02/06 00:17:02 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\6750491\Program\HPClientExt.dll
MOD - [2004/08/04 00:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/15 13:12:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 18:49:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/18 05:05:06 | 000,163,664 | R--- | M] (Storage Appliance Corporation) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacNetAgent.exe -- (SacNetAgentService_C57C4F854F53)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2013/05/20 20:06:25 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/07/12 13:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/04/20 12:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005/04/12 12:42:16 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 12:08:44 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/03/09 10:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/19 14:21:56 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/06/29 13:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/12/02 21:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/11 18:28:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/07/29 17:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/22 20:26:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks [2010/01/31 19:07:40 | 000,000,000 | ---D | M]

[2009/08/29 18:32:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2013/06/26 11:22:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions
[2010/06/12 16:20:39 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\0az38696.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2013/06/21 10:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions
[2012/11/29 19:36:49 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/04/27 10:58:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/12 16:20:39 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2013/04/13 21:44:24 | 000,019,225 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\newtabgoogle@graememcc.co.uk.xpi
[2013/06/21 10:53:55 | 000,178,105 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbhvogpj.default\extensions\rapportive@rapportive.com.xpi
[2013/05/21 18:49:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 18:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl(2)\5(2).0_0\

O1 HOSTS File: ([2013/06/09 18:02:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background File not found
O4 - HKCU..\Run: [SacReminderHDDV2N] C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N\Reminder\SacReminder.exe (Storage Appliance Corp.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 24.229.54.212 216.144.187.199 204.186.80.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14D9CC6F-26E4-4C91-A6EC-9E1BA6683FAC}: DhcpNameServer = 192.168.2.1 24.229.54.212 216.144.187.199 204.186.80.229
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/27 00:53:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\AutoRun\command - "" = K:\rcaeasyrip_setup.exe
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\install\command - "" = K:\rcaeasyrip_setup.exe
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualEnglish\command - "" = K:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualFrench\command - "" = K:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{043c605b-7e20-11de-b651-0013d41842a8}\Shell\usermanualSpanish\command - "" = K:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell - "" = AutoRun
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0db5fbff-7353-11e0-b969-0013d41842a8}\Shell\AutoRun\command - "" = K:\StartClickFreeBackup.exe
O33 - MountPoints2\{a3ee96ed-8aa7-11de-b65c-0013d41842a8}\Shell\AutoRun\command - "" = L:\MI.exe
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f9b408d0-bc63-11d9-842c-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/25 11:06:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/13 20:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
[2013/06/13 17:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/06/11 19:53:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/11 19:39:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/10 20:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/06/10 19:13:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\wt
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Shared
[2013/06/10 19:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/06/09 18:06:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/06/06 11:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/06 11:53:39 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/06/05 18:18:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/06/05 18:18:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/06/05 18:18:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/06/05 18:18:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/06/05 18:18:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/05 18:17:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/06/05 17:24:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/06/05 17:23:19 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/03 19:36:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2013/06/03 11:59:14 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2013/06/02 21:22:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/02 11:57:25 | 000,000,000 | ---D | C] -- C:\8b92052dd8fbc345a9bdf0e9
[2013/05/30 20:45:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Wildtangent
[2013/05/30 19:57:50 | 000,000,000 | ---D | C] -- C:\d321eb98beeded867b1c1470
[2010/07/27 17:25:12 | 000,055,296 | ---- | C] (CANON INC.) -- C:\Documents and Settings\Compaq_Owner\cnmss Canon MX310 series Printer (Local).dll

========== Files - Modified Within 30 Days ==========

[2013/06/28 12:25:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/28 12:24:28 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX310 series Printer.lnk
[2013/06/28 12:21:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/28 12:21:28 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/25 12:54:11 | 000,007,996 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2013/06/25 12:27:24 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Quik Scan.wps
[2013/06/24 10:52:23 | 000,184,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL 6.wps
[2013/06/22 12:22:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/13 21:06:17 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Rogue Killer ScAN.wps
[2013/06/13 17:41:46 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/06/12 19:15:47 | 000,174,872 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Log 2.wps
[2013/06/11 22:41:37 | 000,082,779 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL log.rtf
[2013/06/11 19:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/10 11:39:29 | 000,003,592 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/06/09 18:09:26 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combofix4.5.wps
[2013/06/09 18:02:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/09 13:21:17 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Comvofix 3 log.wps
[2013/06/08 19:06:43 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\comdo fix2.wps
[2013/06/07 20:42:11 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combo fix log.wps
[2013/06/06 11:55:08 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/03 15:42:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/02 21:22:00 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/02 21:03:44 | 000,503,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/02 21:03:44 | 000,088,018 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013/06/25 12:27:19 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Quik Scan.wps
[2013/06/24 10:50:48 | 000,184,832 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL 6.wps
[2013/06/13 21:06:14 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Rogue Killer ScAN.wps
[2013/06/11 22:48:14 | 000,174,872 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL Log 2.wps
[2013/06/11 22:38:53 | 000,082,779 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\OTL log.rtf
[2013/06/10 19:15:55 | 402,182,144 | -HS- | C] () -- C:\hiberfil.sys
[2013/06/09 18:09:26 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combofix4.5.wps
[2013/06/09 13:21:17 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Comvofix 3 log.wps
[2013/06/08 19:06:43 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\comdo fix2.wps
[2013/06/07 20:42:11 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Combo fix log.wps
[2013/06/06 11:55:08 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/05 18:18:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/06/05 18:18:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/05 18:18:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/06/05 18:18:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/06/05 18:18:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/12/28 15:00:20 | 000,003,592 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/12 19:54:54 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3067886581-847020557-550397895-1009-0.dat
[2012/10/11 21:54:45 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/01/13 12:34:27 | 000,011,058 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\af8798e8
[2011/04/09 21:40:52 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\23Cegp.dat
[2010/10/20 23:15:45 | 000,009,194 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\.recently-used.xbel
[2009/03/14 22:28:40 | 000,007,996 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/03/12 21:41:24 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/02/05 23:45:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/07/18 12:20:31 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 00:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/11 12:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2009/02/12 00:15:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/10/24 12:35:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/25 12:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CraftEdge
[2013/06/28 10:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/09/14 20:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2012/10/09 22:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeGuardianV2N
[2009/02/09 00:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2013/06/10 19:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/15 13:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/08/31 14:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/26 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/19 18:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/12 19:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/12/11 12:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVG2013
[2012/04/30 12:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\calibre
[2009/03/13 11:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canon
[2009/08/26 16:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Clone2Go Video Converter Professional
[2013/05/26 14:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Garmin
[2010/10/20 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\inkscape
[2009/02/05 23:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterMute
[2009/02/09 17:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2009/02/06 12:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2010/08/08 20:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2009/02/22 23:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NewSoft
[2009/09/14 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nova Development
[2010/01/11 21:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ooVoo Details
[2009/02/05 23:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2010/10/17 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Serif
[2013/04/13 21:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Smilebox
[2013/06/28 10:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\stickies
[2013/04/13 21:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SwvUpdater(2)
[2009/03/14 22:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2009/09/15 13:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ulead Systems

========== Purity Check ==========

< End of report >